英語以外で表示されているこれらの規約は、便宜上のみ提供されている翻訳版です。 訳語の間で不明確さや矛盾が生じた場合、英語版が正式なものとされ、優先されます。

アトラシアン データ処理補遺

最終更新日: 2022 年 1 月 5 日

当社では、アトラシアンのお客様が DPA (データ処理補遺) に簡単に署名して提出できるようにしています。DPA は、GDPR の再移転要件を満たすことを支援するものです。DPA にはアトラシアンが事前に署名しています。DPA に関してご質問がある場合は、FAQ をご覧ください。 下記のリンクをクリックして DPA をダウンロードし、署名済みのコピーをメールで にご送付ください。

Frequently Asked Questions

 Legal Notice: These FAQs are for informational purposes only and do not create any contractual commitments.  The responsibilities and liabilities of Atlassian to its customers are governed by Atlassian agreements, and these FAQs are not part of, nor does it modify, any agreement between Atlassian and its customers. 

アトラシアンのクラウド製品でのデータ暗号化には、TLS (Transport Layer Security) が常に使用されますか? Copy link to heading Copied! 表示する

はい。Atlassian Cloud のすべてのシステムは、通信に TLS 1.2+ と PFS のみを使用しています。業界標準に従い、SSL 3 のサポートは廃止しました。

How are the roles defined under the DPA? Copy link to heading Copied! 表示する

Under the DPA, Atlassian predominantly acts as a processor of personal data on behalf of our Customers in connection with the provision of our Cloud Products. However, in certain circumstances, Atlassian acts as a controller of personal data (e.g. for billing processes, to comply with applicable laws, to ensure the security of our Cloud Products etc.). Please refer to Section 2.2 as well as Exhibit A, Annex 1(B), Part B of the DPA for further information. 

Can my organization use its own DPA? Copy link to heading Copied! 表示する

No, Atlassian is unable to work from a Customer’s template DPA or operationalize individual Customer-specific requirements. 

We are continually making updates to the Atlassian DPA to reflect changes to our products and services as well as several legal and regulatory requirements (for example, after Schrems II, or more recently, to comply with updated UK international data transfer regulations). If Atlassian were to contract on bespoke terms then customers would not benefit from those updates. 

My organization signed a previous version of the DPA. Which DPA applies? Copy link to heading Copied! 表示する

The most recently executed version of the DPA will apply.  The latest version of our DPA states that it replaces any existing DPA we may have entered into with you in connection with Atlassian’s provision of the Cloud Products. 

If you have signed an older version of our DPA, but would like to benefit from our recent updates (e.g. EU SCCs, UK Addendum, Swiss-specific modifications, or updated Security Exhibit), we encourage you to download the most recent DPA version as of September 2022.

Does Atlassian use Sub-processors? Copy link to heading Copied! 表示する

Yes, a list of our current sub-processors can be found on our Sub-processors page. Our Customers can subscribe to notifications of new Sub-processors via an RSS Feed. To subscribe, please follow the instructions on our Sub-processors page. Customers may object to the appointment of a new Sub-processor in accordance with the procedure set out in our DPA.

How about the European Data Transfers? Copy link to heading Copied! 表示する

Atlassian DPA incorporates the EU Standard Contractual Clauses ("SCCs") to provide an appropriate safeguard for the transfer plus certain interpretative provisions to make the SCCs work for Switzerland, and incorporates UK Addendum (as applicable) in order to comply with relevant regulations. Under the SCCs, our Customers are the "Data Exporter" and Atlassian is acting as a "Data Importer". 

The DPA incorporates Module 1 (controller to controller transfer terms), Module 2 (controller to processor transfer terms) and Module 3 (processor to processor transfer terms) of the SCCs. Module 1 is included to address transfers of the limited personal data we process as a controller.  

By executing the DPA, your organization and Atlassian agree to abide by the SCCs, to the extent applicable. You do not need to take any additional "steps" to enter into the SCCs with us. 

Most recently (September 2022) we updated our DPA in order to include the UK-specific data transfer mechanism (so called UK Addendum), as well as made a number of updates to the language of the DPA in line with the feedback collected from our customers. The new DPA also includes an updated Security Exhibit with detailed description of our security measures.

For more information on our approach to international data transfers in light of the "Schrems II" ruling, see International Data Transfers | Atlassian | Atlassian

Do you have any additional resources? Copy link to heading Copied! 表示する
  • Trust Center: Our internal privacy processes and procedures are documented transparently, on our Trust Site
  • Data Transfer Impact Assessments: Information to help our Customers conduct data transfer impact assessments in connection with their use of Atlassian's products can be found on our Transfer Impact Assessment page.
  • Government requests: Atlassian publishes and follows Atlassian Guidelines for Law Enforcement Requests in responding to any government requests for data. Atlassian also publishes an annual Transparency Report with information about government requests to access data.