Search Results

Improve Flow. Be Predictable. Understand how work really moves through your process so you can ask the right questions, drive meaningful improvement, and accurately forecast outcomes in uncertain situations. Try it for free Overview Pricing Roadmap FAQ Product Roadmap Learn about what we’re working on, check out what's planned and under consideration, and give feedback. Don't see what you are looking for? Submit your idea!

Customer Success at 55 Degrees We are committed to a customer-centric approach to ensure our customers get the best out of our products. Read on to discover more about how we make the magic happen! Key Program Benefits of our Customer Success Program Dedicated CSM to help you understand how to best use our products to quickly achieve success Premium Content such as webinars, Q&As, previews, events and more for participating organizations Onboarding Support so you can hit the ground running with personalized training and assistance Access to Experts within 55 Degrees and in our vast network of partners in the Lean/Agile space Regular Check-Ins to capture feedback, provide tailored guidance, and discuss roadmaps And much, much more... Join our program to see what additional benefits you qualify for! Interested in learning more? Book a quick introduction meeting with a Customer Success Manager to learn more about the program. Book a Intro Call Meet Margaux Fiche Manager of Customer Experience. Customer Success Manager Extraordinaire As Manager of Customer Experience at 55 Degrees, Margaux oversees many functions, including customer support, customer success, and partner success. She is committed to our goal of ensuring our customers feel confident in our efforts to support their success. As a CSM, Margaux organizes regular one-on-one sessions with customers to proactively address any questions or concerns and find personalized solutions that meet their unique needs and constraints. She is fluent in French and English and is always willing to go the extra mile to ensure our customers are satisfied and successful.

Thanks for attending! We have a little token of appreciation just for you... just keep scrolling. 😊 Please fill out the form below to access your free ebook. First Name Last Name Email I have read and undersood the 55 Degrees privacy statement and policies I want to subscribe to the 55 Degrees' newsletter Choose a demo, attend, and get a 25% discount! Select a product version Give me the book Click here to download the ebook Click here to get your 10% discount for ActionableAgile Metrics for Predictability. "The definitive guide on Lean-Agile forecasting gives you all the tools to answer your customers' most important questions." Learn more about our products and start your free trial today Actionable Agile flow metrics for Jira, Azure DevOps, or SaaS Epic & Version Forecasting for Jira Lightweight Issue Refinement for Jira Cloud Jira Workflow Analytics for Jira Cloud

Training 55 Degrees offers training around our product line and selected on-demand trainings available via our Community site and other platforms such as LinkedIn Learning. We will be expanding our product training offerings so please reach out if you have product training needs that aren't listed here. Introduction to ActionableAgile This course helps those new to ActionableAgile visualize their team's data, read and configure charts for four key flow metrics, as well as understand how they can be useful in a team setting. Both versions of the course contain demonstration and interactive exercises. On-Demand 55 Degrees Community Site 55 Degrees staff Learn More Agile Metrics for Predictability A on-demand option to learn what metrics are necessary for accurate forecasting, how to visualize those metrics, how to use those analytics to make reliable forecasts and understand risk, and, finally, how to make meaningful interventions for overall process improvement. On Demand 55 Degrees Community Site Daniel Vacanti Learn More Lean Software Development Instructor Julia Wester takes you through key principles from the practitioner's point of view, highlighting techniques to help you jump-start your lean software development journey. Learn to deliver better products without sacrificing for speed. On Demand LinkedIn Learning Julia Wester Learn More Please reach out to discuss your product training needs. Go beyond product training with our Premier Training Partners Daniel Vacanti DSV Inc. Contact Daniel Prateek Singh Singh Agile LLC Contact Prateek

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Privacy Statement Your personal data ​ 55 Degrees AB (“we”) values our relationships with the customers of our training and consulting services, customers of our services, those who visit our website or social media, as well as any suppliers or partners of ours. We process personal data about you as a representative of your company, for example, your work e-mail address. ​ In our privacy policies, at the links below, you will find detailed information regarding how we process your personal data in each specific situation. ​ If your company is a customer to 55 Degrees , we process your personal data to enter into an agreement with your company and administrate our relationship, arrange workshops, improve the service, send marketing, surveys and newsletters we consider to be interesting for you, handle your support matters, and comply with accounting legislation. ​ If you receive our surveys, newsletter or other marketing as a customer/attendee, a subscriber or as a potential customer , we process your personal data to send you such e-mails and to analyse how you use our e-mails to improve and develop them. ​ If you interact with us on social media or in other ways contact us prior to using a service, visit our community or give your consent during your visit to our website , we process your personal data to communicate with you, provide our community and improve the website and our services. ​ ​ If you represent a supplier , we process your personal data to enter into an agreement with your company and administrate our relationship, and, when relevant, comply with accounting legislation. ​ ​ If you or your company have questions, complaints or claims , we process your personal data to handle such questions, complaints, or claims. We take your privacy seriously. We never sell your personal data, and we only let your personal data be handled by our employees in need of such access to conduct their work. ​ Please contact us if you have any questions or want to exercise your rights. ​ When you use any of our services, we are mainly processing your personal data on the instructions of your employer or the company you otherwise represent, i.e., as a processor to our customers. The company you represent will inform you about the processing of such personal data. In other cases, we are responsible (controller) for the processing of your personal data. When it comes to our processing of your personal data, our goal is to be as transparent as possible. If you have any questions or if you wish to exercise any of your rights, we are available at: Full name of legal entity: 55 Degrees AB (organization number 559201-6843) E-mail address: privacy@55degrees.se Mailing address: Lilla Nygatan 7, 211 38 Malmö, Sweden ​ Your rights When we process your personal data, you have several rights, and you can lodge a complaint with a supervisory authority at any time. Which other rights you have depends on our relationship. Your rights are: ​ the right to withdraw your consent, the right to object, the right to access, the right to rectification, the right to erasure, the right to restriction of processing, and the right to data portability. ​

Automated forecasts Always up-to-date Quickly generate up-to-date, automated forecasts on the epics or versions in your Jira projects with Monte Carlo simulations that use your historical data and your tolerance for risk. Minimize the time and effort you spend forecasting! Answer key questions with Portfolio Forecaster How likely is it that it will be finished by the due date? Our Monte Carlo simulations use your historical data to forecast how likely it is that you'll meet your desired due date for each epic or version. How certain are we about this forecast? In Portfolio Forecaster you can control the level of confidence in your forecast. That sets the probability of finishing by the shown forecasted dates. How will our choices impact the forecast? What would happen if we started more epics? Fewer? What if we changed their priority? You can use Portfolio Forecaster for what-if scenarios and have collaborative conversations early and often! Purchasing Options Start your free trial Portfolio Forecaster is exclusively available as an app that embeds directly in your Jira Cloud, Server, or Data Center instance. Every Jira user is automatically licensed! Try Portfolio Forecaster for free for at least 30 days! 55 Degrees is a Platinum Atlassian Marketplace Partner. Portfolio Forecaster for Jira participates in Atlassian's security programs and is Cloud Fortified

Subscribe and stay informed Subscribe to our newsletters to keep up with updates on products, services, and community events from 55 Degrees. ​ Giving of consent Your consent means we will process the personal data you provide above to send you newsletters. It also means that as you interact with our email newsletters, our newsletter platform (Sendinblue) tracks our newsletters to improve them. Sendinblue does this by the use of a technology similar to cookies and based on your personal data, namely the following information: which emails you open, which links you click on, and when and where you started subscribing to our newsletters. ​ Revocation of consent You always have the right to object to our handling of your personal data for marketing purposes and withdraw your consent. The easiest way to do this is by clicking on the cancellation link at the bottom of the newsletter. ​ Our privacy policy for newsletters Here you can find more detailed information about how we process your personal data and the other rights you have. For example, regarding your rights, i.e., the right to lodge a complaint with a supervisory authority, to access what personal data we process about you, to the erasure of the personal data we process, to rectification of any personal data that is inaccurate, to restrict our processing and to data portability. Contact us at privacy@55degrees.se if you have questions or want to exercise any of your rights. consent

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Privacy Policy If you or your company have questions, complaints, or claims If your company has questions, complaints, or claims we at 55 Degrees AB (”55 Degrees ”, “we ”,”our ” and ”us ”) may process your personal data. In this privacy policy, you will find information about how we process your personal data and your rights regarding this data processing. Note that we are always happy to answer any questions you have and always try to avoid any claims or complaints. In case any question, complaint, or claim arises, we do, however, need to process the personal data we gather from you and your company. Our goal is to be as transparent as possible regarding our processing of your personal data – do not hesitate to contact us with any questions you have! To handle any questions, complaints, or claims What processing we perform ​​ Handle any questions, complaints, or claims Defend ourselves against claims and complaints Initiate any claims What personal data we process We will process the personal data that you provide to us or which we collect in order to handle the matter, i.e. Name Information about which organisation you represent Contact details Information concerning your company’s question, complaint, or claim Our legal basis for the processing: Legitimate interest ​ The personal data is processed based on our legitimate interest to handle a question, complaint, and/or claim. By carrying out a balancing of interests assessment concerning our processing of your personal data, we have concluded that our legitimate interest in the processing outweighs your interests or rights, which require the protection of your personal data. Please do not hesitate to contact us if you want more information regarding this. ​ Storage period: We will store your personal data from when the matter was initiated and through the duration of your support matter or for the duration of the potential dispute. Thereafter we store your personal data as long as we have a purpose for processing it. We aim to only keep personal data for up to one year after the matter is handled for service and product improvement. However, we aim to delete sensitive attachments, such as HAR files, within three months of the closure of the support request. ​ After the customer relationship with your company ends, we store agreements and similar documentation where your personal data may be included. We will continue to store it for as long as a claim can be made in case a dispute arises, i.e., in accordance with applicable statutory limitation provisions. In Sweden, the storage period is ten years. ​ Note that the ongoing matter may mean that we cannot delete all your personal data after your request . Here you can find all our privacy policies which describe how we process personal data in other situations, e.g. if you visit our website or otherwise are in contact with us. ​ Your rights Below you will find a detailed description of your rights and how to exercise them. ​ In summary, you have the following rights: the right to lodge a complaint with a supervisory authority, the right to access what personal data we process about you, the right to object to our processing, the right to erasure of the personal data we process, the right to rectification of any personal data that is inaccurate, and the right to restrict our processing. ​ When we refer to “your company” in this privacy policy, we refer to your employer, the organization, or the public body you represent. ​ Below you can read more about: You will be moved to the relevant paragraph by pressing the selected heading. ​ Who is responsible, and how to contact us? Who can gain access to your personal data and why? Where is your personal data processed? What are your rights when we process your personal data? Detailed description ​ Who is responsible, and how to contact us? We at 55 Degrees are generally processing personal data on the instructions of our customers, i.e., as processors. In some situations, we are, however, responsible for the processing of your personal data and acting as controllers. These situations are explained in the charts below. ​ If you have any questions or if you wish to exercise any of your rights, we are available at: Full name of legal entity: 55 Degrees AB (organization number 559201-6843) E-mail address: privacy@55degrees.se Mailing address: Lilla Nygatan 7, 211 38 Malmö, Sweden Who can gain access to your personal data and why? We do not sell your personal data or share it with other parties unless necessary. This means that your personal data will be handled by our employees but only by those needing such access to conduct their work. We will store your personal data, anonymized when possible, within our IT systems to ensure good and secure IT operations. This means that we share your personal data with our IT suppliers . ​ Which other recipients we share your personal data with depends on what the question, complaint, or claim is about. If it concerns our customer relations or financial matters, you can read more about recipients here . ​ The above parties will process these on our behalf and follow our instructions. We need to work with third parties to conduct our business. We are responsible for any sharing of your personal data with such suppliers and to ensure that your personal data is safe when shared with third parties. For more detailed information on our suppliers and the information we store with them, please visit our supplier page located at https://support.55degrees.se/space/SECURE/2014216193 . ​ Where is your personal data processed ? We use EU/EEA vendors that store data in the EU/EEA when possible. However, when we must use suppliers outside the EU/EEA, your personal data will be processed outside the EU/EEA. We transfer your data outside of the EU/EEA to make use of our IT suppliers, which will process your personal data stated in the table above . These suppliers store some or all information in the USA. ​ Whether we transfer your personal data in other cases depends on what the question, complaint, or claim is about. If it concerns our customer relations or a financial matter, you can read more about recipients here . ​ In the above situations, our suppliers and we rely on Standard Contractual Clauses for the transfer of personal data outside of the EU/EEA. The use of Standard Contractual Clauses is an effort to provide a safe transfer of your personal data. You find a more detailed description of the transfer of personal data at https://support.55degrees.se/space/SECURE/2014216193 . ​ If you want to know more about whom we share your personal data with and how your personal data is transferred, please get in touch with us. Our contact information can be found at the beginning of this privacy policy. ​ What are your rights when we process your personal data? Detailed description You have certain rights that you can exercise to affect how we process your personal data. You can read a more detailed description of what those rights are below. ​ If you want to know more about your rights or if you want to exercise any of your rights, please contact us, and we will help you. ​ Right to lodge a complaint with a supervisory authority (Article 77 GDPR) You have the right to lodge a complaint with a supervisory authority. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, the IMY). ​ In detail: Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred. ​ The supervisory authority has an obligation to inform you of the progress and the outcome of the complaint, including the possibility of a judicial remedy. ​ Right to access (Article 15 GDPR) You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us. If we process your personal data, you also have a right to obtain a copy of the personal data processed by us and information about our processing of your personal data. ​ In detail. The information we provide includes the following: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing, the right to lodge a complaint with a supervisory authority, if the personal data are not collected from you, we provide you with available information about the source of the personal data; the existence of automated decision-making, including profiling, referred to in Articles 22.1 and 22.4 GDPR and, in those cases, meaningful information about the logic involved, as well as the significance and the predicted consequences of such processing; and where your personal data are transferred to a third country or to an international organization, you have the right to information regarding the appropriate safeguards, pursuant to Article 46 GDPR, put in place for the transfer. ​ For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means, the information will be provided in a commonly used electronic form unless otherwise requested by you. ​ Your right to obtain a copy referred to above shall not adversely affect the rights and freedoms of others. ​ Right to object (Article 21 GDPR) You have the right to object to our processing of your personal data at any time. ​ In detail: Your right to object applies as follows: You have the right to object, on grounds relating to your particular situation, at any time to the process ing of your personal data, which is based on our legitimate interest, i.e., Article 6.1 f GDPR. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. In the context of the use of information society services, you may exercise your right to object by automated means using technical specifications. Right to erasure (“the right to be forgotten”) (Article 17 GDPR) You have the right to ask us to erase your personal data. In detail. We are obligated to erase your personal data without undue delay if: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, you object to the processing pursuant to Article 21.1 GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 GDPR, the personal data have been unlawfully processed, or the personal data must be erased to comply with a legal obligation in Union or Member State law that applies to us. Where we have made the personal data public and are obliged in accordance with the rights stated above to erase the personal data, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data. ​ We will notify any erasure of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us . Please note that our obligation to erase and inform according to the above shall not apply to the extent processing is necessary: for exercising the right of freedom of expression and information, for compliance with a legal obligation that requires processing by Union or Member State law that applies to us, or for the establishment, exercise, or defense of legal claims. Right to rectification of processing (Article 16 GDPR) You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you. ​ In detail: Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. ​ We will communicate any rectification of personal data to each recipient to whom the personal data have been provided unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us. Right to restriction of processing (Article 18 GDPR) You have the right to obtain from us restrictions on the processing of your personal data. ​ In detail: Your right applies if: the accuracy of the personal data is contested by you during a period enabling us to verify the accuracy of the personal data, you have objected to processing pursuant to Article 21.1 GDPR pending the verification of whether our legitimate grounds override yours, the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use, or you need the personal data for the establishment, exercise, or defense of legal claims even though we no longer need the personal data for the purposes of the processing. ​ Where the processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. ​ We will notify you before the restriction of the processing is lifted. We will also communicate any restriction of processing of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us responsible description access where rights rights-complaint rights-access rights-object rights-erasure rights-rectify rights-restrict This privacy policy was adopted on February 3, 2023.

Improve Flow. Be Predictable. Understand how work really moves through your process so you can ask the right questions, drive meaningful improvement, and accurately forecast outcomes in uncertain situations. Try it for free Overview Pricing Roadmap FAQ Cycle Time Scatterplot Set Service Level Expectations (SLEs) By looking at how quickly you finish work in the past, you can understand how long it may to take you to complete future work. SLEs help the team know what they are capable of! Aging Work in Progress Chart Secret weapon to improve predictability. Know exactly how old your current work is and compare it to past data for context. Begin to control aging and maintain or improve your current level of predictability. Monte Carlo Simulations Forecast in uncertainty with probabilities Our Monte Carlo simulations help you get an idea of how likely any forecast is for any set of work. We use the variation in your historical data to run more than 10,000 trials! We have simulations for both fixed dates and fixed scope. Purchasing Options All free trials are 30 days or more! Compare features by version Standalone SaaS Import your data from Jira, Trello using our built-in wizards, or any external app via file upload Start your free trial Embedded in Jira Get the power of ActionableAgile without leaving Jira. Available for Cloud, Server and Data Center Start your free trial Embedded in Azure Analyze flow directly in Azure DevOps Cloud. For single users or whole organizations Start your free trial Don't take our word for it, listen to our customers ActionableAgile helped us improve our ability to anticipate delivery outcomes by using probabilistic forecasting and flow metrics. Our throughput almost doubled, and the team got better at splitting and sizing work into meaningful, valuable chunks. Our cycle times were reduced by almost 50% or more for 85% of our completed work items. Our WIP significantly reduced, so we had teams that were not overwhelmed or overburdened. As a result, we reduced context switching and enabled the teams to experiment with pairing and swarming to get things done. Haroon Khalil , Executive Agility Coach By regularly forecasting with ActionableAgile, we could clearly show when circumstances impacted our delivery timescales; previously, these would have been recognized as affecting our delivery. Monte Carlo simulation's what-if scenario planning function has enabled us to discuss what is happening and if trends are changing with stakeholders and teams. This allowed us to take meaningful action at the soonest possible opportunity and put the decisions with the right people. ​ Julie Starling , Agile Delivery CoP Manager Get all the latest news about ActionableAgile™️ Analytics! Subscribe and receive monthly emails tailored especially for ActionableAgile™️ Analytics users. Get news on recent releases, upcoming events, and more! Manage Subscriptions Got Questions? We've Got Answers! How do I get product support? Reach out to our support team via our support portal at https://support.55degrees.se or via email at support@55degrees.se (which will create a ticket in our support portal). Our support portal is also where you can find our product documentation and much other helpful content! Where can I find your customer agreements for your products? You can always find the link in the footer of any page on our website. Our customer agreement for cloud products is located at https://www.55degrees.se/agreement-cloud-products and the customer agreement for on-premise products is located at https://www.55degrees.se/agreement-onprem-products . Do you have any security compliance certifications like SOC 2 or ISO 27001? Yes! We are ISO 27001 certified and are SOC 2 Type 2 compliant. You can download these items and see other key documents and technical measures via our 3rd-party trust center at https://trust.55degrees.se. You can also visit https://55degrees.se/trust to get a holistic idea of how we approach security at 55 Degrees! Is my data secure? We process your work data in real-time when you tell the app to load data. We do not export any of your work data from where it lives. When we do store data, we store configurations only, and we keep those secure. Please see our DPA (Cloud or OnPrem) and our privacy policy for more details. What is the licensing model? Do we pay per user? If you are purchasing our Jira app via the Atlassian Marketplace, their rules apply. That means that all users in your instance must be licensed. There's no need to worry, however, because you’re not charged the standard per-user price that you see in our other versions. In fact, you can often license all of your Jira users for less cost than a smaller number of users in our other versions. If you purchase a subscription to our SaaS or Azure apps, you will pay per user via a monthly or yearly subscription. You can have multiple users on a subscription. Please see our pricing page for more details. Product Support Reach out to our support team via our support portal at https://support.55degrees.se or via email at support@55degrees.se (which will create a ticket in our support portal). Our support portal is also where you can find our product documentation and much other helpful content! Join the Community You can join the 55 Degrees community at https://community.55degrees.se. Our community is run on the Mighty Networks platform and subject to both their privacy policy and ours. In this community you can get announcements from us, chat with others customers using our products, and even take online courses (both free and premium)! We can't wait to see you there! Security & Compliance We have information about our company's security efforts on our website at https://55degrees.se/trust. Check out our guiding principles, frameworks we're compliant with, security partners, as well as key documents like subprocessor lists. Want to download certificates, audit reports, or see more about our technical operational measures (TOMs)? Please visit our 3rd party trust center hosted by Vanta, at https://trust.55degrees.se. If you would like access to the more sensitive documents marked with a lock icon, you can request access and go through our NDA process, after which the materials will be available for download. If you have other questions about our security or compliance measures, please contact us via our support portal at https://support.55degrees.se. Customer Agreements You can always find the link in the footer of any page on our website. Our customer agreement for cloud products is located at https://www.55degrees.se/agreement-cloud-products and the customer agreement for on-premise products is located at https://www.55degrees.se/agreement-onprem-products . What is the procedure for initiating a trial of 55 Degrees apps and obtaining a partner license code? For a hands-on experience with our apps, submit a support ticket here, specifying which apps you're interested in trialing. We'll guide you through the process and provide you with the necessary license codes. What types of support and training programs are available to partners from 55 Degrees? At 55 Degrees, we offer a range of training and support options to empower our partners. Whether you need in-depth workshops, on-site training sessions, or just a basic introduction to our applications and how they address specific challenges, we have you covered. To arrange for a personalized training experience or for any support-related inquiries, please reach out to our partner manager at brodie@55degrees.se, or feel free to submit a support ticket through our helpdesk system. How can I access detailed information about the security and compliance features of your apps? You can learn about our robust security measures and compliance standards at our Trust Center (https://www.55degrees.se/trust). We provide comprehensive information outlining our security processes, emphasizing our commitment to being a leader in marketplace security. Our dedicated support team is always ready to assist you. Empower yourself with knowledge and make the most of your experience with us!

Trust Center A culture based on security and privacy An important part of living up to our values is our commitment to data privacy and security throughout all aspects of our organization. We don't take a single step without ensuring we've taken all reasonable steps to protect your data and privacy. Protect customer and personal data at all times Comply with applicable privacy regulations Avoid processing or storing unneeded data Compliance Certifications and Standards ISO 27001 Certified SOC 2 Type II Compliant GDPR Compliant Atlassian Security Programs Certified Our Security Partners Resources SECURITY PRACTICES Learn more about our overall product security and operations measures. SECURITY ADVISORIES See how we handle vulnerabilities and read current and past advisories. SUPPLIERS & SUBPROCESSORS See our subprocessors. Learn which data they process and when. PRODUCT-SPECIFIC SECURITY Learn more about how we handle data security in specific products. FREQUENTLY ASKED QUESTIONS Have a question that's not answered here? Check out our FAQ! NEED MORE DETAILS? Our automated trust portal, hosted by Vanta, allows you to see real-time lists of our monitored technical and operational measures and to access selected internal policies. Want to see sensitive files like our SOC 2 Type II report? Click on the item to request access to start the NDA process. Download files at the Trust Center

Legal Archives Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Archives Customer Agreements OnPremise Subscriptions (November 21, 2022) Cloud Subscriptions (July 15, 2022) Sof tware End User License Agr eement (June 30, 2020 - July 15, 2022)

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Download Available Download the entire Customer Agreement for On-Premise Subscription Products Click the icon to download a PDF Order Agreement Effective starting: September 6, 2023 On-Premise Subscription Products This agreement is relevant for all Jira Data Center apps offered by 55 Degrees. Have Jira Server apps or previously purchased Standalone On-Prem licenses? Go to our On-Premise Perpetual Product Customer Agreement . Cloud customers should view our Cloud Product Customer Agreement . This Order Agreement has been entered into between 55 Degrees AB, with Swedish company reg. no. 559201-6843, hereinafter referred to as the ”Supplier ”, and the company stated when starting the subscription, hereinafter referred to as the ”Customer ”. ​ 1. Background and General Terms 1.1. The Supplier and the Customer hereby agree that the Supplier will provide the Product to the Customer. The Agreement applies only to purchases made for the Supplier's On-Premise versions of our products sold for Integration into Jira Data Center or for our own SaaS products. This agreement is not applicable to any previous sale of On-Premise software sold with a perpetual license, including Jira Server licenses ​ 1.2. Words starting with capital letters are defined in this Order Agreement and at the end of the Terms, in the appendix “Definitions”. ​ 1.3. The Agreement consists of this Order Agreement and the following appendices: Appendix 1 – the Terms , and Appendix 2 – the DPA . ​ 1.4. In the event of a conflict between this Order Agreement and the appendices, the terms set out in the Order Agreement shall apply, except for what is stated regarding the processing of personal data, where the DPA shall take precedence. ​ 2. Pricing and Payment ​ 2.1. The Customer shall pay the prices that are stated on the third-party platform or on the Supplier’s website at the time the Customer enters into the Agreement. ​ 2.2. The prices agreed on in this Order Agreement apply at the time when the Order Agreement is concluded. Any prices are stated excluding value-added tax. ​ 3. Term and Termination This Order Agreement becomes effective when the Customer has purchased the right to use the Product at (i) a third-party platform such as Atlassian or (ii) at the Supplier’s website, and this has been confirmed by the Supplier. The Order Agreement remains valid until terminated by either party according to the Terms. APPENDIX 1 The Supplier's General Terms and Conditions On-Premise Subscription Products 1. Background 1.1. These general terms and conditions (the “Terms”) describe the legal terms and conditions that apply when the Customer purchases the Supplier’s Product. ​ 1.2. The Customer is a company or organization and the individual representing the Customer warrants that he or she has authority to enter into an Agreement with the Supplier. ​ 1.3. When starting the Agreement, the Customer confirms that it is not listed on any official terrorist list or is not associated with any country or organization sanctioned by Sweden, the European Union, or the United States. 2. The Product 2.1. The Supplier provides the Product to the Customer in accordance with the Agreement. The Product is provided electronically to the Customer who installs it in their own IT environment. 2.2. If the Customer purchased the Product at a third-party platform such as Atlassian, separate, additional terms may apply to the Customer’s use of such third-party’s platform. The Supplier takes no responsibility for the Customer’s use of such third-party’s platform or any fault, damage, or unavailability of the Product which is due to such third-party platform, regardless of whether such third-party takes responsibility according to its third-party terms. The Terms in this document apply only to the Customer’s use of the Product. ​ 2.3. When the Customer purchases the Product, the Customer agrees to these Terms and is given a right to use and install the Product for the number of End-Users that has been agreed on in the Order Agreement and for the period for which the Agreement applies. The Customer can add more End-Users by placing additional orders. The Customer’s right is non-exclusive, time-limited, and non-transferable and applies to the Customer’s own business, unless otherwise agreed in the Order Agreement. The right applies provided that the Customer fulfills its payment obligations and other obligations under the Agreement. ​ 2.4. The Supplier is always trying to improve the Product and may from time to time make developments, additions, and changes to the Product. ​ 3. The Supplier's Obligations ​ 3.1. The Product shall be considered to have been made available when the Supplier has made it accessible for download and/or installation to the Customer through the internet, e.g. by making it accessible for implementation. For the avoidance of doubt, the Supplier does not provide assistance with the installation. ​ 3.2. The Supplier provides the Product according to the security practices stated on the website of the Supplier. ​ 3.3. The Product is provided “as is”. The Product does not include any integrations to other systems or applications that the Customer may want to use the Product together with if such integrations have not been explicitly agreed on in the Order Agreement. When integrations are included, the Supplier does not take responsibility for the continued functionality of such integrations if a third-party provider changes its service. . ​ 4. Availability and Support ​ 4.1. The Supplier may provide the Customer with online support services related to the Product, via the support portal , at its discretion and for the sole purpose of addressing technical issues relating to the use of the Product. Any support is governed by the Supplier’s policies and programs described in any user manual, online documentation, and/or other materials provided by the Supplier. ​ 4.2. The Product is intended to work together with a specific host application provided by a third party, such as Atlassian. Each version of the Product is intended to work on one or more versions of a specific host application. Support is only provided if (i) the host application provider still publicly supports the host application version used by the Customer, and (ii) the Customer has installed a version of the Product that is compatible with their specific version of the host application. ​ 4.3. Insignificant inconveniences shall not result in the Product being considered unavailable. ​ ​​4.4. The Customer shall contact the Supplier to report any errors or problems regarding the Product as soon as possible. The Supplier shall thereafter work towards launching a new version of the Product which remedies the errors or problems within a reasonable time. The Supplier’s obligation to provide a new version does not apply if the new version would cause inconvenience and costs to the Supplier that are unreasonably large in relation to the significance of the errors or problems for the Customer. ​ 4.5. In the event the Product has an error that the Supplier deems critical for the functionality of the Product, the Customer’s sole and exclusive remedy shall be either a pro-rated refund of the fee for the current subscription period for the Product or a discount towards the cost of future purchases, at the choice of the Supplier. Such remedy shall be in proportion to the effect for the Customer. The maximum remedy for a year shall be 50% of the price the Customer should have paid for the relevant time period. ​ 5. The Customer's Obligations ​ 5.1. Unless otherwise agreed, the Customer is responsible for the following: ​ ​a) to download and install the Product; ​ b) to use a version of the Product that is intended for the host application version that the Customer is using. Information about such compatibility is located at the point of download for each version; c) to only install and use the Product on hardware systems owned, leased, or controlled by the Customer, or by a third party provider which the Customer is responsible for the actions of; d) any act of its employees, consultants or other persons appointed by the Customer to use the Product, in particular, the Customer shall make sure that the Customer’s End-Users do not share account access to individuals without authority to use the Product; e) not using the Product for competitive analysis or similar purposes; f) only use the Product for the number of End-Users or similar limitations that have been set out and agreed when concluding the Order Agreement; g) to maintain any equipment and software required to use the Product, maintain the security of its IT environment and to always use the Product in accordance with the Supplier’s Documentation; ​ h) to provide the Supplier with information about the Customer and its use of the Product reasonably required by the Supplier to be able to provide the Product and make improvements, additions and changes to the Product, the Customer can be required to provide information about connection details and information about authorized users; ​ i) notify the Supplier immediately at the Supplier’s support portal if the Product is unavailable; and j) to use the Product in accordance with all applicable laws, regulations, and guidelines issued by a competent authority.​ ​ ​ 5.2. The Customer shall not use, copy, modify or give access to the Product to a greater extent than has been agreed on or is considered within the intended use of the Product. The Customer shall especially not decompile, disassemble, or in other ways reverse engineer the Product, except as necessary in order to make the Product work with other software used by the Customer. According to Swedish legislation, the Customer is however allowed to make copies of the Product when it is necessary in order to use the Product as intended, without additional compensation and to a reasonable extent. This mainly refers to copies for backup and security purposes. Any copies are subject to terms set out in the Agreement. ​ 5.3. The Supplier is not responsible for changes in the Product that occur because of the Customer’s actions. The Supplier is also not responsible for any failure of the Product to work as intended due to the configuration of the host application and/or the Customer’s IT environment. ​ 5.4. If the Customer does not comply with the terms of the Agreement and does not rectify within ten (10) days of the Supplier notifying the Customer of the non-compliance, the Supplier is entitled to suspend the Product until rectification is made. The Customer shall indemnify the Supplier for any costs or claims by a third party based on the Customer’s use of the Product in violation of the terms of the Agreement. ​ 6. Prices and Payment ​ 6.1. The Customer shall pay the prices that the parties specifically have agreed on in the Order Agreement. ​ 6.2. Unless otherwise explicitly agreed, the Supplier has the right to adjust prices at any time, such adjustments will take effect on the coming Agreement Terms, i.e. when the Agreement is renewed. In addition, the Supplier may at any time adjust prices due to changes in regulations, taxes, fees, or similar circumstances beyond the Supplier’s control. ​ ​ 7. Trial Period and Early Access ​ 7.1. If the Customer registers to use the Product for a free Trial Period these Terms shall apply, in applicable parts, during the Trial Period. Sections that, by their nature, are not applicable during the Trial Period shall be inapplicable during such period, including but not limited to section 4.1, 6, 8, 13.3, 13.4, 13.5, and 13.7. ​ 7.2. When the Supplier offers a Trial Period or Early Access, the Supplier’s obligation is limited to providing the Customer with access to use the Product. Thus, the Supplier has no responsibility for the Product functioning in a certain way or responsibility for providing the Customer with support or remedying any unavailability. However, the Supplier will usually make sure that the Product works as intended. The Supplier is neither liable for any direct or indirect damages due to the Customer’s use of the Product. ​ ​ 7.3. The term of the Agreement for the Customer’s Trial Period is stated when the Customer starts to use the Trial Period. When the term of the Trial Period has expired, the Customer may choose to continue using the Product and then pay for it in accordance with what is stated in the Terms. ​ 7.4. The Customer does not have the right to use more than one free Trial Period unless explicitly allowed by the licensing platform or the Supplier. The Customer shall reimburse the Supplier for any unallowed continued use of the Product during an additional Trial Period. Such reimbursement shall be coherent with the Supplier’s highest prices for using the Product at that point in time. ​ 7.5. The parties may at any time choose to end the Trial Period and the Customer will, in that case, no longer use the Product. The parties may as well at any time choose to end the Early Access and the Customer will, in such case, no longer have access to the Early Access features in the Product. ​ 8. Term and Termination ​ 8.1. The Agreement is provided for the Agreement Term. ​ 8.2. If the parties have not agreed otherwise, the Agreement shall enter into force when the Order Agreement has been concluded (for example when the Customer has signed up to use the Product at the Supplier’s website and this has been confirmed by the Supplier). The Agreement is renewed by the Customer paying a renewal quote at the third party platform for an additional Agreement Term unless otherwise agreed upon. ​ 8.3. Either party can terminate the Agreement at any time. Such termination shall take effect on the coming Agreement Term. The Customer shall make such notification at the point of sale, for example at the third-party platform as Atlassian. ​ 8.4. The Supplier has the right to terminate the Agreement with immediate effect if: ​ a) the Customer has committed a material breach of the Agreement and does not take full correction of such breach within thirty (30) days of the other party giving written notice thereof; or ​ b) the Customer is declared bankrupt, enters into liquidation, cancels its payments, or can otherwise reasonably be assumed to have become insolvent. ​ 8.5. When the Agreement has been terminated, the Customer shall immediately cease to use the Product and, in particular, uninstall the Product from its hardware. Both parties shall return or delete such information that is covered by confidentiality in accordance with section 11, including Documentation. ​ 9. Amendments The Supplier may change the Agreement at any time by giving the Customer a three (3) months prior written notice. The Customer may terminate the Agreement if the Customer has a reasonable explanation for not accepting the new Agreement by giving notice at least one (1) month before the new Agreement will come into force. In such case, the Supplier shall pay back the amounts corresponding to the period the Customer has not been able to use the Product. The Customer may not terminate the Agreement if the grounds for a significant change to the Agreement is due to changes in law, constitution, by authority decision, or changes in other circumstances outside of the Supplier’s control. The Customer has the right to terminate the Agreement with immediate effect if such change entails a significant inconvenience for the Customer. 10. Personal Data ​ 10.1. Within the scope of fulfilling the obligations under the Agreement, the Supplier will process personal data on behalf of the Customer. Within the scope of such processing, the Customer is the controller for personal data and the Supplier is the processor. For this purpose, the parties have entered into a DPA (Appendix 2) . ​ 10.2. The Supplier may gather and in other ways process personal data as a data controller in order to improve the Product. This processing is included in the Supplier’s relevant Privacy Policy . ​ 11. Confidentiality ​ 11.1. Both parties hereby agree not to, without the other party’s prior written approval, publish or otherwise disclose to third parties any information relating to the other party’s business which is or can be reasonably presumed to be confidential, with the exemption for: ​ a) information that is or becomes publicly known, except through a breach of this Agreement by the receiving party; ​ b) information from a third party that is public to the receiving party without obligation of confidentiality; ​ c) information that was known to the receiving party prior to receipt from the disclosing party, without obligation of confidentiality; or ​ d) the disclosure or use of information is required by law, regulations, or any other regulatory body. In the event of such disclosure, the disclosing party shall, if possible, notify the other party before such disclosure takes place. ​ 11.2. Specifically, the Supplier shall keep any Customer Data secret and ensure that employees only have access to the Customer Data if it is necessary to perform the services, e.g. support and maintenance (“need to know basis”). ​ 11.3. Information that a party has stated as confidential shall always be regarded as confidential information. ​ 11.4. Each party is responsible for compliance with this confidentiality undertaking by its respective subcontractors, consultants, and employees. The confidentiality undertaking under this section applies during the term of the Agreement and for a period of three (3) years after the Agreement has expired. The confidentiality undertaking for Customer Data applies for an indefinite period of time. ​ 12. Publicity and Marketing ​ 12.1. Unless the Customer has objected according to section 12.2, the Supplier may publicly state that the Customer is a customer of the Supplier. The Customer grants the Supplier the right to include the Customer’s name, trademark, logo, or similar identifying material in a listing of customers on the Supplier’s website and/or promotional material in relation to the Product. 12.2. The Customer may, via the Supplier’s support portal, ask the Supplier not to include information about the Customer in any publicly available material. Such a request can be made at any time, even before the Supplier has published information according to section 12.1. After a request from the Customer, the Supplier shall stop including information about the Customer in any publicly available material within thirty (30) days and as far as possible delete any already publicized information about the Customer. ​ 13. Intellectual Property Rights ​ 13.1. The Supplier or its licensors hold all rights, including intellectual property rights, to the Product and the Documentation (including, without limitation to, such development or improvements specifically performed on behalf of the Customer) including software and source code. Nothing in the Agreement shall be construed as a transfer of such rights, or any part thereof, to the Customer. To be clear, the Customer is for example not allowed to reverse engineer, decompile, disassemble, alter, duplicate, modify, rent, lease, loan, sublicense, make copies of, create derivative works from, distribute or provide other parties with access to the Product in whole or in part, except as stated in section 5.2. ​ 13.2. The Customer has all rights, including intellectual property rights, to the Customer Data. During the term of the Agreement, the Supplier may use the Customer Data and data related to the Customer’s use of the Product (personal data excluded) in order to provide the Product to the Customer successfully. ​ 13.3. The Supplier shall compensate the Customer for damage suffered by the Customer as a result of claims from third parties regarding infringement of such third party’s intellectual property rights. The limitation of liability as set out in this section 13 and in section 14 shall however apply, except for what is stated in section 14.5. ​ 13.4. The Supplier’s obligation to indemnify the Customer pursuant to section 13 applies only provided that the Customer: a) without undue delay notifies the Supplier in writing of claims made against the Customer; b) allows the Supplier to control the defence and make decisions alone in all related settlement negotiations; and c) acts in accordance with the Supplier's Documentation and cooperates with and assists the Supplier to the extent that the Supplier reasonably requests. ​ 13.5. If it comes to the Supplier’s knowledge or is finally settled that there is an infringement of a third party’s intellectual property rights, the Supplier may choose to either: ​ a) ensure the Customer a continued right to use the Product; b) change the Product so that infringement no longer exists; c) replace the Product, or any part thereof, with any other non-infringing equivalent product; or d) terminate or temporarily cease to provide the Product and, after deducting the Customer’s reasonable benefit, repay the Customer’s fee paid for the Product, without interest. ​ 13.6. The Supplier has the right to freely use the know-how, professional knowledge, experience, and skills that the Supplier acquires through or in connection with providing the Product. ​ 13.7. The Supplier’s obligations under this section 13 are conditional upon the Customer’s use of the Product exclusively in accordance with the terms of the Agreement. ​ 13.8. This section 13 constitutes the Supplier’s total liability towards the Customer for infringement of third parties’ intellectual property rights. ​ 14. Limitation of Liability ​ 14.1. The Supplier’s responsibility for the provision of the Product is limited in accordance with what is stated in these Terms.​ 14.2. The Supplier is - with the limitations set out below - liable to the Customer for damages caused due to the Supplier’s negligence. However, the Supplier is not liable for damages caused by third-party platforms, such as Atlassian, including any fault, disturbance, or unavailability caused by such third-party platform, or any integrations to other systems or applications that the Customer may want to use the Product together with. Neither is the Supplier liable for damages due to modifications or changes to the Product made according to the Customer’s instructions or performed by anyone other than the Supplier (including but not limited to the Customer and Customer’s suppliers). 14.3. The Product is provided on an “as-is” basis without any express or implicit promises or guarantees. 14.4. Notwithstanding the above, the Supplier shall under no circumstance be liable for indirect damages (Sw. indirekt skada), including damages caused by loss of profit, revenue, anticipated savings or goodwill, loss of information or Customer Data, loss due to operational, business, power or network interruptions, loss due to modifications of the Product made in accordance with the Customer’s instructions or performed by anyone other than the Supplier, as well as any claims due to the Customer’s possible liability to third parties; without prejudice to section 13.3. The Supplier is neither liable for any claims deriving from the Customer’s relationship with any third-party platform such as Atlassian where the Product was purchased or integrated with. ​ 14.5. The Supplier’s total and aggregate liability under the Agreement regardless of the number of incidents, is limited to the amount paid by the Customer according to the Agreement during the twelve (12) months prior to the time the damage occurred. 14.6. The Customer shall, in order not to lose its right, submit a claim for compensation in writing no later than ninety (90) days after the Customer noticed, or should have noticed, the actual damage or loss, however in no case later than six (6) months from when the loss arose. 14.7. In case of a claim from a third party, the party responsible for such claim shall indemnify and hold the other party harmless. ​ 15. Force Majeure ​ 15.1. Each party shall be relieved from liability for damages for a failure to perform any obligation under the Agreement to the extent that the due performance is prevented by reason of any circumstance beyond the control of the party. Such as internet limitation or slow connection, power outages, network intrusion, lawsuits, pandemics, labor disputes, loss of communications, mobilization or large-scale military recruits, ordinances, rationing of fuel, goods, or energy, and defects and delays in deliveries from subcontractors caused by any party outside the party’s control provided that the other party is notified immediately. ​ 15.2. The parties have the right to terminate the Agreement immediately if force majeure continues or will obviously continue for more than sixty (60) days. ​ 16. Miscellaneous ​ 16.1. The Supplier is entitled to assign subcontractors to accomplish its obligations under the Agreement. The Supplier is liable for the work of the subcontractors as well as its own. ​ 16.2. The primary means of communication between the parties concerning the Product shall be through the support portal support portal . 16.3. The content of the Agreement and its appendices shall supersede all previous written or oral commitments and undertakings. ​ 16.4. The documents described in the definition of the Agreement shall have mutual priority in the following order: (i) the Order Agreement, (ii) the Terms and (iii) any annexes. Any annexes shall have priority over each other in accordance with the order set out in the Order Agreement. However, the provisions of the DPA shall prevail with regard to processing of personal data and nothing in the Agreement shall be deemed to restrict or modify obligations set out in the DPA. ​ 16.5. The Agreement may not be transferred to a third party without the other party’s prior written consent. However, the parties are allowed to transfer the Agreement to companies within the same corporate group and in a situation of transferring the Supplier’s operation or a part thereof, the Supplier is admissible to transfer the Agreement to a third party. ​ 16.6. The failure of a party to exercise any right under the Agreement or the failure to point out any particular condition attributable to the Agreement shall not constitute a waiver by a party of such right. ​ 16.7. The following sections apply even after the termination of the Agreement: 8 (Term and termination), 11 (Confidentiality), 13 (Intellectual Property Rights), 14 (Limitation of Liability) and 17 (Governing Law and Disputes).​​ ​ 17. Governing Law and Disputes ​ 17.1. The Agreement shall be governed by and construed in accordance with the laws of Sweden. ​ 17.2. Any dispute arising out of or in connection with the Agreement shall be finally settled by arbitration administered by the Arbitration Institute of the Stockholm Chamber of Commerce (the “SCC Institute”). ​ 17.3. The Rules for Expedited Arbitrations shall apply, unless the SCC Institute, considering the complexity of the case, the amount in dispute and other circumstances, determines, in its discretion, that the Arbitration Rules of the Arbitration Institute of the Stockholm Chamber of Commerce shall apply. In the latter case, the SCC Institute shall also decide whether the arbitral tribunal shall be composed of one or three arbitrators. ​ 17.4. The place of arbitration shall be Malmö. The language of the proceedings shall be Swedish and Swedish law shall apply to the dispute. Regardless of what has just been said, the Supplier shall always have the right to apply for an injunction to payment or bring an action regarding non-payment in a general court. Definitions "Agreement" means the contractual agreement between the parties no matter in what form, including the Order Agreement, these Terms, the DPA and any appendices mentioned in the Order Agreement, in the Terms, or in the DPA. ​ “Agreement Term” means the term agreed upon in the Order Agreement. ​ ”Customer” means the company specified in the Order Agreement as a customer or the person who otherwise agrees with the Supplier to use the Product. ​ ”Customer Data” means any data that is provided to the Supplier by or on behalf of the Customer through the use of the Product. ​ ”Documentation” means any instruction or other documentation that the Supplier provides to the Customer at any time. ​ “DPA” means the data processing agreement concluded between the parties. ​ “End-Users” means the individual who uses the Product as part of the Customer’s Agreement. ​ “Early Access” means a time-limited period for which the parties have agreed that the Customer shall test new features or a beta version of the Product. The version of the Product used during Early Access is under ongoing development by the Supplier and therefore not complete or equivalent to the Product. ​ “Order Agreement” means the contract between the Customer and the Supplier that includes Customer details and specific terms in relation to the Customer’s purchase of the Product or Agreement to use the Product. The Order Agreement may be constituted by a document signed by the Customer, an offer accepted by the Customer, an e-mail, or a web form at the Supplier’s website where the Customer has provided its credentials and signed up to use the Product. ​ “Product” means the service provided to the Customer according to the Agreement. ​ “Supplier” means the company providing the Product which the Customer has concluded the Agreement with. ​ “Trial Period” means a time-limited period for which the parties have agreed that the Customer is entitled to use the Product for the sole purpose of evaluation prior to purchase. APPENDIX 2 Data Processing Agreement On-Premise Subscription Products Effective September 6, 2022 1. Background and Interpretation ​ 1.1. The Supplier will, upon performance of the Agreement when providing its Product, process personal data on behalf of the Customer, in the capacity of the Customer’s processor. The Supplier will process personal data for which the Customer is the controller. ​ 1.2. This Data Processing Agreement (the “DPA ”) forms an integral part of the Agreement. The purpose of this DPA is to ensure a secure, correct, and legal processing of personal data and to comply with applicable requirements for data processing agreements as well as to ensure adequate protection for the personal data processed within the scope of the Agreement. ​ 1.3. Any terms used in this DPA, e.g. processing, personal data, data subjects, supervisory authority, etc., shall primarily have the meaning as stated in the European Parliament and the Council Regulation (EU) 2016/679 (the “GDPR “) and otherwise in accordance with the Agreement, unless otherwise clearly indicated by the circumstances. ​ 1.4. In light of the above, the Parties have agreed as follows: ​ 2. Instructions and Responsibilities ​ 2.1. The type of personal data and categories of data subjects processed by the Supplier under this DPA and the purpose, nature, duration, and objects of this processing, are described in the instructions on the processing of personal data in Appendix 2A or the written instructions that Customer provides from time to time. The Supplier shall not process additional categories of personal data or personal data in relation to other data subjects than those specified in Append ix 2A . ​ 2.2. Customer is responsible for complying with the GDPR. Customer shall in particular: ​ a) be a contact person towards data subjects and i.e. respond to their inquiries regarding the processing of personal data; ​ b) ensure the lawfulness of the processing of personal data, provide information to data subjects pursuant to Articles 12-14 in the GDPR, and maintain a record of processing activities under its responsibility; ​ c) provide the Supplier with documented instructions for the Supplier’s processing of personal data, including instructions regarding the subject matter, duration, nature, and purpose of the processing as well as the type of personal data and categories of data subjects; ​ d) immediately inform the Supplier of changes that affect the Supplier’s obligations under this DPA; e) immediately inform the Supplier if a third party takes action or lodges a claim against the Customer as a result of the Supplier’s processing under this DPA; and f) immediately inform the Supplier if anyone else is a joint controller with the Customer of the relevant personal data. ​ 2.3. When processing personal data, the Supplier shall: ​ a) only process personal data in accordance with Customer’s documented instructions, which at the time of the parties entering into this DPA are set out in Appendix 2A; b) ensure that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; c) maintain an adequate level of security for personal data by implementing all technical and organizational measures set out in Article 32 of the GDPR in the manner set out in section 3 below; d) respect the conditions referred to in paragraphs 2 and 4 of Article 28 of the GDPR for engaging a sub-processor; e) taking into account the nature of the processing, assist the Customer by appropriate technical and organizational measures, insofar as it is possible, for the fulfillment of the Customer’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR; f) assist Customer in ensuring compliance with the obligations pursuant to Articles 32-36 of the GDPR, taking into account the nature of the processing and the information available to the Supplier; g) at the choice of Customer, delete or return all the personal data to Customer after the end of the Agreement, and delete existing copies, unless EU law or applicable national law of an EU Member State requires the storage of the personal data; and h) make available to Customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 in the GDPR and this DPA and allow for and contribute to audits, including inspections, conducted by Customer or another auditor agreed upon by the Parties. ​ 2.4. The Supplier shall notify the Customer without undue delay, if, in the Supplier’s opinion, an instruction infringes the GDPR. In addition, the Supplier is to immediately inform the Customer of any changes affecting the Supplier’s obligations pursuant to this DPA. ​ 3. Security ​ 3.1. The Supplier shall implement technical and organizational security measures in order to protect personal data against destruction, alteration, unauthorized disclosure, and unauthorized access. The measures shall ensure a level of security that is appropriate considering the state of the art, the costs of implementation, the nature, scope, context, and purpose of the processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons. The Supplier may amend its technical and organizational measures. 3.2. The Supplier shall notify the Customer of accidental or unauthorized access to personal data or any other personal data breach without undue delay after becoming aware of such data breach and pursuant to Article 33 of the GDPR. Such notification shall not in any manner imply that the Supplier has committed any wrongful act or omission, or that the Supplier shall become liable for the personal data breach. 3.3. If the Customer, during the term of this DPA, requires that the Supplier take additional security measures, the Supplier shall as far as possible meet such requirements provided that the Customer pays and takes responsibility for any and all costs associated with such additional measures. ​ 4. Sub-processors and Transform to Third Countries ​ 4.1. ​The Customer hereby grants the Supplier with a general authorization to engage sub-processors. Sub-processors are listed in the list of sub-contractors in Appendix 2B . The Supplier shall enter into a data processing agreement with each sub-processor, according to which, the same data protection obligations as set out in this DPA, are imposed upon the sub-processor. 4.2. The Supplier shall inform the Customer of any intended changes concerning the addition or replacement of sub-processors, thereby giving the Customer the opportunity to object to such changes. Such objection shall be made in writing and within thirty (30) calendar days after the Supplier has informed the Customer about the intended changes. If the Customer objects to the Supplier engaging a sub-processor and the parties cannot agree, within a reasonable time, on the new sub-processor’s engagement in the processing of personal data, the Supplier can terminate the Agreement. 4.3. If the Supplier and/or sub-processors transfers personal data outside the EU/EEA, such transfer shall always comply with the applicable data protection requirements according to the GDPR and related data protection legislation. The Supplier shall keep the Customer informed about the legal grounds for the transfer. ​ 5. Compensation and Limitation of Liability ​ 5.1. The Supplier is not entitled to any additional compensation for the processing of personal data in accordance with this DPA, instead the compensation provided pursuant to the Agreement also encompasses the measures in this DPA. 5.2. Each Party shall be responsible for any damages and administrative fines imposed to it under articles 82 and/or 83 of the GDPR. 5.3. Notwithstanding any limitation of liability in the Agreement, each party’s liability under this DPA shall be limited to direct damages. In addition, the Supplier's liability shall be limited to an amount corresponding to the fees paid by the Customer to the Supplier under the Agreement for a period of six (6) months before the damage occurred. ​ 6. Term and Termination ​ 6.1. This DPA becomes effective when the Agreement has been entered into. 6.2. Upon termination of the Agreement, the Supplier shall, at the choice of the Customer, delete all the personal data or return it to the Customer, and ensure that each sub-processor does the same. 6.3. This DPA remains in force as long as the Supplier processes personal data on behalf of the Customer, including deletion or returning of personal data according to section 6.2 above. This DPA shall thereafter cease to apply. Sections 5 and 6.2 shall continue to apply even after this DPA has been terminated. ​ APPENDIX 2A Instructions on Processing of Personal Data Purposes ​ The Supplier processes personal data in order to fulfil the Agreement. This means that the Supplier processes personal data for the following purposes: Handle customer support cases, Work with key End-Users designated by the Customer for purposes of the customer success program. This program is available to opt-in to for certain customer accounts ​ Categories of personal data ​ Categories of personal data that will be processed by the Supplier include: Name, E-mail address, and Information about how the Product is used provided by the Customer for the purposes of support and customer success. ​ Categories of data subjects ​ End-Users. ​ Retention time ​ Personal data about End Users will be processed and deleted according to the Customer’s instructions. The Customer is responsible for and can choose when such data shall be deleted. ​ Processing operations ​ The Supplier processes the personal data of End-Users in the following ways. ​ To provide customer support when the Customer opens a support request via e-mail or via the Supplier’s support portal. ​ To support activities related to the customer success program. ​ Information Security Measures The Supplier Security Practices Application-specific Data Security and Privacy Statements Security Advisories and related policy APPENDIX 2B Sub-Processors No sub-processors are involved in your regular usage of our On-Premise applications. However, we do rely on sub-processors to support your End-Users' ability to get value out of your purchase via our Customer Support and Customer Success functions. In the table below, you can see exactly for which purposes we utilize sub-processors for End-Users of any of our On-Premise applications. Name Purpose Location of processing Atlassian Corporation Plc (Jira Service Management) DPA | International Data Transfers The Customer and End-User support management service provider Europe.* * Customer Account data (name, email address) is stored across the Global AWS Regions. Read more RefinedWiki (Refined) DPA upon request Authentication and Request Management for our Customer support portal Europe Please see our sub-processors page for additional information on the sub-processors above as well as a full list of the subprocessors that process personal data, even those that aren't relevant to this DPA. Terms Definitions DPA Instructions Subprocessors