Skip to main content
Skip table of contents

Privacy Policy



This Privacy Policy sets out our commitment to protecting the privacy of your Personal data provided to us by Atlassian Marketplace due to the use of our Services or collected by us through our website  (“Site”) from users of our Services. 

We are an Atlassian Marketplace Partner, and offer products mainly through Atlassian Marketplace, including Cloud apps and downloadable Server and Data Center apps (“Services”). We may also offer some of our Services directly through our Site. 

The Controller of your Personal data is Appliger Sp. z o. o. - a company with a registered seat in Dietla 93/7 Street, 31-031, Kraków, Poland, entered in the register of entrepreneurs kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under number: 0000941392, e-mail: (“we, us, our or AppLiger

When we collect, receive, store, and use your Personal data, we do so in accordance with the rules set down by the European Union General Data Protection Regulation (EU) 2016/679 (the GDPR).

Our appointed EU (Ireland) Representative is:

Company Name: Instant EU GDPR Representative Ltd

Name: Adam Brogden


Tel: + 353 15 549 700

Your Reporting Link:

EU Dublin Address:


Office 2 12A Lower Main Street, Lucan Co. Dublin

K78 X5P8 Ireland

Our appointed UK Representative is:

Company Name: GDPR Local Ltd

Name: Adam Brogden


Tel + 441 772 217 800

Your Reporting Link:

UK Address:

GDPR Local Ltd

1st Floor Front Suite 27-29 North Street, Brighton

England BN1 1EB

Personal data

In order to provide you with our Services we may process the following Personal data (“Personal data”):

  1. Customer information: Your name and surname and company trade name, which may include your name and surname or other Personal data;

  2. Customer technical and billing contacts: e-mail address of the contact person, contact name and surname, contact phone number;   

  3. Atlassian Marketplace Partner information: partner name and surname and Partner trade name, which may include Partner name and surname or other Personal data;

  4. Atlassian Marketplace Partner technical and billing contacts: e-mail address of the contact person, contact name and surname, contact phone number;  

Providing the above-mentioned Personal data is voluntary, but necessary for you to be able to use the Services offered by us. We process your Personal data, in particular, to provide the Services to you in accordance with the AppLiger Terms of Use:   

We obtain all the Personal data referred to above from Atlassian Marketplace, our Services, directly or from you via our Site or support/call sessions.

Other information

We may also collect information other than Personal data including:  

  1. Your IP address and the end device (e.g. computer, tablet, smartphone) you are using;

  2. Details of the Services we have provided to you and/or that you have enquired about, and our response to you

  3. Your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behavior while using our Site;

  4. Information about your access and use of our Site, including through the use of Internet cookies, your communications with our Site, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;

Collection and use of Personal data

We may process Personal data for the following purposes:

  1. Enable you to use the Services you have ordered via Atlassian Marketplace or directly via our Site: in this case, the basis for the processing is Article 6(1)(b) of the GDPR, according to which processing is lawful when it is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract;

  2. Tailoring, analyzing, and improving Services and ensuring the security of their provision – the basis for processing is Article 6(1)(f) GDPR (the legitimate interest of the controller in this case is the desire and need to adjust, analyze, and improve the Services).

  3. To comply with our legal obligations – the basis for processing is Article 6(1)(c) GDPR (legal obligation of the Controller includes internal record-keeping for tax, social security, and administrative purposes as well as verification of payments and compliance with Services AppLiger Terms of Use;

  4. Establishing, pursuing, or defending claims – the basis for processing is Article 6(1)(f) of the GDPR (the legitimate interest of the controller in this case consists in establishing, pursuing, or defending against possible claims, including claims of Service recipients or third parties);

Disclosure of Personal data to third parties

As a rule, your Personal data will not be shared with third parties. However, in connection with the provision of our Services, access to certain data may be granted to entities whose services we use in connection with our business, such as an external accounting office, IT service providers, data storage, web-hosting providers, professional advisors, and payment systems operators. Entities of this type have access only to the information necessary to provide services (i.e. in the case of an accounting office - accounting data). These entities are so-called processors of Personal Data on behalf of and on our instructions. We have concluded appropriate agreements with them, the subject of which is to protect your Personal data, among other things, against unauthorized access.

It is possible that we will be contacted by public authorities or other entities that are entitled to access your Personal data on the basis of legal provisions (e.g. police, prosecutor's office). In this case, we are obliged to provide the requested data. 

Personal data may be transferred outside the European Economic Area to the USA. 

Please note that we use the following third parties (Subprocessors) to process your personal information:

Term of processing Personal data

Below you will find information on how long we can process Personal data: 

  1. Data processed in order to provide Services – for the period necessary to provide the selected Service;

  2. Data processed for accounting or accounting purposes in connection with the provision of Services – for the period required by law;

  3. Data processed for the purpose of establishing, pursuing or defending claims – the period of limitation of possible claims in accordance with the provisions of law;

  4. Adjusting, analyzing, and improving Services and ensuring the security of their provision – for the period until the Service recipient objects to such processing or achievement of the above-mentioned purpose, depending on which of the events occurs first.

Your rights and controlling your Personal Data

In connection with the processing of Personal Data, you have the following rights:

  1. The right to access your Personal data - as part of the exercise of this right, you may request confirmation from us as to whether your Personal data is being processed, and if this is the case, you are entitled to access it and to information about: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed,  recipients in third countries or international organizations; if possible, the planned period of storage of personal data, and if this is not possible, the criteria for determining this period, the right to request the controller to rectify, delete or limit the processing of your personal data and to object to such processing, the right to lodge a complaint with the supervisory authority, if the personal data has not been collected from the data subject – any available information about their source, automated decision-making, including profiling as referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, relevant information about the basis for such decision-making, as well as the significance and envisaged consequences of such processing for the data subject. If personal data is transferred to a third country or an international organization, the data subject has the right to be informed of the appropriate safeguards referred to in Article 46 of the GDPR related to the transfer. You may request that we provide you with a copy of your personal data being processed. For any subsequent copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs.

  2. The right to rectification – you have the right to request that we promptly rectify inaccurate Personal data concerning you. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data, including by providing an additional statement.

  3. The right to erasure (the so-called "right to be forgotten") – you have the right to request that we erase your Personal data without undue delay, and we as the controller are obliged to delete your Personal data without undue delay if one of the following circumstances applies: (a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) you withdraw the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is no other legal basis for the processing; (c) you object to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing or you object to the processing pursuant to Article 21(2); (d) the personal data has been unlawfully processed; (e) the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject; (f) the personal data has been collected in connection with the provision of information society services as referred to in Article 8(1) of the GDPR.

    Remember, however, that the right to be forgotten is not an absolute right and cannot always be exercised. It does not apply (and therefore it will not be possible to delete your data) to the extent that the processing is necessary: (a) to exercise the right to freedom of expression and information; (b) for compliance with a legal obligation requiring processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; (c) for reasons of public interest in the field of public health in accordance with points (h) and (i) of Article 9(2) and Article 9(3); (d) for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1), where it is likely that the right referred to above will prevent or seriously impede the achievement of the purposes of such processing; or (e) to establish, exercise or defend legal claims.

  4. The right to restriction of processing, which you have in the following cases: (a) when you contest the accuracy of the personal data – for a period enabling the controller to verify the accuracy of the data, (b) when the processing is unlawful and the data subject opposes the erasure of the personal data, requesting instead the restriction of their use;  (c) when the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them to establish, exercise or defend legal claims; (d) where the data subject has objected to the processing pursuant to Article 21(1) of the GDPR, until it has been determined whether the legitimate grounds of the controller override those of the data subject.

  5. The right to data portability, 

  6. In the case of data processing on the basis of Article 6(1)(f) of the GDPR (legitimate interest of the data controller) – the right to object to such processing; to lodge an objection, you may contact the Data Protection Officer or directly with us, either electronically or in writing at the addresses specified in section “Introduction” of this Privacy Policy,

  7. In the case of processing pursuant to Article 6(1)(a) and Article 9(2)(a) of the GDPR – the right to withdraw consent at any time without affecting the compliance of the processing that was carried out on the basis of consent before its withdrawal; to withdraw your consent, you can contact us, either electronically or in writing at the addresses specified in section “Introduction” of this Privacy Policy,

  8. The right to lodge a complaint with the supervisory authority – the supervisory authority in Poland is the President of the Office for Personal Data Protection (2 Stawki Street, 00-193 Warsaw).
    If you remain dissatisfied, you have the right to lodge a complaint about the way we process your personal information with the relevant supervisory authority. If you are located in the European Union, the Lead Supervisory Authority is the Polish Data Protection Authority (UODO). If you are located in the United Kingdom, the supervisory authority is the Information Commissioner's Office (ICO).

  9. The right to cancel marketing subscription: If you wish to unsubscribe from our email list or opt out of receiving communications, including marketing materials, please contact us using the information provided below or utilize the opt-out mechanisms included in our communications.

Storage and security

We are dedicated to ensuring the security of the Personal data. To prevent unauthorized access or disclosure, we have implemented appropriate physical, electronic, and managerial measures aimed at protecting and securing personal information. These measures are designed to safeguard personal information from misuse, interference, loss, and unauthorized access, alteration, or disclosure.

Our downloadable applications store all information within the Atlassian Jira server product where they are installed. All data is stored within your IT system (Server or Data Center) that hosts the Atlassian Jira server product. When you download, install, or use the applications, no information stored on the installation IT system is shared with us. The applications do not transmit data from your IT system or from end-users web browsers to us or any third party.

Cloud-based apps can only be installed within the Atlassian Jira Cloud service. In this scenario, the information or data you provide may be stored on our secure servers, although we currently employ a third party to provide this service. By using cloud-based applications, we have access to user information as outlined in this Privacy Policy, which may include data on how and when the applications are used.

Our Cloud-based applications participate in Atlassian's Marketplace Security Bug Bounty Program, which utilizes crowdsourced vulnerability discovery methods through bug bounty. This program is regarded as one of the most effective post-production tools for detecting vulnerabilities in applications and services.

Automated decision-making 

As part of the performance of the Services, we do not make decisions in relation to you based solely on automated data processing.

Cookies and web beacons 

From time to time, we may utilize cookies and web beacons on our Site. We use them in order to facilitate the use of the Site and to adapt it to the needs of users. 

Cookies are small text files placed in your web browser to store your preferences. Cookies themselves do not reveal your email address or other personally identifiable information. However, they may allow third-party services, such as Google, to display our advertisements on your social media and online platforms as part of our retargeting efforts. If you choose to provide personal information on our website, it may be linked to the data stored in these cookies.

You can delete stored cookies or restrict their reading by using the appropriate functions of your web browser - for this purpose, please refer to the instructions on how to control cookies, which are available through the privacy settings menu of the browser you are using. Remember, however, that disabling the use of certain "cookies" may make it difficult or impossible to use the Site. 

Failure to make changes in the settings of the browser used in the field of managing "cookies" will result in the "cookies" being placed automatically on your end device. Failure to make changes in your browser settings resulting in the disabling of the acceptance of "cookies" and the use of the Websites means your consent to the use of "cookies" on the terms described in this Privacy Policy.

Check out

Additionally, we may employ web beacons (also known as Clear GIFs) on our Site. Web beacons are tiny snippets of code embedded in a web page to track visitor behavior and gather information about their interactions with the page. For instance, web beacons can be used to tally the number of visitors to a page or deliver a cookie to a visitor's browser.

We may also utilize Google Analytics to collect and analyze data on our Site. For more information on how Google utilizes data from third-party websites or applications, please refer to  or any other URL designated by Google.

Links to other websites

Our Site may contain links to other websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information that you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.


This Privacy Policy may be modified at our discretion and at any time. Any changes to the Privacy Policy become effective once we notify you of the update by revising the "last updated" date.

For any questions or notices, please get in touch with us at:

For any questions or feature requests contact us via Customer Portal

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.