Data Handling and Security
What is stored
Audit 360 for Confluence stores summarized audit results and run metadata in Forge SQL, scoped to your Confluence site installation.
Stored data includes:
- Space metadata (key, name, type, status).
- Permission grant counts and group membership counts.
- Content risk signals (page title match counts, keyword match counts per space).
- Audit run metadata (status, timestamps, run type).
What is not stored
- Page body content.
- Attachment content.
- Raw Atlassian API payloads.
- User credentials or secrets.
- Personal identifying information beyond user account IDs used for ownership signals.
Data isolation
Forge SQL is per-installation. Each Confluence site installation has its own isolated storage. No data is shared across installations.
Data retention
Completed audit runs are retained for 60 days by default, then purged automatically. Pinned runs are excluded from automated purge.
Forge platform security
Audit 360 for Confluence runs on Atlassian Forge. Atlassian manages hosting, infrastructure security, and the Forge execution environment. See Atlassian Forge security for platform details.