Agilva Solutions

Trust
Centre

Security, privacy, and compliance information for every Agilva app on the Atlassian Marketplace. All apps run on Atlassian Forge — no external servers, no data egress.

Security · Privacy · Compliance · Last updated: June 2026

Platform Commitments

What every Agilva
app guarantees

🏗️

Forge-Only Infrastructure

Every Agilva app runs exclusively on Atlassian Forge. There are no Agilva-controlled servers, no external APIs, and no data egress of any kind. All compute happens inside Atlassian's platform.

🔐

Minimal Permissions

Each app requests only the OAuth scopes strictly necessary for its function. We never request broad read/write permissions when a narrower scope suffices. Scopes are documented per product.

🚫

No User Tracking

Agilva apps do not collect analytics, build user profiles, or track behaviour across sessions or tenants. We do not use third-party analytics SDKs inside any app.

🔒

Encrypted at Rest & in Transit

All data stored via Forge Storage is encrypted at rest (AES-256) and in transit (TLS 1.2+) by Atlassian's platform. Agilva does not manage encryption keys — Atlassian does.

🌍

Data Residency

Forge apps automatically respect Atlassian's data residency controls. Any data stored by Agilva apps via Forge Storage resides within the same region as your Atlassian site.

📋

Atlassian Partner Compliance

Agilva is a certified Atlassian Marketplace partner and meets all requirements of the Marketplace Partner Agreement, including security, privacy policy publication, and vulnerability disclosure.

By Product

Trust & security
per app

QR Hub for Jira
Jira Cloud · Atlassian Forge
No external servers Minimal data storage Forge Storage only

Stores only the dashboard gadget URL via storage:app inside Forge. No issue content, user data, or QR images are persisted anywhere.

QR Hub for Confluence
Confluence Cloud · Atlassian Forge
No external servers Zero data stored Read-only scopes

QR codes are generated entirely in-browser from page URLs. No page content, metadata, or user information is persisted by the app.

Markso Editor
Jira Cloud · Atlassian Forge
No external servers Content stays in Jira Forge renderer

Markdown rendering happens entirely within the Forge sandbox. No issue content is transmitted outside Atlassian's infrastructure at any point.

Link-a-Link
Jira Cloud · Atlassian Forge
No external servers Link data in Jira only Forge Storage

Issue link data is stored exclusively within Atlassian's Forge infrastructure. No link metadata, URLs, or user information is transmitted externally.

Discovery Hub for Jira
Jira Cloud · Atlassian Forge
No external servers Read-only access In-platform search

All issue discovery and search operations run within Atlassian's Forge platform. No query data, results, or user search history is persisted or transmitted externally.

Mathso
Jira Cloud · Atlassian Forge
No external servers Zero data stored Client-side compute

All mathematical computations are performed client-side within the Forge sandbox. No formula inputs, results, or field values are persisted or transmitted outside Atlassian.

🛡️

Powered by Atlassian Forge

All Agilva apps inherit Atlassian's enterprise security certifications by running on Forge — including SOC 2 Type II, ISO 27001, and GDPR compliance. Atlassian's full security programme is documented at atlassian.com/trust/security.