Title here
Summary here
Aegis Privacy & Security Statement
Last updated on May 9, 2026
Last Updated: May 9, 2026
Privacy Statement
Overview
Aegis Compliance Suite is a compliance case management, access explainability, and security risk monitoring app for Confluence Cloud. It runs entirely on Atlassian Forge. Forio does not operate any servers or databases for this app.
What Data We Access
Aegis reads data from your Atlassian environment to do its job. The list below reflects what the current version accesses; additional content types may be included in future versions.
Confluence content and metadata
- Page content bodies are scanned to detect sensitive patterns like credentials, PII, and secrets
- Page and space metadata (IDs, titles, space keys) are used for exposure scoring, finding linkage, and scan tracking
- Page and space permission settings are used to calculate exposure scores
- Page properties are read and written to display the per-page exposure score in the content byline
User and group data
- Atlassian account IDs and display names are used in case assignment, audit log recording, and Access Explorer results
- Group names and member lists are used for exposure scoring and access analysis. Member lists are cached for 24 hours when an analyst expands a group in the Access Explorer.
Jira (optional)
- Jira issue summaries and IDs are read when linking an existing issue to a case
- Jira issues are created or updated when a case is linked to Jira
Content scans store a one-way hash of each match for deduplication, along with a reference to the affected page. No actual matched content is stored.
What Data We Store
All app data is stored in Atlassian Forge Storage (Entity Store and KV Store), hosted on Atlassian infrastructure.
The app stores compliance findings, cases, exceptions, audit log events, exposure scores, access analysis cache, notification records, user role assignments, scan configuration and state, and job execution logs.
Passwords, API tokens, OAuth credentials, and full page content are never stored.
Personal Data
The app stores Atlassian account IDs as identifiers in audit log events, case assignments, comment authorship, and notification records. Display names are cached alongside account IDs when group membership is expanded in the Access Explorer.
Email addresses, IP addresses, and passwords are not stored.
To request data deletion, contact support@forio.com. Administrators can also purge historical records from Admin > Retention.
Data Sharing
Aegis makes no outbound network calls outside Atlassian’s infrastructure and shares no data with third-party services.
The optional Jira integration creates or updates issues within your own Jira instance. Nothing leaves your Atlassian environment.
Data Retention
Default retention (configurable in Admin > Retention, minimum 7 days):
| Data type | Default |
|---|---|
| Audit log events | 365 days |
| Exposure snapshots | 180 days |
| Alert records | 180 days |
| Notification records | 90 days |
| Job execution logs | 90 days |
A daily maintenance job purges records past their retention period.
Contact
For privacy questions or data deletion requests:
Security Statement
Platform Architecture
Aegis Compliance Suite runs on Atlassian Forge, Atlassian’s managed serverless platform. Each function invocation runs in an isolated execution environment. No egress domains are declared in the app manifest, so nothing leaves Atlassian’s network as a result of app activity.
Forio is responsible for the application code: resolver logic, data access patterns, authorization checks, and input handling. Atlassian is responsible for infrastructure security, storage encryption, and platform isolation.
Authentication and Authorization
All Confluence and Jira API calls go through Atlassian’s managed OAuth 2.0 infrastructure via the Forge runtime. The app does not handle or store credentials or tokens of any kind.
Access control follows a four-tier role model (Viewer → Analyst → Approver → Admin), enforced server-side on every resolver call. The user who installs the app is auto-assigned Admin; everyone else defaults to Viewer until promoted.
OAuth Scopes
| Scope | Purpose |
|---|---|
read:page:confluence | Read page metadata for exposure scoring and the byline |
read:confluence-content.all | Read page content for content scanning |
read:confluence-content.summary | Read page summaries for search results |
read:space:confluence | Read space metadata for access analysis and scanning |
read:confluence-space.summary | Read space summaries for search results |
read:confluence-user | Resolve account IDs to display names |
read:confluence-groups | Read group names and membership for access analysis |
search:confluence | Run CQL queries to enumerate pages during content scans |
read:confluence-props | Read page properties (stored exposure score) for the byline |
write:confluence-props | Write the per-page exposure score to page properties |
storage:app | Read and write app data in Forge Entity Store and KV Store |
read:jira-work | Read Jira issues when linking to a case (optional integration) |
write:jira-work | Create or update Jira issues when linked (optional integration) |
write:confluence-content is not requested, the app cannot create or modify Confluence page content.
Encryption
Because Aegis runs entirely on Atlassian Forge, all aspects of encryption, in transit and at rest, are managed by Atlassian. Forio does not control or configure the underlying storage or network infrastructure.
Reporting a Security Issue
To report a security vulnerability in Aegis, contact support@forio.com.