This analysis describes what Atlassian's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
If you use Atlassian products through your employer, your rights requests and privacy concerns should generally be directed to your employer rather than Atlassian directly, since your employer controls the data processing in that context.
Atlassian's policy states it collects identifiers, device information, usage activity, billing data, and content created within its services, and authorizes sharing with third-party service providers, corporate affiliates, resellers, and successors in a business transaction. The policy also states that enterprise account administrators may have the ability to access, monitor, or delete content and data within their organization's account, which affects employees and contractors who use Atlassian products through an employer. You can submit a data subject request to access, correct, delete, or export your personal information through Atlassian's privacy request form at https://www.atlassian.com/legal/privacy-policy#your-rights.
How other platforms handle this
When Okta provides its products and services to its customers (e.g., organizations that use Okta to manage their workforce or Auth0 to manage their customer identity), Okta processes personal data on behalf of those customers as a data processor. In those cases, the customer is the data controller a...
When we provide the Service to our customers, we act as a data processor on behalf of those customers. Our customers are the data controllers, meaning that they determine the purposes and means of the processing of personal data that is submitted into the Service. If you are an end user of a custome...
Docusign may be a 'data controller' or a 'data processor' (or both) depending on the type of personal information and the context in which it is processed. When Docusign determines the purpose and means of processing personal information, we act as a data controller. When Docusign processes personal...
Monitoring
Atlassian has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect and receive information as a data controller for our own purposes and as a data processor on behalf of our customers. When our customers use our products to process data about their end users and employees, we act as a data processor on their behalf. Our customers, as data controllers, determine the purposes and means of processing personal data in their Atlassian products.— Excerpt from Atlassian's Atlassian Privacy Policy
We read the privacy policies and terms of service of 38 AI platforms. Here is what they say about training, retention, arbitration, and liability.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
If you use Atlassian products through your employer, your rights requests and privacy concerns should generally be directed to your employer rather than Atlassian directly, since your employer controls the data processing in that context.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Atlassian.