Privacy Policy — Confluence Bulk Operations

Effective date: 2026-06-01

App: Confluence Bulk Operations (an Atlassian Forge app for Confluence Cloud)

Publisher: Business Critical Apps, operated by Andrew Abdul-Malek (sole trader)

Contact: info@businesscriticalapps.com

1. Summary

Confluence Bulk Operations ("the app", "we") helps you preview and apply bulk find-and-replace changes across pages in a Confluence space, with an undo/rollback safety net.

The app is built entirely on Atlassian Forge and runs inside Atlassian's hosted infrastructure. It does not send your data to any server, service, or third party outside Atlassian. It does not use analytics, advertising, or tracking. It does not sell or share personal data. It does not collect or store Atlassian API tokens or passwords.

2. What the app accesses

When you use the app, and acting with your own Confluence permissions (Forge asUser authentication), it reads:

Page content — titles and body (storage format) of current (published) pages in the space you are working in, in order to count matches and show you a dry-run preview of exactly what a replace would change.
Space metadata — the space identifier/key, to scope the operation to the correct space and list its pages.

The app only accesses content within the space you operate on, and only what your own Confluence account is already permitted to see.

3. What the app stores, and why

To make every bulk change reversible (the app's core safety feature), the app stores undo snapshots in Forge's hosted key-value storage, scoped to your installation:

For each page you change, a snapshot of its prior title and body content, version number, and the find/replace terms used, recorded immediately before the change is written.
This pre-change content is stored so the app can restore the page if you press Undo.

We store the minimum needed to reverse a change. We do not store a separate copy of unchanged pages, browsing history, or any data unrelated to an applied change.

4. Where data is stored

All stored data lives in Forge app storage, which is hosted and managed by Atlassian within Atlassian's cloud infrastructure. The app has no external database and makes no outbound network calls to non-Atlassian endpoints. Data residency follows Atlassian Forge's data residency capabilities for the regions Forge supports.

5. What the app does NOT do

Does not transmit your data to the developer or any third party.
Does not use third-party analytics, advertising, tracking, or cookies.
Does not collect, store, or transmit Atlassian API tokens, personal access tokens (PATs), or passwords.
Does not sell, rent, or share personal data.
Does not access pages or spaces beyond those you operate on, or beyond your own Confluence permissions.

6. Data retention and deletion

Undo snapshots remain in Forge app storage until: (a) you undo the corresponding change (the snapshot is then removed), or (b) the snapshot is superseded as a page's undo history is trimmed to the retained depth (1 step on the free plan, up to 10 on the paid plan).
When the app is uninstalled from your site, Atlassian deletes the app's Forge storage, removing all retained snapshots.
To request deletion of stored data while the app remains installed, contact us at info@businesscriticalapps.com or simply undo the changes / uninstall the app.

7. Sub-processors and third parties

The only data processor involved is Atlassian, as the platform host (Forge runtime, Forge storage, and the Confluence Cloud APIs). There are no other sub-processors. See Atlassian's own privacy and trust documentation for how Atlassian handles data on its platform.

8. Security

The app runs in Atlassian's Forge sandbox and is eligible for the Runs on Atlassian program (its compute and storage stay within Atlassian's infrastructure).
Authentication to Confluence uses Forge-managed asUser access; the app never sees or stores your credentials or tokens.
Data in transit and at rest is protected by the encryption and controls provided by the Atlassian Forge platform.

9. Personal data and your rights

The app does not intentionally collect personal data. However, Confluence page content that you choose to edit may itself contain personal data, and a pre-change snapshot of that content may be stored temporarily to enable undo (see Sections 3 and 6). Depending on your jurisdiction (e.g. GDPR, UK GDPR, CCPA), you may have rights to access, correct, or delete personal data. Because the app stores data only within your own Atlassian instance and only to enable undo, you can exercise these directly by undoing changes or uninstalling the app, or by contacting info@businesscriticalapps.com.

10. Children

The app is a workplace tool not directed to children and does not knowingly process children's personal data.

11. Changes to this policy

We may update this policy as the app evolves. Material changes will be reflected by updating the effective date above and, where appropriate, noting the change on the Marketplace listing.

12. Contact

Questions or requests: info@businesscriticalapps.com

Governing law: the laws of England and Wales, United Kingdom.