Last updated: June 13, 2022
Dalston Semantics Ltd (“us”, “we”, or “our”) operates the Taxonomies for Confluence add-on at https://tfc.dalstonsemantics.com (the “Service”).
This page informs you of our policies regarding the collection, use, disclosure and safeguarding of data when you use the Service.
Data Collection And Use
We do not collect or store any Personal Data when you use the Service.
Audit capabilities in the Service are implemented by storing the Atlassian accountID of the user along with the details of the user action (such as importing a taxonomy or indexing a Confluence page). To display action history, user details are retrieved from Atlassian, although may be cached in memory by the Service temporarily to improve performance.
Since we do not collect any Personal Data, we do not share it with third parties.
We use metadata such as characteristics and the number of taxonomies that you import to improve the Service.
Automatically Logged Data
The Service collects the IP address, date, time, type, size, page address of the request and time it took to process the request. It also collects the response code and size of the response. We use this data to diagnose issues and improve the Service.
We use Microsoft Azure to deliver the Service with Microsoft responsible for securing physical datacenter, network and hosts. For more information on Microsoft Azure compliance see https://www.microsoft.com/en-us/trust-center/compliance/compliance-overview
We authenticate and authorise all requests so only you can access the taxonomies that you imported.
We use the Atlassian Connect READ and WRITE scopes for the Service to ensure that in the event of a security breach an attacker can not perform administrative operations or delete content in Confluence.
We use storage with industry-standard encryption to secure data at rest and further encrypt Atlassian Connect shared secret using industry-standard encryption algorithms and regularly rotated encryption keys.
We use HTTPS and TLS to secure communication with the Service.
A limited number of accounts have access to the production environment to maintain the service and assist customers. These accounts are protected with multi-factor authentication.
We take backups of your data every 24 hours and retain it for 30 days. We use storage with industry-standard encryption to secure backup data.
Changes To This Security and Privacy Statement
We may update our Security and Privacy Statement from time to time. We will notify you of any changes by posting the new Security and Privacy Statement on this page.
You are advised to review this Security and Privacy Statement periodically for any changes. Changes to this Security and Privacy Statement are effective when they are posted on this page.
If you have any questions about this Security and Privacy Statement, please contact us at email@example.com.