This documentation is designed to prepare vendors for storing user personal data for integrations. APIs must ensure that they comply with the GDPR when handling the personal data for users. This includes providing access, modification and erasure of personal data.
GDPR is a European Union law enacted on 25 May 2018 that requires companies to protect the data and privacy of all European residents. The seven key principles are:
Atlassian is committed to compliance with the General Data Protection Regulation (GDPR).The regulation contains the most significant changes to European data privacy legislation in the last 20 years. It is designed to give EU citizens more control over their data and seeks to unify a number of existing privacy and security laws under one comprehensive law.
Because Atlassian provides access to a user's personal data, when a user makes a request to Atlassian to be forgotten, it is Atlassian's responsibility to pass that request along to third-party applications storing the data so that the applications can also respect the user's request.
Personal data (PD) is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data, such as these fields: email, avatar, username, full name, and bio.
If your API stores any personal data, you'll need to read through this page to understand the requirements we've set out for you to be in compliance with our policies and practices regarding GDPR and users' right to be forgotten.
GDPR itself contains several features each system must support:
To comply with the GDPR requirements APIs need to integrate with ConsentHub API.
Rate this page: