Rovo data, privacy, and usage guidelines

Rovo とアトラシアン製品が権限とデータをどのように処理するかを理解することが重要です。

他の生成型 AI 製品と同様に、エクスペリエンスと品質はさまざまで、提供されるナレッジ ソース、ユーザーのアクセス、LLM (大規模言語モデル) の確率的性質など、多くの要素によって異なります。

Connections with third-party apps

Rovo includes features that are designed to integrate with third-party apps. For example, you may connect third-party apps to Rovo using connectors. Before connecting to a third-party app, we recommend reviewing the types of data stored in that app, and confirming that connecting the data aligns with your internal data use policies and practices. See Manage Rovo connectors for more information.

Connecting Rovo with third-party apps may give third parties access to information you choose to use in connection with their apps, and your use of third-party apps and information you share may be governed by their terms and policies, including their privacy policies. For example, if you use an agent purchased by your organization from Atlassian Marketplace, your use of that agent is subject to the third-party’s terms and policies.

詳細については、アトラシアンのプライバシー ポリシーの「サードパーティ サービス」を参照してください。

権限

Rovo synchronises with access controls and permission settings from connected third-party apps and your Atlassian apps. This helps ensure that users only see content they have access to.

Because Rovo relies on these permissions you have set, before connecting a third-party app you should check and remind users to check the permissions set up for that app.

たとえば、Google ドライブを Rovo に接続した場合、Rovo で Google ドライブの結果を表示するには、ユーザーはログインして Atlassian アカウントを Google ドライブに接続する必要があります。承認されると、公開ドキュメントに加え、自分にアクセス権のある非公開ドキュメントを見ることができます。

アトラシアンでは、権限の変更を「リッスン」して、変更があれば Rovo インデックスを更新しています。権限の詳細をご確認ください。

削除されたデータ

For admin managed connectors, we ‘listen’ for content deletion, and update the Rovo index with changes. For example, once the Rovo index is updated, content that’s deleted from a connected third-party app will not appear in Rovo results. For more information on permissions and connectors, see Manage Rovo connectors.

For Smart Link connectors, deleted Smart Links may still show up in Search Results. However, if a user clicks on a link to deleted content or clicks on a link they no longer have access to, the link will appear broken. See Search with Smart Links for more information.

If an organization admin disconnects a third-party app from Rovo, we will delete the content we've indexed from the third-party app within 30 days. However, deletion for GitHub content works differently. Because your GitHub data is integrated through the GitHub for Jira app, data is deleted only if you disconnect GitHub from Rovo and uninstall the Github for Jira app. See how to disconnect GitHub from Rovo for more information.

データの使用

We index the entire workspace of the third-party app you connect (for example, the entire Google Drive or the SharePoint workspace). You can refine the scope of the data indexed with some specific connectors (such as Google Drive and SharePoint) using a blocklist. For more, see Manage blocklist.

To provide Rovo, we store the content for each file found in a third-party app and associated usage data. We also store permissions settings about the file to ensure that we only show content that users have access to. We use this data to serve your Atlassian features, such as Rovo Search, Chat, and agents. We may also use it for troubleshooting and debugging, or to solve support queries you or your team raise with us. For Chat and agents, we retain your inputs and outputs for 30 days for safety and security purposes.

User data obtained via Google Workspace API Sensitive or Restricted scopes is not used to develop, improve, or train generalization AI and/or ML models.

ブラウザ拡張機能

If users have access to install the Rovo browser extension on a device, they can use Rovo Chat and agents on any public webpage (e.g. Wikipedia) or on any webpage that is connected to Rovo via a connector (e.g. if you connect Rovo to SharePoint, and view a Word doc in your browser, you can ask a Rovo Chat to summarize that Word doc).

この拡張機能は、ブラウザで定義へのアクセスを提供する目的で、非公開の Google ドキュメントのコンテンツの読み込みには対応していますが、保存には対応していません。ドキュメントのコンテンツは、定義可能な単語を検出するためにアトラシアンに送信されるだけで、保存されることも、OpenAI などのサードパーティ モデルに送信されることもありません。

この拡張機能の詳細については、「Rovo ブラウザ拡張機能」を参照してください。

データ レジデンシー

Rovo supports data residency. See Data Residency support for more information.

SOC2 と ISO27001

Rovo and AI have completed the external assessment and compliance certifications for SOC 2 and ISO 27001. Moving forward, both Rovo and AI will be included as part of Atlassian’s annual compliance audit.

ISO27001 と SOC 2 に関する詳細は、コンプライアンス リソース センターをご覧ください。

HIPAA

At this time Rovo is not HIPAA compliant and our Business Associate Agreement (BAA) does not cover this feature. See our HIPAA Implementation Guide for more information.

大規模言語モデル (LLM)

Rovo may use a diverse range of open-source, Atlassian-hosted LLMs, including models from the LLama series, Phi series, and Mixtral, alongside third-party hosted LLMs from OpenAI's GPT series of models, Anthropic's Claude series of models, and Google's Gemini series of models, to deliver the best outcomes for customers.

The LLM providers we use do not retain your inputs and outputs, or use them to improve their services.

For more information on models and data use, see our Transparency Center and Trust Center.

使用に関するガイドライン

As always, remember to abide by the Acceptable Use Policy when using Rovo, including when using Rovo Chat and when you create custom agents.

Read more about how we use your data at the Trust Center, and in our responsible technology principles.

For more information on how Atlassian accesses, uses, stores or shares data, see Atlassian’s Privacy Policy.