Security policy

Last updated: 15 July 2026

Architecture: nothing leaves Atlassian

Approval Nudge is built on Atlassian Forge and qualifies for Atlassian's Runs on Atlassian program. The app declares zero egress: it makes no network calls to any host outside Atlassian, exposes no remote APIs, and has no vendor-operated servers, databases, or analytics. There is no infrastructure of ours to attack, and no copy of your data outside your Atlassian site to leak.

Platform security controls

Because the app runs entirely on the Forge platform, the following are provided and operated by Atlassian: compute isolation and sandboxing, encryption of data in transit (TLS) and at rest, storage infrastructure and backups, and the enforcement of the app's declared permissions and egress rules at the platform level. Atlassian's own certifications and practices are documented at the Atlassian Trust Center. We do not claim Atlassian's certifications as our own; we claim the smaller, verifiable fact that all app data and execution stay inside their certified boundary.

Least privilege

The app requests only the scopes it uses: reading work items and approvals, writing comments and the JSM Approvers field, reading user info for @-mentions, and app storage. It acts only in projects where a project administrator has explicitly enabled it. Every write in the optional email-resend path is verified after the fact and automatically rolled back if it did not propagate cleanly.

Vendor access to your data

We — the developer — cannot read your site's app storage or content. Forge does not give vendors access to production customer data. Diagnostic logs (Forge platform logging, stored by Atlassian) contain operational identifiers such as request keys and error messages, and are used solely to investigate faults.

Development practices

Changes ship through code review, an automated test suite over the app's decision logic, and staged deployment (development environment first, then production). The app's behavior is deliberately conservative: it never modifies an approval once any approver has answered, and it never adds or swaps approvers.

Reporting a vulnerability

If you believe you have found a security issue in Approval Nudge, email support@quietmill.app with the details and steps to reproduce. Please do not open a public issue for suspected vulnerabilities.

Incident response

If a confirmed vulnerability or incident affects customer data, we will notify affected customers via the Marketplace listing and support channels without undue delay, describe the impact honestly, and publish the fix in the app's release notes.

Changes to this policy

This page is updated whenever the app's security posture changes; material changes are also reflected in the app's Marketplace Privacy & Security declarations, which Atlassian requires to be accurate.