Skip to content

Trust Center

Security, compliance, and data protection information for Votazz products.

Compliance & Certifications

Votazz meets industry-standard security and compliance requirements.

🔒

Atlassian Security Review

Every Votazz app is independently reviewed by Atlassian Marketplace staff and passes automated Ecoscanner security scans on every release. We follow Atlassian’s Security Bug Fix Policy for vulnerability remediation.

Learn More →

Legal Documents

Privacy Policy

How we collect, use, and protect your data. Includes GDPR/CCPA rights.

Read Policy →

Terms of Use

Terms governing use of Votazz products and services.

Read Terms →

End User License Agreement

EULA per app is available on the Atlassian Marketplace listing.

View on Marketplace →

Our Products

Data Center Apps

Our Jira and Bitbucket Data Center apps are built on the Atlassian Plugins2 framework. All apps undergo Atlassian technical review and security scanning on every release.

Data handling: DC apps run inside your Atlassian instance. Votazz has no access to your data unless you explicitly request support.

Browse DC Apps →

Cloud Apps (Forge)

Our Cloud apps are built on Atlassian Forge — they run on Atlassian’s secure infrastructure, not on our servers. This means AES-256 encryption, TLS 1.2+, AWS Lambda isolation, and automatic data residency.

Your data stays with Atlassian. No data leaves the Atlassian ecosystem without your explicit permission.

Learn about Forge Security →

Performance & Scale Testing

All Votazz Data Center apps are tested using the Atlassian DC App Performance Toolkit.

Test environment: Jira Data Center 11.3.1 · 200 concurrent users · 1,053,396+ issues dataset · 100% success rate

Threaded Comments Performance Test

Threaded Comments for Jira

DCAPT Compliant · 0% overhead on core Jira actions

Download Full Report →
Home Directory Browser Performance Test

Home Directory & DB Browser

DCAPT Compliant · No impact on Jira performance

Download Full Report →
Sub-tasks Manager Performance Test

Sub-tasks Manager for Jira

DCAPT Compliant · All actions <1s at 90th percentile

Download Full Report →
GitLab Connector Performance Test

GitLab Connector for Jira

DCAPT Compliant · 100% success rate

Download Full Report →
Download All Performance Reports (1.4 MB) Download Scale Reports (3.9 MB)

Incident Response & Security Contact

If you discover a security issue or believe your data has been affected, contact us immediately. We acknowledge reports within 48 hours and follow the Atlassian Marketplace Security Bug Fix Policy for remediation timelines.

Breach notification commitment: In case of a confirmed data breach affecting customer data, we will notify affected customers within 72 hours, as required by GDPR.

Contact Security Team

Frequently Asked Questions

Where is my data stored?

For Data Center apps: data stays within your self-hosted Atlassian instance. Votazz never receives or stores your production data.

For Cloud (Forge) apps: data is stored on Atlassian’s infrastructure with automatic data residency based on your Atlassian Cloud settings.

Who are your subprocessors?

Votazz uses minimal third-party services:
Atlassian Marketplace — license management, customer contact
Google Workspace — internal email and support ticketing
AWS (via Atlassian Forge for Cloud apps)
A full subprocessors list is available on request in the DPA.

What is your vulnerability disclosure process?

Report security vulnerabilities by emailing support@votazz.co with “SECURITY” in the subject line. We acknowledge reports within 48 hours and follow the Atlassian Marketplace security bug fix SLAs for remediation.

Have you been independently audited?

Yes. All Votazz Data Center apps pass Atlassian Marketplace technical review and security scanning on every release. We are SOC 2 Type II audited — the full report is available on request for enterprise customers.