AppKeel Logo
Back to Home
Enterprise Compliance & Data Protection

Privacy Policy

Last Updated: 1 June 2026

At AppKeel, we believe that security and privacy should be integrated into software architecture rather than added as an afterthought. As enterprise practitioners who have operated Atlassian platforms at large-scale, highly regulated companies, we design our products with strict **data minimization** and **Zero-Egress architecture**.

"We cannot lose, sell, or leak your data because we do not collect or transmit it. Your data stays where it belongs: inside your secure Atlassian Cloud boundary."

1. 100% Forge-Native Secure Architecture

Unlike legacy Atlassian Connect apps that operate on remote, vendor-controlled databases, all AppKeel applications (including **Planning Poker by AppKeel**, **Space Governance for Jira**, and **Space Governance for Confluence**) are built exclusively on **Atlassian Forge**.

  • No Remote Databases: All app-specific variables, estimates, ownership logs, and classifications are stored natively using Atlassian's custom entities. We do not maintain external storage nodes.
  • Sandboxed Execution: All application code runs inside Atlassian's secure, serverless containers.
  • Zero Egress Locks: All outbound HTTP requests are strictly blocked at the runtime level. There is no telemetry, background synchronization, or analytics pipelines pulling details to third-party servers.

2. GDPR & DPA Compliance Status

Under the General Data Protection Regulation (GDPR), when you use AppKeel applications within your Atlassian Cloud environment, **AppKeel does not act as a Data Processor**.

Because our apps utilize Forge, all processing of your personal and operational data occurs entirely inside Atlassian's systems. Consequently:

  • A separate **Data Processing Addendum (DPA)** with AppKeel is **not required**.
  • All processing activities are fully covered under your organization's existing **Atlassian Master Services Agreement & Atlassian DPA**.
  • Your company's **Data Residency selections** (e.g., keeping data in the European Union or United States) are automatically inherited and enforced at the infrastructure level.

3. Website Analytics & Cookie-Free Policy

Our commitment to user privacy extends directly to our public marketing website (`appkeel-site.vercel.app`).

  • No Tracking Cookies: We use absolutely zero marketing, tracking, or analytics cookies (such as Google Analytics, Facebook Pixels, or Hubspot).
  • Zero Tracking Scripts: We do not log IP addresses, browser fingerprints, or online behavior.
  • Strictly Functional State: The only browser storage used is a local variable to preserve your visual theme preference (daylight/dark mode toggle). Because this is strictly functional and privacy-neutral, **no cookie consent banner is legally required**, keeping your experience clean and secure.

4. Data We Collect Directly

The only personal data we ever receive is details you explicitly choose to share with us:

  • Support Tickets & Enquiries: Raised securely inside our public Jira Service Management (JSM) help center. These tickets (e.g., support requests, product feedback) are stored securely on our corporate Atlassian Service Desk and are used solely to reply to your inquiry.
  • Roadmap Feedback: When you share future features interest, the details write directly to a secure, private JSM queue.

5. Contact & JSM Support Portal

For compliance reviews, security audits, or operational questions, please reach out directly through our Help Desk portal:

Need compliance help?

Submit a general question through our JSM portal

Contact Support