What Data Do We Have Access To?
When you install Confluence Cloud app, the app can request certain 'scopes' of access. For the Confluence Plugin For Zoom Recordings app, we require READ and WRITE scopes. This means the app is granted access to all Confluence REST APIs marked with these permissions on this page: confluence rest scopes. The WRITE scope is needed to attach password protected videos to a Confluence page.
When a cloud app is installed, we store a public and secret key in our database. We store this so that our app can make authenticated requests to your Confluence instance as well as receive authenticated requests from your Confluence instance. This is pretty standard for any Atlassian connect app for Confluence Cloud.
What Data Do We Store In Our Database?
We store no identifying information about your data in our database. Things we do store:
- The client key of your Confluence Instance,
- A public key and a shared secret for authenticating requests.
- Your Zoom User-Id and AES256-GCM encrypted access and refresh tokens, if you connect your Zoom account
- Confluence page ids while a Zoom recording is uploaded (deleted after)
- Audit log entries
We store no Confluence data related information in our audit log UI.
Downloaded Zoom recordings become standard video attachments to the page they are used in. At this point, we consider the video handed over to Atlassian. Since it is not stored by us, it will not be deleted from Confluence automatically if you disconnect your Zoom account from our app or uninstall our app from your Confluence instance. If you would like to delete these attachments, they can be deleted or even bulk delete by using Confluence functionality.
We also collect Google analytics to better help us understand how our users use the front-end, so that we can build better features. We do not include identifying information however in these analytics.
We treat customer privacy and security seriously. We believe in full transparency around these issues. As far as we are concerned, your data is yours and we do not share your data with any third parties (unless we are legally obligated to do so - however this case has not arisen yet).
More general information about how we treat your personal data can be found in the general Data Protection Statement.