Security Policy

Security Policy

Effective Date: May 6, 2025

At APPsolute Best LLC, we take security seriously. Whether you are using one of our Atlassian Marketplace apps or engaging with us through consulting services, we apply strict standards to protect your data and ensure safe, reliable solutions.

Our Security Principles

  • Data Minimization: We only collect and retain data that is required for functionality or service delivery.
  • Privacy by Design: Our apps and solutions are designed with data protection in mind from the ground up.
  • Secure Development: We follow secure coding practices and perform internal reviews prior to release.
  • Continuous Monitoring: We actively monitor for security advisories and patch vulnerable dependencies as needed.

Marketplace Apps (Forge)

Our Atlassian Marketplace apps, such as APPsolute Archiver, are built on Atlassian’s Forge platform and follow the platform’s security model:

  • Apps run in a sandboxed, isolated environment managed by Atlassian.
  • We do not store or transmit End-User Data outside of Atlassian products.
  • Apps request only the minimal set of permissions necessary for operation.
  • No external services or third-party APIs are used unless explicitly stated.

Consulting Services

When delivering consulting services, we follow secure handling practices:

  • Access is limited to systems/data required for the scope of work.
  • Temporary credentials are handled securely and revoked after use.
  • All communications are conducted over secure, encrypted channels.
  • We are happy to sign mutual NDAs as requested.

Incident Response

In the event of a security incident, we will:

  • Respond within 72 hours of initial notice
  • Communicate the scope, impact, and remediation plan
  • Deploy a fix if needed and confirm resolution

Contact

If you have a security concern or would like to report a vulnerability:

Email: [email protected]

Compliance & Data Residency

  • We do not act as a data controller or processor under GDPR or CCPA for our apps.
  • Our apps do not store End-User Data and do not require residency guarantees.
  • For custom consulting solutions, we follow your organization’s compliance and security guidelines.