Privacy Policy

Effective date: 28 February 2026 · Last updated: 28 February 2026

1. Overview

ConfluOps™ (“the App”, “we”, “us”) is an Atlassian Forge application that embeds AWS CloudWatch alarm statuses as interactive widgets in Confluence pages. This policy explains what data the App collects, how it is used, and how it is protected.

The App is built on the Atlassian Forge platform, which means your Confluence data and App data are processed within Atlassian’s infrastructure and are also subject to Atlassian’s Privacy Policy.

2. Data We Collect

2.1 Data you provide

When configuring an AWS account in the admin panel:

AWS IAM Role ARN — the Amazon Resource Name of the IAM role the App assumes to access CloudWatch. Stored in Forge KVS.
AWS External ID — a UUID generated by the App per account configuration, used as a security token for IAM role assumption. Stored in Forge KVS Secrets (encrypted at rest). This value is never exposed outside the backend resolver.
AWS Region — the region selected for CloudWatch queries. Stored in Forge Entity Store.
Account display name — a human-readable label you assign to each AWS account. Stored in Forge Entity Store.
Macro configuration — the alarm name and display options configured per Confluence macro. Stored in Confluence macro parameters by Atlassian.

2.2 Data we access but do not store

CloudWatch alarm state — the current status of a named CloudWatch alarm. Fetched at render time and not persisted by the App.
Confluence context — site ID and page context provided by the Forge runtime to scope stored data per Atlassian site. Used internally for multi-tenant data isolation and not stored separately by the App.

2.3 Data we do not collect

We do not collect names, email addresses, or personal information about Confluence users.
We do not collect usage analytics, telemetry, or behavioral data.
We do not use cookies or tracking technologies.
We do not collect any data from end-users who view widgets — only from Confluence administrators who configure the App.

3. How We Use Your Data

Data	Purpose
IAM Role ARN	To call AWS STS `AssumeRole` and obtain temporary credentials for CloudWatch API access
External ID	To validate IAM role assumption requests (AWS security best practice)
AWS Region & account name	To identify and display configured accounts in the admin UI
Macro configuration	To render the correct CloudWatch alarm badge on a Confluence page

We do not use your data for advertising, profiling, or any purpose beyond operating the App’s stated functionality.

4. Data Storage and Security

All App data is stored exclusively within the Atlassian Forge platform using:

Forge KVS Secrets — for External IDs and IAM User credentials (encrypted at rest by Atlassian)
Forge KVS — for account metadata (display names, regions, Role ARNs)

We do not operate our own servers or databases. We do not transfer your data outside of the Atlassian and AWS infrastructure involved in serving your Confluence instance.

AWS credentials obtained via STS:AssumeRole are temporary (valid for up to 1 hour) and are never stored — they are used for a single CloudWatch API call and then discarded.

5. Data Sharing and Third Parties

Party	What is shared	Why
Amazon Web Services (AWS)	IAM Role ARN, External ID (via STS), CloudWatch query parameters	To authenticate and retrieve CloudWatch alarm data on your behalf
Atlassian	All data described above	Data is stored and processed on Atlassian’s Forge platform; Atlassian’s terms and privacy policy apply

We do not sell, rent, or share your data with any other third parties.

6. Data Retention

Account configuration data (Role ARN, External ID, account name, and region) is retained in Forge storage until you delete the account via the App’s admin panel.
CloudWatch alarm data is never stored — it is fetched on demand and not retained after the page render completes.
Uninstalling the App from your Atlassian site triggers removal of all associated Forge storage data per Atlassian’s Forge platform policies.

7. Your Rights (GDPR / Data Subject Rights)

If you are located in the European Economic Area, United Kingdom, or another jurisdiction with applicable data protection law, you may have the right to access, correct, or delete personal data we hold about you.

Because ConfluOps does not collect personal data about individual end-users (only AWS infrastructure configuration provided by administrators), most of these rights apply to the Confluence administrator who configured the App.

To request deletion or export of your configuration data:

Delete accounts via the App’s admin panel within Confluence — this immediately removes all associated secrets and metadata from Forge storage.
Or contact us at the address below.

8. Children’s Privacy

The App is a business tool not directed at children. We do not knowingly collect any data from individuals under the age of 16.

9. Changes to This Policy

We may update this policy from time to time. We will update the “Last updated” date at the top of this document. For material changes, we will notify users via the Atlassian Marketplace listing description. Continued use of the App after changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions or data requests, please contact:

Wolvenware

Email: [email protected]

Website: wolvenware.com