How does Atlassian ensure that data remains protected outside of Europe?
Atlassian has put in place a number of measures to ensure that EU, UK and Swiss data remains protected when it is transferred outside of Europe.
In addition to incorporating the SCCs, our DPA also sets out Atlassian’s commitments to confidentiality, security of processing, customer controls, how Atlassian helps to notify of incidents, and how Atlassian helps our customers honor data subject rights. The combination of the Atlassian DPA, SCCs, security commitments and supplemental safeguards continue to offer our customers a robust level of protection.
Please also note that Atlassian:
- encrypts data in transit and at rest (see here for more information);
- offers data residency;
- is building BYOK encryption;
- publishes an annual Transparency Report with information about government requests for users' data as well as government requests to remove content or suspend accounts; and
- provides additional information about our policies and procedures for responding to requests for user data in our Guidelines for Law Enforcement.
For additional information on our security practices and how we’re complying with the GDPR, please visit this page.