Trust Center
Last updated: March 28, 2026
100% Atlassian Forge — no external servers, no self-hosted infrastructure, no Connect legacy.
Customer data never leaves Atlassian's infrastructure. No analytics, no tracking, no external AI.
Each installation's data is isolated at the Forge platform level — not just by application code.
Every release is verified by comprehensive automated security testing before deployment.
1. Architecture & Data Flow
Every Samurai Labs app is built on Atlassian Forge, Atlassian's first-party serverless platform. This architecture provides security guarantees enforced at the platform level — not just by our code:
| Layer | How It Works |
|---|---|
| Compute | Sandboxed Forge runtime — each invocation is isolated. No access to host OS, other apps, or unrestricted network. |
| Storage | Forge SQL (relational) and Forge KVS (key-value) — both tenant-isolated and encrypted at rest by Atlassian. |
| Network | No outbound HTTP calls to external services. All communication is between the app and Atlassian's own APIs, within Atlassian infrastructure. The only exception is error reporting to Sentry (see Subprocessors). |
| Authentication | Atlassian identity — no separate login system. Admin features require Atlassian admin role, verified at the resolver level. |
| AI (SmartTag only) | Forge LLMs (Atlassian-hosted). No content sent to external AI providers. Inputs truncated to limit scope. |
| Patching | Forge runtime is patched by Atlassian automatically. No servers for us to forget to patch. |
2. Data Handling
- No customer data egress: Customer data (issues, pages, costs, audit logs, labels, settings) is never transmitted outside of Atlassian's infrastructure.
- Tenant isolation: Forge SQL and KVS are partitioned per Atlassian site. Data from one organisation is inaccessible to another — enforced by Atlassian at the platform level.
- Encryption: Data in transit uses HTTPS/TLS. Data at rest is encrypted by Atlassian's managed infrastructure.
- No tracking or analytics: We do not embed any third-party analytics, tracking pixels, or telemetry SDKs in our apps. No Google Analytics, no Mixpanel, no Amplitude.
- Privacy automation: All apps include automated privacy processing to support data subject requests and retention policies.
3. Code Security Controls
| Threat | Control |
|---|---|
| SQL Injection | All database queries use parameterized access to prevent injection attacks. |
| JQL Injection | All search queries sanitise user input before execution. |
| CSV Formula Injection | All data exports are sanitised to prevent spreadsheet formula injection. |
| URL Injection | All Atlassian API calls are constructed safely to prevent URL manipulation. |
| ReDoS | User-supplied values are subject to length limits and safe pattern matching. |
| Input Validation | Configuration values are validated against allowlists before being saved. |
| Resource Exhaustion | Bulk operations use controlled batch sizes to prevent resource exhaustion. |
| Information Leakage | Errors are logged for developer observability without exposing internal details to users. |
4. Authentication & Access Control
- No separate credentials: Users authenticate through their existing Atlassian account. We store no passwords, tokens, or session data.
- Admin-gated features: All configuration, data exports, and destructive actions require Atlassian admin permissions, checked before execution.
- Destructive action confirmation: All delete, reset, and archive operations require an explicit user confirmation dialog. No one-click destructive actions.
5. AI Safety
SmartTag for Jira and SmartTag for Confluence include AI-powered features for automatic classification and tag suggestion. The following controls apply:
- Atlassian-hosted models only: SmartTag uses Forge LLMs, which run within Atlassian infrastructure. No content is sent to external AI providers.
- Input truncation: Inputs are truncated before processing, limiting the data scope and reducing prompt injection surface.
- No training on your data: Forge LLMs do not use customer data for training or fine-tuning. Each inference call is stateless.
- Scoped usage: AI is applied only to content designated for classification (issue text, page content). Financial data, audit logs, and IP addresses are never processed by AI.
6. Per-App Security Notes
| App | Data Handled | Additional Controls |
|---|---|---|
| CostLens (Jira) | License data, user activity, cost allocations | Financial data never exposed to AI. Paginated queries for large datasets. Sync cooldowns to prevent API abuse. |
| GuardRail (Jira) | Audit logs, IP addresses, compliance reports | Admin authentication required for all access. IP address validation. Anomaly data stays within your tenant. |
| SmartTag (Jira) | Issue text, labels, AI suggestions | AI inputs truncated. Forge LLMs only. Labels governance with undo support. |
| SmartTag (Confluence) | Page content, labels, taxonomy | Content truncated before AI processing. Pattern matching hardened against abuse. Knowledge graph operations are bounded. |
| PagePulse (Confluence) | Page metadata, health scores, engagement | Privacy anonymisation on user data. Optimised for performance within platform limits. Batch processing for large spaces. |
| ServiceCost (Compass) | Cost data, budgets, component mappings | Settings validated against allowlists. Privacy anonymisation on financial requests. Data exports sanitised. |
7. Compliance Readiness
All apps run on Atlassian Forge, which holds its own compliance certifications including ISO 27001, SOC 2, and others documented at atlassian.com/trust.
Our apps are designed to support your compliance posture:
- GuardRail: Audit log analysis, anomaly detection, risk scoring, and pre-built compliance frameworks for HIPAA, PCI DSS, SOC 2, and custom frameworks.
- CostLens & ServiceCost: Financial controls and cost allocation transparency supporting FinOps governance programmes.
- SmartTag & PagePulse: Data governance, content lifecycle management, retention policy enforcement, and content classification for information governance requirements.
8. Subprocessors
| Subprocessor | Purpose | Data Sent |
|---|---|---|
| Atlassian | Hosting platform (Forge runtime, storage, identity) | All app data — processed and stored entirely within Atlassian infrastructure. |
| Sentry | Error monitoring and crash reporting | Error messages, stack traces, and app context for debugging. No customer content, no PII, no user-generated data. Error envelopes contain only technical diagnostic information (function names, error types, plugin identifiers). |
We do not use any additional third-party services. No analytics, no CDNs, no external databases, no AI providers beyond Atlassian's own Forge LLMs.
9. Vulnerability Reporting
If you discover a potential security issue in any Samurai Labs app:
- Email: support@banhidy.hu with subject "Security Vulnerability Report"
- Include: app name, vulnerability description, reproduction steps, and impact assessment.
- We acknowledge receipt within 48 hours and provide initial assessment within 5 business days.
- We practise coordinated disclosure — please allow us reasonable time to investigate and release a fix before public disclosure.
10. Atlassian Marketplace Programmes
- Runs on Atlassian: All apps are Forge-native, qualifying for Atlassian's "Runs on Atlassian" trust signal.
- Ecoscanner: Apps are subject to Atlassian's automated cloud app security scanning.
- Security Bug Fix Policy: We adhere to Atlassian's Marketplace security bug fix SLA requirements.
11. FAQ
Where is my data stored?
All data is stored in Forge SQL and Forge KVS, which run on Atlassian's infrastructure. Data residency follows your Atlassian site's configuration. We operate no external databases or storage.
Do your apps make external API calls?
The only external service is Sentry for error monitoring. Error reports contain technical diagnostic data only (stack traces, error types) — never customer content or personally identifiable information. All other communication is between the app and Atlassian's own APIs.
Do AI features send my data to OpenAI or other providers?
No. SmartTag's AI features use Forge LLMs, which are Atlassian-hosted models running within Atlassian infrastructure. No content is sent to OpenAI, Anthropic's external API, Google, or any other external AI provider.
Can other tenants access my data?
No. Forge enforces tenant isolation at the platform level. Each Atlassian site's app data is stored in its own isolated partition, inaccessible to other installations — even of the same app.
Do you hold SOC 2 or ISO 27001 certification?
Samurai Labs does not currently hold independent certifications. However, all apps run on Atlassian Forge, which is covered by Atlassian's SOC 2, ISO 27001, and other certifications documented at atlassian.com/trust.
How do I request data deletion?
Contact support@banhidy.hu. All apps include built-in privacy automation that supports data subject requests. Uninstalling the app removes all Forge-stored data for your site.
12. Contact
For security questions, data processing inquiries, or compliance documentation requests:
- Email: support@banhidy.hu
- Support hours: Mon–Fri, 10:00–18:00 CET
- Security statement: Full security statement
- Privacy policy: Privacy policy
- Terms of service: Terms of service