Region
Global
Industry
All
Type
Certifications / Attestations
Documentation
System and Organization Controls (SOC) 2 reports are independent third-party examination reports that demonstrate how an organization achieves key compliance controls and objectives.
SOC 2 reports are based on the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) existing Trust Services Criteria (TSC). The purpose of the report is to evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality, and privacy.
Atlassian undergoes rigorous independent third-party SOC 2 audits conducted by a reputable certified public accountant (CPA) firm to certify individual products on a regular basis. The audit firm evaluates whether Atlassian’s compliance controls are designed appropriately, were in operation on a specified date, and were operating effectively over a specified time period.
SOC 2 reports are attestation examinations that are conducted in accordance with the SSAE 18 standard, specifically section AT-C 105 and 205, governed by the AICPA.
Relevant products
Our team is here to help
Have more questions about our compliance program?
Do you have cloud certifications? Can you complete my security & risk questionnaire? Where can I download more information?
Trust & security community
Join the Trust & Security group on the Atlassian Community to hear directly from our Security team and share information, tips, and best practices for using Atlassian products in a secure and reliable way.
Atlassian support
Reach out to one of our highly-trained support engineers to get answers to your questions.
Non-disclosure agreement
Coalfire Controls, LLC (“Coalfire”) has prepared the attached report (the “Report”) for the sole benefit and use of Atlassian Corporation Plc (“Company”), and, for limited purposes in accordance with the relevant standards of the American Institute of Certified Public Accountants (the “AICPA”), Company’s existing user entities and their auditors. In addition, certain prospective user entities, identified by the Company (collectively with existing user entities, each a “Recipient”), may have access to the Report subject to the terms of this agreement. Your access to the Report is subject to your agreement to the terms and conditions set forth below. Please read them carefully. If you are agreeing to this agreement not as an individual but on behalf of your company, then “Recipient” or “you” means your company, and you are binding your company to this agreement.
By clicking on the “I ACCEPT” button below, you signify that you and the Recipient agree to be bound by these terms and conditions. Such acceptance and agreement shall be deemed to be as effective as a written signature by you, on behalf of yourself and the Recipient, and this agreement shall be deemed to satisfy any writings requirements of any applicable law, notwithstanding that the agreement is written and accepted electronically. Distribution or disclosure of any portion of the Report or any information or advice contained therein to persons other than Company is prohibited, except as provided below.
Company agrees to allow Recipient to access to the Report on the condition that Recipient reads, understands, and agrees to all of the following:
The Report consists of a service auditor’s examination (the “Services”) conducted for the Company in accordance with the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy. Recipient has requested that Company provide Recipient a copy of the Report.
The Services were undertaken, and the Report was prepared, solely for the benefit and use of Company, its existing user entities, and their auditors, and was not intended for any other purpose, including the use by prospective user entities of Company. Coalfire has made no representation or warranty to the Recipient as to the sufficiency of the Services or otherwise with respect to the Report. Had Coalfire been engaged to perform additional services or procedures, other matters might have come to Coalfire’s attention that would have been addressed in the Report.
The Services did not (a) constitute an audit, review or examination of financial statements in accordance with generally accepted auditing standards of the AICPA or the standards of the Public Company Accounting Oversight Board, (b) constitute an examination of prospective financial statements in accordance with applicable professional standards or (c) include procedures to detect fraud or illegal acts to test compliance with the laws or regulations of any jurisdiction.
The Recipient (a) does not acquire any rights against Coalfire, any other member firm of the global Coalfire Controls, LLC network, or any of their respective affiliates, partners, agents, representatives or employees (collectively, the “Coalfire Parties”), the Company or any of their respective affiliates, partners, agents, representatives or employees (together with Coalfire Parties, the “Report Parties”), and the Report Parties assume no duty or liability to the Recipient, in connection with the Services or its access to the Report hereunder; (b) may not rely on the Report; and (c) will not contend that any provisions of United States or state securities laws could invalidate or avoid any provision of this agreement.
Except where compelled by legal process (of which the Recipient shall promptly inform Coalfire and the Company so that they may seek appropriate protection), the Recipient will not disclose, orally or in writing, any Report or any portion thereof or any other Confidential Information received from Coalfire or the Company in connection therewith, or make any reference to Coalfire or Company in connection therewith, in any public document or to any third party other than Recipient’s employees, agents and representatives, who need to know the information to evaluate operations for compliance with Recipient’s security, regulatory and other business policies, and provided such third parties are bound by confidentiality restrictions at least as stringent as those stated in this agreement. “Confidential Information” shall mean the Report and other information and materials that are (i) disclosed by the Company in writing and marked as confidential at the time of disclosure, or (ii) disclosed by the Company in any other manner and identified as confidential at the time of disclosure and within thirty (30) days of disclosure, or (iii) reasonably regarded as being of a confidential nature.
Recipient may use Confidential Information, including the Report, for a period of the sooner of one (1) year from disclosure or such other validity term as indicated in the Report, and only for the purpose of evaluating the Company’s operations for compliance with Recipient’s security, regulatory and other business policies. This agreement does not create or imply an agreement to complete any transaction or an assignment by Company of any rights in its intellectual property.
The Recipient (for itself and its successors and assigns) hereby releases each of the Report Parties, from any and all claims or causes of action that the Recipient has, or hereafter may or shall have, against them in connection with the Report, the Recipient’s access to the Report, or Coalfire’s performance of the Services. The Recipient shall indemnify, defend and hold harmless the Report Parties from and against all claims, liabilities, losses and expenses suffered or incurred by any of them arising out of or in connection with (a) any breach of this agreement by the Recipient or its representatives; and/or (b) any use or reliance on the Report or other Confidential Information by any party that obtains access to the Report, directly or indirectly, from or through the Recipient or at its request.
Upon termination of this agreement or written request by a Report Party, the Recipient shall: (i) cease using the Confidential Information, (ii) return or destroy the Confidential Information and all copies, notes or extracts thereof to Company within seven (7) business days of receipt of request, and (iii) upon request of a Reporting Party, confirm in writing that Recipient has complied with these obligations.
This agreement shall be governed by, and construed in accordance with, the laws of the State of Colorado applicable to agreements made and fully to be performed therein by residents thereof. This agreement can be enforced by any of Report Parties, individually or collectively.
By entering your email you agree to be bound to the terms of this Agreement. If you are entering into this Agreement for an entity, such as the company you work for, you represent to us that you have legal authority to bind that entity.
By entering your email you agree to be bound to the terms of this Agreement. If you are entering into this Agreement for an entity, such as the company you work for, you represent to us that you have legal authority to bind that entity.
KPMG Report NDA
KPMG Assurance and Consulting Services LLP (“KPMG) has prepared the attached report (the “Report”) for the sole benefit and use of Atlassian Corporation Limited, Atlassian Australia 1 Pty Limited, and Atlassian India LLP (“Company”), and, for limited purposes in accordance with the relevant standards of the American Institute of Certified Public Accountants (the “AICPA”), Company’s existing user entities and their auditors. In addition, certain prospective user entities, identified by the Company (collectively with existing user entities, each a “Recipient”), may have access to the Report subject to the terms of this agreement. Your access to the Report is subject to your agreement to the terms and conditions set forth below. Please read them carefully. If you are agreeing to this agreement not as an individual but on behalf of your company, then “Recipient” or “you” means your company, and you are binding your company to this agreement.
By clicking on the “I ACCEPT” button below, you signify that you and the Recipient agree to be bound by these terms and conditions. Such acceptance and agreement shall be deemed to be as effective as a written signature by you, on behalf of yourself and the Recipient, and this agreement shall be deemed to satisfy any writings requirements of any applicable law, notwithstanding that the agreement is written and accepted electronically. Distribution or disclosure of any portion of the Report or any information or advice contained therein to persons other than Company is prohibited, except as provided below.
Company agrees to allow Recipient to access to the Report on the condition that Recipient reads, understands, and agrees to all of the following:
The Report consists of a service auditor’s examination (the “Services”) conducted for the Company in accordance with the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy. Recipient has requested that Company provide Recipient a copy of the Report.
The Services were undertaken, and the Report was prepared, solely for the benefit and use of Company, its existing and prospective user entities, and their auditors, and was not intended for any other purpose.
The Services did not (a) constitute an audit, review or examination of financial statements in accordance with generally accepted auditing standards of the AICPA or the standards of the Public Company Accounting Oversight Board, (b) constitute an examination of prospective financial statements in accordance with applicable professional standards or (c) include procedures to detect fraud or illegal acts to test compliance with the laws or regulations of any jurisdiction.
The Recipient (a) does not acquire any rights against KPMG, any other member firm of the global KPMG, LLP network, or any of their respective affiliates, partners, agents, representatives or employees (collectively, the “KPMG Parties”), the Company or any of their respective affiliates, partners, agents, representatives or employees (together with KPMG Parties, the “Report Parties”), and the Report Parties assume no duty or liability to the Recipient, in connection with the Services or its access to the Report hereunder; (b) may not rely on the Report; and (c) will not contend that any provisions of United States or state securities laws could invalidate or avoid any provision of this agreement.
Except where compelled by legal process (of which the Recipient shall promptly inform KPMG and the Company so that they may seek appropriate protection), the Recipient will not disclose, orally or in writing, any Report or any portion thereof or any other Confidential Information received from KPMG or the Company in connection therewith, or make any reference to KPMG or Company in connection therewith, in any public document or to any third party other than Recipient’s employees, agents and representatives, who need to know the information to evaluate operations for compliance with Recipient’s security, regulatory and other business policies, and provided such third parties are bound by confidentiality restrictions at least as stringent as those stated in this agreement. “Confidential Information” shall mean the Report and other information and materials that are (i) disclosed by the Company in writing and marked as confidential at the time of disclosure, or (ii) disclosed by the Company in any other manner and identified as confidential at the time of disclosure and within thirty (30) days of disclosure, or (iii) reasonably regarded as being of a confidential nature.
Recipient may use Confidential Information, including the Report, for a period of the sooner of one (1) year from disclosure or such other validity term as indicated in the Report, and only for the purpose of evaluating the Company’s operations for compliance with Recipient’s security, regulatory and other business policies. This agreement does not create or imply an agreement to complete any transaction or an assignment by Company of any rights in its intellectual property.
The Recipient (for itself and its successors and assigns) hereby releases each of the Report Parties, from any and all claims or causes of action that the Recipient has, or hereafter may or shall have, against them in connection with the Report, the Recipient’s access to the Report, or KPMG’s performance of the Services. The Recipient shall indemnify, defend and hold harmless the Report Parties from and against all claims, liabilities, losses and expenses suffered or incurred by any of them arising out of or in connection with (a) any breach of this agreement by the Recipient or its representatives; and/or (b) any use or reliance on the Report or other Confidential Information by any party that obtains access to the Report, directly or indirectly, from or through the Recipient or at its request.
Upon termination of this agreement or written request by a Report Party, the Recipient shall: (i) cease using the Confidential Information, (ii) return or destroy the Confidential Information and all copies, notes or extracts thereof to Company within seven (7) business days of receipt of request, and (iii) upon request of a Reporting Party, confirm in writing that Recipient has complied with these obligations.
This agreement shall be governed by, and construed in accordance with, the laws of the State of California applicable to agreements made and fully to be performed therein by residents thereof. This agreement can be enforced by any of Report Parties, individually or collectively.
By entering your email you agree to be bound to the terms of this Agreement. If you are entering into this Agreement for an entity, such as the company you work for, you represent to us that you have legal authority to bind that entity.
By entering your email you agree to be bound to the terms of this Agreement. If you are entering into this Agreement for an entity, such as the company you work for, you represent to us that you have legal authority to bind that entity.
Please download the report you want to view:
MUTUAL NON-DISCLOSURE AGREEMENT
This Mutual Non-Disclosure Agreement (this "Agreement"), entered into by and between Loom, Inc. ("Loom") and the party agreeing to this Agreement ("Counterparty") is effective as of the date Counterparty clicked-through to accept this Agreement ("Effective Date"). The parties hereby agree:
1. Purpose. In order to evaluate a potential business opportunity ("Purpose") the parties may disclose information to each other that they each consider confidential (the party disclosing the information is the "Discloser" and the party receiving the information is the "Recipient").
2. Definition. "Confidential Information" means: any information, including the existence of this Agreement, disclosed orally or in writing by Discloser to Recipient pursuant to this Agreement that is designated as confidential or would reasonably be considered confidential. Confidential Information does not include any information that: (a) was known to Recipient without restriction before receipt from Discloser; (b) is publicly available through no fault of Recipient; (c) is rightfully received by Recipient from a third party without a duty of confidentiality; or (d) is independently developed by Recipient without reference to any Confidential Information.
3. Non-Use and Non-Disclosure. Recipient may only use Confidential Information for the Purpose. Recipient will use at least a reasonable degree of care to protect Confidential Information and prevent its unauthorized use or disclosure. Recipient will not disclose any Confidential Information to anyone except to its employees, directors, contractors, and agents ("Representatives") who need to know it and who are bound by confidentiality obligations at least as protective of the Confidential Information as those of this Agreement. Recipient will be responsible for any breach of this Agreement by its Representatives. Recipient will promptly notify Discloser of any unauthorized use or disclosure of Confidential Information.
4. Compelled Disclosure. Recipient may disclose Confidential Information to the extent compelled to do so by law if it provides reasonable prior notice to Discloser, unless legally prohibited
5. No Obligation. This Agreement imposes no obligation to proceed with any transaction or discussion. ALL CONFIDENTIAL INFORMATION IS PROVIDED "AS IS" WITHOUT ANY EXPRESS OR IMPLIED WARRANTY.
6. No License. This Agreement does not grant any intellectual property rights to Recipient except the limited rights necessary to use Confidential Information for the Purpose.
7. Term. This Agreement will remain in effect for a period of two (2) years from the Effective Date except: (a) the obligations under this Agreement will survive for five (5) years after termination; and (b) confidentiality obligations regarding trade secrets will apply until the information is no longer considered a trade secret under applicable law. On termination, the Recipient will delete or destroy all Confidential Information of Discloser.
8. Injunctive Relief. Any violation of this Agreement may cause irreparable injury to Discloser, entitling Discloser to seek injunctive relief in addition to all legal remedies.
9. Governing Law and Venue. This Agreement is governed by the laws of the State of California, excluding its conflict-of-laws principles. All disputes arising out of this Agreement will be subject to the exclusive jurisdiction and venue of the state and federal courts located in San Francisco, California and each party hereby consents to the personal jurisdiction thereof.
10. Miscellaneous. This Agreement is not assignable or transferable without the prior written consent of the other party except to an affiliate or in connection with a merger, reorganization, or sale of all or substantially all of the assigning party's assets. This Agreement contains the entire agreement between the parties and supersedes any prior agreements between the parties regarding the Purpose. If any provision of this Agreement is found to be invalid or unenforceable, the provision will be enforced to the maximum extent permissible and the remainder of this Agreement will continue in effect. This Agreement can only be amended in writing signed by both parties. Failure to enforce a provision is not a waiver.
By entering your email you agree to be bound to the terms of this Agreement. If you are entering into this Agreement for an entity, such as the company you work for, you represent to us that you have legal authority to bind that entity.