/
AppLiger Apps: Cloud Security Policy

AppLiger Apps: Cloud Security Policy

Effective Date: Dec 4, 2025

Introduction

This document outlines the security practices for all recent versions of AppLiger applications, listed on the Atlassian Marketplace, when used on Atlassian Cloud, including

  • Easy Templates for Jira

  • Easy Progress – Hill Charts for Jira

  • Easy Action Items – Checklist Templates & Automation

All AppLiger cloud apps are built using the Atlassian Forge framework and Runs on Atlassian. This means:

  • The app execution environment is fully hosted and secured by Atlassian.

  • App data is stored inside the customer’s Atlassian tenant, not on AppLiger servers.

  • AppLiger does not host customer environments, nor do we store or access sensitive Atlassian user data such as passwords or payment information.

To understand what data Atlassian stores and processes, refer to Atlassian’s official documentation:

Your Personal Information’s security is important to us, but no method of digital transmission or storage can be 100% secure. We rely on Atlassian’s industry-leading security standards and continuously improve our applications to ensure maximum safety.

Data Storage

All AppLiger cloud apps Runs on Atlassian

This includes:

  • Easy Templates for Jira

    • Forge storage: 5.8.0+

    • Runs on Atlassian: 7.30.0+

  • Easy Progress – Hill Charts for Jira

  • Easy Action Items – Checklist Templates & Automation

Storage Architecture

  • All processing occurs inside Atlassian’s secure Forge runtime.

  • All data is stored directly in the customer’s Atlassian Jira Cloud tenant, using:

    • Forge Storage (encrypted at rest)

    • Entity Properties (scoped to project, issue, or app)

No AppLiger External Storage

AppLiger does not store:

  • Jira issue data

  • Usernames or emails

  • Project or space content

  • Jira Account IDs (outside of Forge)

Our infrastructure (AWS/Cloudflare) is used only for:

  • Serving the marketing website

  • Optional documentation or onboarding content
    Not for storing customer app data

This applies to all recent Cloud app versions available on the Atlassian marketplace.

Data Residency

Because our apps use only Forge storage, data residency automatically follows the customer’s Atlassian site residency:

Backups

App data stored via Forge Storage or Entity Properties is backed up as part of the customer’s Jira Cloud environment.

Backups and disaster recovery are fully managed by Atlassian under their cloud platform guarantees:

AppLiger does not perform separate or external backups of customer data.

Development & Security Practices

AppLiger follows modern software engineering and security practices:

  • Regular peer code reviews

  • Static code analysis and automated testing

  • Security testing aligned with Atlassian Marketplace requirements

  • Least-privilege permissions (Forge Scopes)

  • Secure app signing & deployment via Atlassian Forge

  • Participation in Atlassian Marketplace Security Programs

Relevant links:

Data Access

AppLiger can only access data explicitly granted by the customer via the app installation:

  • Access is always scoped to the selected Jira site

  • All access happens through Atlassian’s secure APIs

  • No direct database access or external data export occurs

  • AppLiger cannot view or access customer Jira content unless the customer intentionally shares it via a support ticket

Data Transmission

All communication between the app and Atlassian Cloud uses HTTPS/TLS 1.2+ encryption.

Forge-hosted code executes within Atlassian-controlled infrastructure and does not send data outside Atlassian’s environment.

Contact

For questions regarding this document or security practices:

AppLiger sp. z o.o.
Dietla 93/7, 31-031 Kraków, Poland

Contact Us