Skip to content
Flowdence Flowdence Docs

Privacy Policy

OwnerFlowdence Legal and Product
Applies to appMuleSight for Confluence
Review cadenceQuarterly and before publication

1. Who we are

Section titled “1. Who we are”
  • Company: Flowdence
  • Privacy contact: privacy@flowdence.io
  • Business address: Melbourne AU, 3030

2. What MuleSight does

Section titled “2. What MuleSight does”

MuleSight is a Forge-based Confluence app that renders MuleSoft snapshots (Exchange assets, Runtime Manager apps, API Manager instances, and API security posture) in Confluence macros and a dashboard.

3. Data categories processed

Section titled “3. Data categories processed”

MuleSight processes and stores the following categories required to deliver product functionality:

  • App configuration values (for example default organization id, dataset flags).
  • MuleSoft connected app client id.
  • MuleSoft connected app client secret and OAuth access token in Forge secret storage.
  • Cached MuleSoft dataset snapshots and metadata (apps, APIs, policies, tiers, contracts, refresh timestamps).
  • Operational log metadata required for support and troubleshooting.

MuleSight is designed to avoid unnecessary storage of Atlassian end-user profile data.

4. Why we process this data

Section titled “4. Why we process this data”
  • Provide requested MuleSoft snapshot views in Confluence.
  • Improve reliability using cached snapshots and stale fallback.
  • Support troubleshooting and incident response.

5. Data hosting and transfers

Section titled “5. Data hosting and transfers”
  • App runtime and storage are on Atlassian Forge services.
  • Configured outbound fetch target is MuleSoft Anypoint platform endpoint(s) required for product functionality.
  • Additional transfer terms: Where personal data is transferred across borders, Flowdence applies appropriate safeguards required by applicable law, including standard contractual clauses or equivalent legal transfer mechanisms where required.

6. Retention and deletion

Section titled “6. Retention and deletion”
  • Cached runtime datasets are retained according to product operational policy and may be refreshed/replaced.
  • Secrets remain stored until rotated or removed by configuration change.
  • Detailed retention windows and cleanup commitments are documented in the MuleSight data handling disclosure.

7. Data sharing

Section titled “7. Data sharing”
  • No sale of personal data.
  • Data is shared only with infrastructure and subprocessors required to deliver service.
  • Subprocessor disclosure is maintained on Flowdence public policy pages.

8. Data subject rights

Section titled “8. Data subject rights”

Requests regarding personal data can be sent to privacy@flowdence.io.

9. Security controls

Section titled “9. Security controls”

Flowdence applies controls described in the MuleSight security policy, including secret storage, redacted structured logging, and least-privilege scopes.

10. Changes to this policy

Section titled “10. Changes to this policy”

Material changes are published with updated effective date and version note.

11. Shared baseline policies

Section titled “11. Shared baseline policies”

This app-specific policy is read together with the shared Flowdence baseline: