Security First Architecture

Trust is our Operating System.

Sync-o is built on the Atlassian Forge platform, inheriting world-class security, compliance, and isolation by design.

Encryption at Rest & Transit

GDPR Compliant Processing

Zero Training AI

Security Architecture AI Controls Data Privacy Subprocessors Contact

Security Architecture

Defense in depth, leveraging the Atlassian Shared Responsibility Model.

Platform Isolation

Sync-o runs within the Atlassian Forge sandbox. We utilize our own secure AWS infrastructure for specialized processing and storage, ensuring strict isolation and control.

View Forge Security Docs

No Credential Access

We never see your passwords. Sync-o operates via OAuth 2.0 scopes authorized by your administrator. We cannot access data outside the specific projects and spaces you allow.

Enterprise Encryption

In Transit: All data is transmitted via TLS 1.3.
At Rest: Configuration data is encrypted using AES-256. Customer AI keys are protected via AWS KMS.

AI Safety & Controls

You Control the Intelligence

We treat Generative AI as a "stateless" processor. Your intellectual property is never used to train our models.

Zero Training Policy

Data sent to LLMs is for processing only and is not retained for model training.

Confidence Thresholds

Set the bar for automation. Require human approval for any change below 90% confidence.

Bring Your Own Model

Enterprise users can connect their own private Google Gemini, OpenAI, or Anthropic accounts.

Data Handling

Sync-o is designed to minimize the data we store. We persist configuration required to operate the app, and we log limited operational metadata needed for reliability and support.

Data Retention

Customer Content (Docs) Transient Only

Configuration Deleted within 30 days of uninstall

System Logs 90 Days

For full details, please review our Privacy Policy.

Subprocessors

We rely on vetted third parties to deliver the service. Locations are selected to maximize GDPR compliance.

Entity	Purpose	Location
Atlassian	App Platform (Forge)	Global
AWS	Infrastructure & DB	Ireland (eu-west-1)
Google Cloud	Vector Search	Belgium (europe-west1)
AI Provider (LLM)	Inference (BYOM)	Varies (per config)

Vulnerability Disclosure

Security researchers play a vital role in keeping our customers safe. If you believe you've found a vulnerability, please let us know immediately.

security@sync-o.io Privacy Inquiries: privacy@sync-o.io