• Products
  • Documentation
  • Resources

Data managed with BYOK encryption

The BYOK encryption feature is available through an early access program (EAP) to a number of customers with Enterprise plans for Jira Software. For any issues, contact support.

Product data types in scope and not in scope

The following table lists the product data types that are in scope for the EAP, as well as the product data types that won’t be included in the EAP.


✅ In scope for BYOK EAP

❌ Not in scope for BYOK EAP

Jira Software

  • All attachments - with the following caveats:

    • For a few months the attachments with be encrypted by both customer-managed keys and Atlassian keys. After this transition period Jira attachments will be stored at-rest encrypted only with customer-managed keys.

    • Attachments metadata won’t be encrypted with customer managed keys for EAP

  • Comments

  • Jira issues and field content (including system and custom fields)

  • Jira search data

  • In-product notification data

  • Board and sprint data

  • Attachment metadata

  • Project configuration data (including workflows, custom field configuration, and board configuration)

  • Product analytics

  • Permissions and restriction configuration data

  • Connected DevOps data (including commits, branches, pull requests, builds, deployments. feature flags, and remote links)



  • All attachments

  • Comments

  • Confluence page and blog data

  • In-product notification data

  • Page and comment likes

  • Page metadata

  • Source data for notifications in emails

  • Permission and restriction configuration data

  • Product analytics (search data and space keys)

Atlassian Access


  • User account information data

  • Audit log events

All products


  • Atlassian Marketplace and app data

  • Cached content (up to 30 days)

  • Data in transit (up to 30 days)

  • Product, audit, and operational logs

  • Product analytics

  • Team profile information data

  • Third-party product integration data

  • User account information data

  • User analytics

Product data definitions



Asset data

Third-party asset data stored in the asset platform used to synchronize with Jira functionality.

Atlassian Access

Atlassian Access is a subscription that you purchase for your whole company. It enables visibility and security across all Atlassian accounts and products, and gives you one place to manage your users and enforce security. Learn more about Atlassian Access

Atlassian Marketplace and app data

Data from Connect apps that may be stored outside of the Atlassian cloud environment by a third-party app vendor.


Files attached or added to Jira Software, Jira Service Management, Jira Work Management, or Confluence issues, pages, or other content.

Audit logs

Logs generated by admin actions.

Cached content

Content stored in a non-specified region for up to 30 days with the purpose of:

  • Progressive content migration to a nominated location

  • Temporary storage of transactional content, such as emails and notifications, until delivery has been confirmed or abandoned.

  • Temporary storage of query results and rendered charts for dashboards in Atlassian Analytics

Connected DevOps data

Data related to the Jira DevOps experience including:

  • commits

  • branches

  • pull Requests

  • builds

  • deployments

  • feature flags

  • remote links

Customer accounts

User data in your customer accounts for Jira Service Management projects. 

Data in transit

Data being processed or moved across, and not stored, by Atlassian store.

Incident management functionality data

The data used in functionality for the incident management feature powered by Opsgenie.

In-product notification data

Data related to Jira Software, Jira Service Management, Jira Work Management, and Confluence in-product notifications.

Jira Service Management features powered by Opsgenie

All features accessed through the Opsgenie URL. Some of these features are displayed in the Jira Service Management product screen.

Knowledge base category data

Categories for the Jira Service Management knowledge base, including description and configuration displayed in the portal when integrated with Confluence.

Operational logs

Atlassian system logs used for operational maintenance and diagnostic purposes.

Page metadata

The data used to describe a Confluence space for the purpose of search indexing.

Permission and restriction configuration data

Data related to the configuration of product or site access permissions or restrictions.

Product analytics

Events fired by our cloud products for in-product user experience optimization and performance.

Product data at rest

Data added directly by a user, that has persisted for 30 days or longer in our cloud data stores.

Product logs

Logs generated by Jira Software and Confluence product changes related to content and configuration.

SLA configuration data

Service Level Agreement text field names, time metric configuration, calendar configuration, and JQL queries for SLA Goal configurations.

Source data for notifications in emails

Data in an email with notification details. For example, an email that contains issue names and comments.

Team profile information data

Data related to your Atlassian team profile, including:

  • name, description, or header image

  • all team links information and activity

Third-party product integration data

Data from any product integrated with Jira Software, Jira Service Management, Jira Work Management or Confluence. For example, a Github integration.

User account information data

Personal account information including:

  • name

  • email address

  • avatar

User analytics

Events fired by our cloud products to help understand experiences based on how a user interacts with products.

Additional Help