Data subject rights
Atlassian commits to compliance with the requirements of the LGPD. We have amended our privacy program to encompass components of the law, including:
We offer data portability and data management tools including:
- Profile deletion tool: We help customers and end users delete personal information, such as names and email addresses. We help customers respond to user requests to delete personal information, and we also help end users with Atlassian accounts delete their personal information, as well as people without Atlassian accounts delete their personal information.
- Data access requests: Atlassian Organization Admins can facilitate access of their managed users' data from Atlassian support. Unmanaged end users may also request that their personal data be accessed by initiating a data access request from Atlassian support. People who have provided their personal data or had their personal data provided to Atlassian, but do not have Atlassian accounts, may also initiate a request for access.
- Import and export tools: Customers may access, import, and export their Customer Data using Atlassian’s tools.
- To make a data deletion or access request via telephone, or if special accommodations are required, please leave a message at 1 (800) 804-5281 and our privacy support team will promptly be in touch.
Data Transfer Mechanisms
Atlassian supports appropriate international data transfer mechanisms by executing Standard Contractual Clauses through our updated Data Processing Addendum.
Data Security and Compliance
Like the GDPR, the LGPD requires companies to implement technical and organizational security measures to protect personal data.
Protecting our customers' information and their user's privacy is extremely important to us. We are entrusted with some of our customer's most valuable data, which is why we have built security into every layer of the Atlassian Cloud architecture. We provide replication, backup, and disaster recovery planning, encryption in transit and at rest, advanced threat detection, and more. Visit the Atlassian Security Practices page to learn more about our approach to security.
Additionally, we have devoted significant resources towards ensuring our cloud products are built and designed in accordance with widely accepted standards and certifications. These standards mirror many of the security and privacy requirements of the LGPD and GDPR and give our customers a transparent framework by which to measure our software development and data management practices. Currently, we have certified a number of our products for ISO/IEC 27001 and ISO/IEC 27018 standards as well as SOC 2 and SOC 3 certifications. Our data centers, co-location, and managed service providers also undergo a thorough security assessment as a part of the evaluation process and then undergo regular SOC 1, SOC 2, and/or ISO/IEC 27001 audits thereafter.
To learn more about our Risk Management Program, current certifications, and commitments for our Cloud products, please see the Compliance page on our Trust Center.