Diagrams.now — Privacy Policy & Terms of Use
How Diagrams.now handles your data, and the terms governing its use as a Confluence Cloud Forge app.
Last updated: May 2026 · Applies to: Diagrams.now (Forge app for Confluence Cloud) · Votazz Global Privacy Policy & Terms
Privacy Policy
Diagrams.now is a Confluence Cloud macro built on Atlassian Forge. All app code, compute, and customer data run inside Atlassian’s hosted Cloud platform with no external egress. Diagrams.now is “Runs on Atlassian” eligible. The manifest declares no external network permissions, no web triggers, and no remote endpoints.
Permissions (Atlassian scopes declared in the Forge manifest):
| Scope | Purpose |
|---|---|
storage:app | App-level key-value storage (Forge KVS) for diagram persistence |
read:page:confluence | Read Confluence page context the macro is embedded in |
read:attachment:confluence | Load diagram XML and SVG previews stored as page attachments |
read:content-details:confluence | Read page metadata (page id, space id) used to scope storage |
read:user:confluence | Verify whether the current viewer has Confluence admin permission (license gating) |
read:space:confluence | Read the macro’s containing space to scope diagram libraries |
write:attachment:confluence | Save the diagram XML and SVG preview as page attachments (disaster-recovery copy) |
Diagrams.now does not request any read scope on user profile data beyond the admin-permission check above. It never modifies your Jira issues or Confluence pages outside of saving its own diagram artefacts.
What we store (Atlassian-managed Forge KVS + Confluence page attachments):
| Storage | Stores | Retention |
|---|---|---|
Forge KVS — diagram chunks | Diagram XML chunks keyed by pageId + localId (Confluence page identifier + macro instance identifier). Primary persistence for fast load. | While the macro instance exists; deleted with the page |
Forge KVS — macroConfig | Pointer record keyed by localId: attachment id, attachment filename, version number, last update timestamp. No user fields accepted by the schema allowlist. | While installed |
Forge KVS — modal scope tokens | Short-lived security tokens with localId, pageId, issued/consumed timestamps. Used to validate iframe parent-child boundaries when opening the editor in a modal. | Single-use, consumed within minutes |
Confluence attachment — XML | Compressed drawio-compatible mxfile envelope of the diagram. Filename diagramly-*.xml, page-scoped under Confluence’s attachment lifecycle. | Page lifecycle; deleted with the page or via attachment removal |
Confluence attachment — SVG preview | Rendered SVG snapshot of the diagram for inline preview. Filename diagramly-*.svg, page-scoped. | Page lifecycle |
Note on filename prefix: the literal prefix diagramly- on the attachment filenames is an internal artefact of the app’s development codename and is preserved for storage compatibility. It does not represent any other product or any third-party processor.
Diagram content (user-authored): Diagrams may contain text labels, notes, and shape annotations that you type while editing. This content is your responsibility and is stored alongside the diagram XML in the locations above. Diagrams.now does not extract, index, or transmit this content outside the customer tenant; it is rendered locally in your browser and persisted only to the Atlassian-hosted storage listed.
What we do NOT store:
- accountId-keyed records — no Diagrams.now table or KVS key uses an Atlassian account identifier as a key or stored value. All persistent records are scoped by Confluence resource identifiers (page id, space id, macro instance id).
- Email addresses, display names, profile pictures — never read or persisted by the app.
- Telemetry or analytics — no Mixpanel, PostHog, Google Analytics, Segment, Amplitude, or Sentry integration. Zero outbound calls to any third-party service.
- Cross-tenant data — each Atlassian site’s installation is isolated by Forge.
- Payment information — handled by the Atlassian Marketplace.
Real-time collaboration: When two or more users edit the same diagram concurrently, Diagrams.now publishes ephemeral cursor and selection presence updates over the Atlassian-managed real-time channel. These updates carry the originating user’s accountId so the UI can attribute the cursor to a person; the channel is peer-to-peer within your tenant and the presence payload is not persisted to KVS, attachments, or any backend store. When the editor closes, the presence stream ends and no audit record remains.
Permission check: When loading the editor we ask Confluence whether the current viewer has admin permission. The query passes accountId to Confluence’s /rest/api/user endpoint and reads back a boolean (admin yes/no). The accountId value is used in the request only and is not written to KVS, attachments, logs, or any external service.
Where data lives: Atlassian-managed Forge KVS and Confluence Cloud attachments, region-pinned to your Atlassian site’s region — Atlassian’s choice based on your tenancy. Customers in the EEA may be served from EU regions per Atlassian’s tenancy assignment. There is no data egress from Atlassian Cloud to Votazz-operated infrastructure or any third party. See Atlassian’s Forge tenant data isolation documentation for the platform isolation model.
Encryption: All data Diagrams.now writes is encrypted at rest by the Atlassian Forge platform (Forge KVS) and Confluence Cloud (page attachments), and is transmitted exclusively over TLS 1.2 or higher. Diagrams.now itself does not run any independent storage or network transport — encryption is provided end-to-end by Atlassian’s hosted platform.
Compliance & certifications: Because Diagrams.now runs entirely on the Atlassian Forge platform, customer data inherits Atlassian’s compliance posture (SOC 2, ISO 27001, GDPR, and others as published by Atlassian). For Votazz-level certifications, security controls, and breach-notification commitments, see the Votazz Trust Center.
Subprocessors: None outside Atlassian. Diagrams.now does not transmit data to external analytics, monitoring, or any third-party service. All compute and storage stay inside Atlassian Cloud.
Data deletion: When a Confluence page hosting a Diagrams.now macro is deleted, both the diagram attachments and the macro instance’s KVS records are removed by Confluence’s content lifecycle. When you uninstall Diagrams.now, the Atlassian Forge platform automatically places your tenant’s KVS data in soft-delete for 30 days, after which it is permanently purged; Confluence attachments remain on your pages under your workspace’s ownership. While the app is installed, you may email support@votazz.co to request immediate erasure of any specific diagram or all diagrams associated with your account.
GDPR Article 28 status: for the purposes of GDPR Article 28, Votazz acts as a sub-processor of data that already resides in your Confluence Cloud tenant (where Atlassian is the primary processor and you are the controller). For diagram content that you author inside Diagrams.now — shape labels, notes, annotations — Votazz acts as an independent controller of that content insofar as it is stored in Forge KVS and Confluence attachments under our app’s namespace. The Data Processing Agreement in the global policy governs both relationships.
Your rights: The GDPR and CCPA rights described in the global Votazz Privacy Policy apply to data processed by Diagrams.now. Because the app does not store accountId-keyed personal data, the “Right to Erasure” under GDPR Article 17 is satisfied by deleting the Confluence page or the diagram attachment — both actions remove your data through the Confluence lifecycle. After uninstall, the platform 30-day soft-delete behavior described above applies to KVS storage.
Security & Vulnerability Disclosure
Reporting vulnerabilities: If you discover a security issue in Diagrams.now, please email security@votazz.co or submit via the Atlassian Marketplace “Security and privacy support” channel. We acknowledge reports within 1 business day and use CVSS v3.1 to score severity.
Patch SLAs (aligned with Atlassian Marketplace Security Bug Fix Policy):
- Critical (CVSS 9.0+): patch within 7 days
- High (CVSS 7.0–8.9): patch within 30 days
- Medium (CVSS 4.0–6.9): patch within 90 days
- Low (CVSS < 4.0): addressed in the next regular release
Responsible disclosure: We request a 90-day private disclosure window before public publication. Researchers acting in good faith are credited (with consent) in our release notes.
Authentication & access controls: Code is deployed only via the Atlassian Forge Developer Console by authorised Votazz engineers. Multi-factor authentication is enforced on all Votazz developer accounts.
Dependency management: Production dependencies are continuously monitored via the Atlassian Forge Dependency Scanner and npm audit. Diagrams.now ships with zero high- or critical-severity production-dependency vulnerabilities at release.
Logging & monitoring: Application logs are retained by the Atlassian Forge platform for 30 days and reviewed for scope-permission failures and runtime errors. No customer diagram content is included in logs.
Terms of Use
1. Acceptance of Terms
By installing or using Diagrams.now from the Atlassian Marketplace, you agree to be bound by these Terms of Use and the Atlassian Marketplace End User License Agreement. If you do not agree, please uninstall the app and discontinue use.
2. License
Diagrams.now is licensed per user tier as published on its Atlassian Marketplace listing. Use of the app is subject to the Atlassian Marketplace End User License Agreement. Votazz grants you a non-exclusive, non-transferable, revocable license to use Diagrams.now for the duration of an active Marketplace subscription, including the free trial period.
3. Support & Maintenance
Active Diagrams.now subscriptions include email support and ongoing updates delivered automatically via Atlassian Marketplace. Support hours are Monday – Friday, 9am – 5pm AEST/AEDT. Reach support at support@votazz.co.
4. Refunds
All Diagrams.now purchases are subject to the Atlassian Marketplace refund policy. New paid subscriptions include a 30-day money-back guarantee. Refund requests are processed by Atlassian; contact support@votazz.co for assistance.
5. Acceptable Use
You agree not to use Diagrams.now for any unlawful purpose, to violate any third-party rights, to attempt to gain unauthorized access to any systems or networks, or to reverse-engineer, decompile, or otherwise extract the app’s underlying source code beyond what is permitted by applicable law.
6. Limitation of Liability
Diagrams.now is provided “as is” without warranty of any kind. Votazz is not liable for any indirect, incidental, special, consequential, or punitive damages arising from the use of, or inability to use, Diagrams.now — including loss of data, loss of business, or interruption of service. Our total aggregate liability for any claim relating to Diagrams.now shall not exceed the amount paid by you for the app in the 12 months preceding the claim.
7. Termination
You may terminate use of Diagrams.now at any time by uninstalling the app from your Atlassian site. Upon uninstall, your tenant’s KVS data is placed in 30-day soft-delete by the Forge platform, after which it is permanently purged; Confluence attachments saved by the app remain on your pages under your workspace’s ownership. Votazz may suspend or terminate access for violation of these Terms or the Atlassian Marketplace EULA.
8. Contact
For questions about these Terms or the app, contact us at support@votazz.co.
For shared sections — cookies, retention rules, your rights under GDPR & CCPA, jurisdiction, contact, and the Data Processing Agreement (DPA) — see the Votazz Global Privacy Policy & Terms of Use.