Close
View this page in your language?
All languages
Choose your language
FedRAMP Customer Terms

Government Cloud FedRAMP Moderate Terms

Download PDF

Effective starting: April 21, 2025

These FedRAMP Moderate Terms (these “Terms”) modify the Atlassian Customer Agreement or a written agreement executed by Atlassian (as applicable, the “Agreement”).  In the event of a conflict between these Terms and any other provisions contained in any Agreement, these Terms will control.

1. Overview

1.1 Atlassian Government Cloud (AGC) Products. These Terms apply to Customer’s use of Cloud Products that are hosted in the Atlassian FedRAMP environment, as described here (“AGC Products”).

1.2 Government Amendment. The Government Amendment applies to United States federal, state, and local government customers (each, a “U.S. Government Entity”).

2. Limited Usage

2.1 Government Use.  AGC Products may only be used by (a) a U.S. Government Entity, or (b) a government contractor using AGC for the fulfillment of a U.S. government contract (federal, state, or local) (a “U.S. Government Contractor”).

2.2 Termination for Prohibited Usage. Any use of AGC Products in breach of this Section 2 (Limited Usage) will be deemed a breach of the Agreement and Atlassian may terminate Customer’s Subscription Term for such AGC Products. Atlassian may also terminate this Agreement upon notice for any breach of this Section 2 (Limited Usage). Customer will not be entitled to any refunds as a result of such termination, and any unpaid amounts for the applicable Subscription Terms and any related service periods will become due and payable immediately upon such termination.

3. Atlassian Obligations

3.1 Maintaining authorization status.  During the Subscription Term for AGC Products, Atlassian will use commercially reasonable efforts to:
(a) Maintain its FedRAMP Moderate authorization at the current or higher authorization level; and
(b) Maintain an information security program designed to provide at least the same level of protection as required by its FedRAMP Moderate authorization.

3.2 Lapse or Revocation.  If Atlassian’s FedRAMP Moderate authorization lapses or is revoked, Atlassian will provide prompt notice to Customer of such lapse or revocation.

4. Customer Obligations

4.1 Compliance with AGC Documentation
(a) Customer must use AGC Products, and only upload Customer Data to AGC Products, in accordance with the Documentation.  “Documentation” means Atlassian’s usage guidelines and standard technical documentation for the applicable AGC Product, available at Atlassian Support, further supplemented by any documents attached to the Order.
(b) If Customer uploads data to AGC Products that is prohibited by the Documentation, then Customer will be solely responsible for sanitization costs incurred by Atlassian and its agents, without application of any limitation of liability or damages caps in the Agreement.

4.2 Customer Indemnification.  If Customer is a U.S. Government Contractor, Customer must (a) defend Atlassian from and against any third-party claim to the extent resulting from (i) violation of Section 4.1, or (ii) any compromise of the security of AGC Products or FedRAMP Moderate authorization resulting from Customer’s usage of AGC Products, and (b) indemnify and hold harmless Atlassian against any damages or costs awarded against Atlassian (including reasonable attorneys’ fees) or agreed in settlement by Customer resulting from the claim. 

Related content

Product-specific terms

Learn more

Advisory Services

Learn more

Data Processing Addendum

Learn more

Data Transfer Impact Assessment

Learn more

Stay informed

Subscribe to receive notifications from us about updates to our legal terms (including our legal policies) and our list of sub-processors.

Sign up for updates