support-page

Privacy Policy - Read Confirm

Last updated: February 2026

Introduction

Read Confirm (“the App”) is a Confluence Cloud application developed by middlecore. This Privacy Policy explains how we handle user data.

Data Collection

What We Collect

The App collects and stores the following data to provide its functionality:

• Confirmation Request Data: Request settings, target page IDs, creator information, deadlines, and messages
• Confirmation Records: User account IDs, confirmation timestamps, and request associations

What We Access

The App accesses the following Confluence data:

• User account IDs and display names
• Group memberships (for group-based targeting)
• Page titles and IDs
• Space information

Data Storage

All data is stored using Atlassian Forge Storage, which is hosted entirely within Atlassian’s secure infrastructure. Data stored includes:

• Confirmation requests created by administrators
• Individual confirmation records (who confirmed and when)
• Request metadata (deadlines, messages, target settings)

Data Retention: Data is retained as long as the associated confirmation request exists. When a request is deleted, all associated confirmation records are also deleted.

Data Sharing

We do not share, sell, or transfer any data to third parties. All data remains within Atlassian’s infrastructure.

Sub-processors

The App does not use any sub-processors. All processing occurs within Atlassian’s Forge infrastructure.

Security

Read Confirm is built on Atlassian Forge, which runs entirely within Atlassian’s secure cloud infrastructure. No data leaves Atlassian’s environment.

Key security features:

• Backend code (resolvers) executes within Atlassian’s serverless infrastructure
• Frontend runs in a sandboxed iframe within your browser
• No external network requests are made
• All data stored within Atlassian Forge Storage
• Access controls ensure only authorized users can view confirmation data

GDPR Compliance

For users in the European Economic Area (EEA):

• Legal Basis: Processing is based on legitimate interest to provide confirmation tracking functionality
• Data Minimization: We only collect data necessary for the confirmation workflow
• No External Transfer: No data is transferred outside of Atlassian’s infrastructure
• Right to Access: Users can view their own confirmation status through the App
• Right to Deletion: Administrators can delete confirmation requests, which removes all associated data
• Right to Information: You may contact us at contact@middle-core.com for any privacy-related inquiries

CCPA Compliance

For California residents:

• We do not sell personal information
• We collect only the minimum information necessary to provide the service
• For questions, contact us at contact@middle-core.com

Your Rights

You have the right to:

• View your own confirmation status through the embedded macro
• Request information about what data we store related to you
• Request deletion of your data by contacting your Confluence administrator

For data-related requests, please contact your organization’s Confluence administrator or reach out to us directly.

Children’s Privacy

The App is not intended for use by children under the age of 16. We do not knowingly collect any information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

Contact

If you have questions about this Privacy Policy, please contact:

middlecore Email: contact@middle-core.com

---

This privacy policy is effective as of February 2026.