Atlassian Cloud Compliance
Protect your data
Atlassian has made the EU Financial Services Addendum ("EU FSA") available to European financial services customers making a qualified enterprise cloud purchase. By signing an EU FSA, Atlassian is able to ensure compliance with EBA and BaFin outsourcing regulations.
This is good news for BaFin-regulated organizations as Atlassian now ensures that BaFin and EBA requirements regarding outsourcing of cloud services are met.
The EU FSA is a supplementary contract along with the Atlassian Subscription Agreement which provides customers with additional terms and conditions to guarantee compliance with EBA and BaFin guidelines. Atlassian provides the following additional rights:
- Comprehensive audit rights for the customer and their auditors and regulators at the Atlassian level and downstream for AWS.
- Enhanced record keeping and reporting obligations for Atlassian.
- Commitment by Atlassian to cooperate with customer's regulators.
- Continue to provide services after bankruptcy or termination
The EU FSA applies to the following solutions in the Atlassian Cloud product suite:
- Confluence Cloud
- Jira Align Cloud
- Jira Service Management Cloud
- Jira Software Cloud
This further facilitates Atlassian customers in the financial industry to migrate from their on-premise systems to Atlassian Cloud in a compliant manner.
BaFin: Here are the Atlassian Outsourcing Guidelines. The table provided is intended to help financial services institutions under the supervision of BaFin to map how the terms of the Guide to Outsourcing to Cloud Service Providers (BaFin Guide) correspond to Atlassian's customer contract documentation. The guidelines include information on audit rights, instruction rights, data security, termination and chain outsourcing.
EBA: Atlassian's EBA Outsourcing Guidelines contain specific mappings to each requirement and outline on how Atlassian supports clients in complying with regulations. The guidelines include details on audit rights, data system security, location of data processing, chain outsourcing and termination.