Regulatory compliance

Simpleasyty is committed to supporting data protection and compliance best practices. Although our apps do not process personally identifiable information (PII), we design our services with privacy, security, and transparency in mind.

GDPR and data minimization

Simpleasyty operates under the principle of data minimization. Our Forge-based apps do not collect or store any user data unless explicitly required and permitted by the Atlassian environment. By default, no personal data is processed, and all functionality runs within the secure scope of each Atlassian instance.

As our apps do not transmit data externally, Simpleasyty typically acts as a subprocessor of Atlassian, not as an independent data controller or processor.

CCPA and global privacy standards

We recognize the importance of data protection regulations beyond the EU. Although we do not collect personal information, we aim to follow the core principles of the California Consumer Privacy Act (CCPA) and similar international privacy laws.

Users retain full control over any optional data collection (e.g. web analytics), and can disable tracking at any time via browser or application-level controls.

Security and platform compliance

All Simpleasyty apps are developed exclusively using Forge Native and run entirely within Atlassian's infrastructure. This ensures alignment with Atlassian’s compliance certifications, including ISO/IEC 27001, SOC 2, and more.

For further details, see our Security page and Atlassian’s Compliance Center.

Data subject rights

Although Simpleasyty does not store personal data, we support user rights under GDPR and similar frameworks. If your organization has a concern about data access, portability, or deletion, contact us and we will work with Atlassian to support your request.

For compliance-related questions, please reach out to legal@simpleasyty.com.