Atlassian states it does not sell personal information but authorizes sharing with service providers, analytics vendors, marketing partners, corporate affiliates, resellers, and in connection with a business sale or merger.
This analysis describes what Atlassian's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy authorizes data sharing with resellers and channel partners who deliver Atlassian products, which may mean your employer's Atlassian reseller receives information about your account depending on the delivery arrangement.
Personal data including account identifiers, usage information, and billing details may be shared with third-party service providers (covering analytics, infrastructure, and marketing functions), resellers, and acquirers in a business transaction. The policy states Atlassian does not sell personal information to third parties.
How other platforms handle this
We may share your information with third-party advertising partners to provide you with targeted advertising. We also work with third-party analytics providers who help us understand how users interact with our Services. These third parties may use cookies, web beacons, and similar tracking technolo...
We process personal data you provide to Oura to enable third party integrations, services, features, and offerings. For example, with your permission, our Services may integrate with third-party services like Google Health Connect and Apple HealthKit, or those of our partners. Oura takes measures to...
We may share your personal data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We may also share your personal data with advertising partners to display relevant advertising to y...
Monitoring
Atlassian has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We share information as discussed below, but we don't sell information about you to third parties. We share information with third party companies that help us operate, provide, improve, integrate, customize, support and market our Services. We may also share your information as we discuss elsewhere in this Privacy Policy, including in connection with a merger, acquisition, or sale of assets.— Excerpt from Atlassian's Atlassian Privacy Policy
(1) REGULATORY LANDSCAPE: CCPA and CPRA distinguish between 'selling' and 'sharing' personal information; the policy's assertion that data is not sold does not preclude CPRA 'sharing' obligations for cross-context behavioral advertising, which may require evaluation. GDPR requires a legal basis and, where applicable, a data transfer mechanism for each third-party sharing arrangement. (2) GOVERNANCE EXPOSURE: Medium. Sharing with resellers and channel partners creates downstream data flow obligations that enterprise customers should map. If a reseller is located outside the EEA, SCCs or equivalent transfer mechanisms may be required. (3) JURISDICTION FLAGS: California users may have rights under CPRA to opt out of sharing for cross-context behavioral advertising even where no 'sale' occurs. EU and UK users retain rights to object to processing and to receive information about specific third parties receiving their data. (4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise contracts should confirm whether resellers in the distribution chain are bound by data protection obligations equivalent to those Atlassian imposes on its direct sub-processors. The DPA should address business transfer scenarios. (5) COMPLIANCE CONSIDERATIONS: Organizations should request Atlassian's current sub-processor and partner list and assess whether any recipients operate in jurisdictions requiring additional safeguards. Marketing data sharing should be reviewed against applicable consent requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy authorizes data sharing with resellers and channel partners who deliver Atlassian products, which may mean your employer's Atlassian reseller receives information about your account depending on the delivery arrangement.
Personal data including account identifiers, usage information, and billing details may be shared with third-party service providers (covering analytics, infrastructure, and marketing functions), resellers, and acquirers in a business transaction. The policy states Atlassian does not sell personal information to third parties.
ConductAtlas has identified this type of provision across 24 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Atlassian.