Trust Centre

Everything you need to know about how Link-a-Link handles your data, secures our infrastructure, and governs your use of the plugin — in one place.

What's in the Trust Centre

Privacy & Data — Our complete Privacy Policy and GDPR Compliance Statement. What we process, what we don't, where it lives, how long it's kept, and how to delete it.

Security — Our responses to Atlassian's Partner Security Questionnaire. Covers infrastructure security, development practices, workstation hardening, vulnerability management, and incident response.

End User Agreement — The legal terms that govern your installation and use of the Link-a-Link plugin.

Key facts at a glance

Version 1.0 · Effective date: 08 April 2026 · Governed by UK GDPR / EU GDPR

About This Policy

Our Privacy Policy and GDPR Compliance Statement in one document.

This Privacy Policy describes how Agilva Solutions ("we", "us", "our") processes information in connection with the Link-a-Link plugin for Confluence Cloud ("the Plugin", "the App"). It also constitutes our GDPR Compliance Statement, demonstrating how Link-a-Link is designed to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR 2016/679).

Link-a-Link is built on the Atlassian Forge platform and distributed through the Atlassian Marketplace. Its core architecture is intentionally privacy-preserving: the Plugin does not collect, store, or transmit any personal data about individual users. This policy explains precisely what data is handled and why.

Data Controller

Who we are and how to contact us regarding data protection matters.

The data controller for any data processed in connection with Link-a-Link is:

Scope & Application

Which features and which users this policy covers.

This policy applies to all users and administrators of the Link-a-Link plugin installed within a Confluence Cloud workspace. It covers both features of the Plugin:

• Confluence Mapping — the feature that allows administrators to upload migration CSV files and enables users to search for old Data Centre page URLs or PageIDs and retrieve the corresponding Confluence Cloud equivalents.
• IntellinQ — the feature that allows administrators to configure document-numbering prefix systems, and enables editors to insert IntellinQ macros on Confluence pages that resolve document numbers into full URLs.

This policy applies in all countries where Confluence Cloud is used with Link-a-Link installed, including all EU/EEA member states and the United Kingdom.

Data We Do Not Collect

Categories of personal data that Link-a-Link never touches.

Link-a-Link is deliberately designed to avoid collecting personal data. The following categories of data are never collected, stored, or transmitted by the Plugin:

Data We Process

A detailed breakdown of every data type the Plugin handles.

Link-a-Link processes a minimal set of non-personal, technical and operational data. The following table sets out each data type, where it is stored, and its purpose.

Forge Platform

Link-a-Link runs entirely on Atlassian's hosted serverless infrastructure.

Link-a-Link is built exclusively on the Atlassian Forge platform. Forge is Atlassian's hosted serverless runtime for Confluence and Jira apps. This has important privacy implications:

• Forge manages all infrastructure. Agilva Solutions does not operate any servers, virtual machines, or databases for the core Plugin functionality. All Forge Storage data (IntellinQ systems, settings, counters, logs) is stored and managed entirely within Atlassian's infrastructure.
• Agilva Solutions has no direct access to Forge Storage data. We cannot query, export, or read individual tenants' Forge Storage data outside of the Plugin's own resolver functions. There is no administrative backdoor or database console.
• Atlassian acts as a Data Processor for data stored in Forge Storage, subject to Atlassian's Privacy Policy and their Data Processing Addendum. Agilva Solutions acts as the Data Controller for determining what data is stored.
• Forge enforces tenant isolation. The Forge platform prevents one tenant's storage data from being accessible by another tenant's app instance at the platform level, in addition to our own application-level isolation.

AWS Infrastructure

The Confluence Mapping feature stores URL index data in AWS S3 within the European Union.

Tenant Isolation

How Link-a-Link guarantees that one workspace's data never touches another's.

Link-a-Link is a multi-tenant application. Every workspace that installs the Plugin receives a completely isolated data environment. Data belonging to one Confluence workspace can never be accessed by, mixed with, or exposed to any other workspace.

This isolation is implemented at three independent layers:

• Application layer — Every Forge Storage key used by the Plugin is namespaced with the workspace's unique tenantId (e.g. searchStats-{tenantId}, smartLinks-{tenantId}). No query or operation can read across tenant boundaries at the application level.
• Platform layer — The Atlassian Forge platform enforces tenant isolation at the runtime level. A Forge app instance running for Tenant A is physically separated from the instance running for Tenant B — they cannot share storage, memory, or context.
• S3 layer — CSV upload keys and index shard files are prefixed with the tenantId in S3, and IAM policies ensure only the Lambda function with the correct context can access them.

Your Right to Delete

Admin-initiated deletion is a core, prominent feature — not a support-ticket process.

Workspace administrators have the ability to permanently delete the entire Confluence Mapping dataset directly from the Plugin's admin settings panel. When an admin initiates a deletion:

1. The admin clicks the "Delete all mapping data" button in the Link-a-Link settings panel.
2. A confirmation prompt is displayed to prevent accidental deletion.
3. Upon confirmation, the Plugin sends a deletion request to the Forge resolver.
4. The resolver deletes all sharded index files from the AWS S3 bucket for that tenant.
5. All associated Forge Storage keys for the mapping dataset are purged.
6. The operation is recorded in the audit log (timestamp and action type only — no user ID).
7. The mapping data cannot be recovered after deletion is confirmed.

IntellinQ system deletion

To delete IntellinQ system configurations, admins use the per-system delete function in the IntellinQ admin tab. Individual systems can be removed at any time, or the entire list can be cleared. Deleted IntellinQ configurations are removed from Forge Storage immediately and permanently.

GDPR Lawful Basis

Lawful basis under UK GDPR Article 6 for each processing activity.

Under UK GDPR Article 6, processing of personal data must have a lawful basis. Because Link-a-Link does not process personal data as defined by GDPR, a formal lawful basis analysis is not strictly required. However, to the extent that any information processed by the Plugin could theoretically be characterised as personal data in any jurisdiction, we rely on the following:

Data Subject Rights

How UK GDPR and EU GDPR rights apply in the context of Link-a-Link.

Under UK GDPR and EU GDPR, individuals have the following rights regarding their personal data. Given that Link-a-Link does not collect personal data, most of these rights are not engaged. We set out how each right applies in the context of this Plugin:

Right of access (Art. 15)

Link-a-Link holds no data attributable to individual users. There is nothing to access. Workspace-level data (URL mappings) can be inspected by admins directly in the Plugin interface.

Right to rectification (Art. 16)

URL mapping data can be corrected by the admin uploading a revised CSV. IntellinQ systems can be edited at any time in the admin panel.

Right to erasure (Art. 17)

Admins can permanently delete all mapping data via the admin settings panel (see "Your Right to Delete"). Individual IntellinQ systems can be deleted at any time. These actions take immediate effect.

Right to restrict processing (Art. 18)

The Plugin can be uninstalled at any time by a Confluence workspace admin, which terminates all processing immediately.

Right to data portability (Art. 20)

URL mapping data can be exported as CSV from the admin panel at any time. IntellinQ system configurations can be exported per-folder or in full.

Right to object (Art. 21)

Not engaged — processing is based on contractual necessity and legitimate interests. No profiling or automated decision-making takes place.

Rights related to automated decisions (Art. 22)

Link-a-Link performs no automated decision-making or profiling with legal or similarly significant effects on individuals.

International Data Transfers

Where your data lives — and what contractual safeguards apply.

The URL mapping index is stored in AWS S3 in the eu-west-1 region (Ireland, European Union). No data is transferred outside the EU/EEA in connection with the Confluence Mapping feature.

Forge Storage data is managed by Atlassian. Atlassian's data residency for Forge apps is governed by Atlassian's own policies. For customers with enterprise data residency requirements, Atlassian offers data residency controls at atlassian.com/trust/data-residency. Agilva Solutions does not make independent decisions about Forge Storage data location.

To the extent any transfers of data occur to third countries (outside the EU/EEA and UK), they are covered by the European Commission's Standard Contractual Clauses (SCCs) under AWS's Data Processing Addendum and Atlassian's Data Processing Addendum respectively.

Data Retention

How long each data type is kept, and when it's deleted.

Contact

How to reach us regarding privacy, security, or licensing matters.

Privacy Policy version 1.0 · End User Agreement version 1.0 · Effective date: 08 April 2026 · Last updated: 08 April 2026 · © 2026 Agilva Solutions. All rights reserved.