lynx   »   [go: up one dir, main page]
Close
View this page in your language?
All languages
Choose your language

Power teamwork with AI built responsibly

Rovo is thoughtfully designed and deployed to uphold our Responsible Technology Principles.

lock
Shield with checkmark icon

Stay in control

Safeguard against misuse with data policies and controls that restrict LLM providers from storing or training models using your inputs or outputs.

Learn more
cloud security

Keep your data secure

Protect the integrity of your data with comprehensive security practices and privacy polices inherited from the Atlassian Cloud Platform.

Learn more
scorecards

Enforce usage policies

Accelerate critical business workflows across your organization without compromising confidentiality.

Learn more

Frequently asked questions

Stay in control

How does Rovo work?
  

Rovo combines open-source, self-hosted models, and third-party hosted models to deliver an artificial intelligence experience tailored to you, your teams, and your workflows.

These LLM providers will not store customer inputs and outputs or use this data to train their services. This approach prioritizes the privacy of your data throughout the entire process.

To learn more about the technology that underpins our Rovo capabilities, visit this page
How should I use these features?
  

To get started, review these common use cases and prompts. These use cases can help you accelerate your tasks with Rovo Agents, Chat, and Search.

Some of the models used in our AI-powered features generate responses based on your inputs and are probabilistic in nature. This means that their responses are generated by predicting the most probable next word or text based on the data that they have been trained on. Additionally, please note that Rovo's results are also based on permissions and, therefore, may vary across users. 

Because of this approach, these models can sometimes behave in ways that are inaccurate, incomplete, or unreliable. For example, the responses that you receive may not accurately reflect the content they are based on, or generate content that sounds reasonable but is incomplete and should not be relied on.

We encourage you to think about the situations when you use these features — for example, not in cases where you need current and accurate information about people, places, and facts — and review the quality of the responses you receive before sharing them with others.
How does Rovo use customer data?
  

Rovo processes your user’s inputs to provide the outputs your user has requested. We may also process organizational data from within your site that the user has permission to view and include that data with the user inputs so that LLMs can provide more accurate, relevant, and contextual responses.

The LLM providers we use do not use your inputs and outputs to improve their services. Neither OpenAI nor any other LLM provider retains your inputs and outputs.

In addition to the restrictive policies we have put in place for our LLM providers, we also limit the use and access of customer data within our platform. Customer inputs and outputs are used only to serve and improve individual customer experiences. They are not used for model training across customers.

Atlassian may store your inputs and outputs for a limited period of time to reduce latency, such as when displaying a page summary or when required to provide a feature, such as displaying a search history. To learn more about how each feature uses customer data, please visit our transparency page.

If you would like to be notified of any material changes to this policy, please subscribe here.
Which LLMs are being used?
  

We use a diverse range of open-source, Atlassian-hosted LLMs, including models from the LLama series and Mixtral, alongside third-party hosted LLMs from OpenAI's GPT series of models, Anthropic's Claude series of models, and Google's Gemini series of models, to deliver the best outcomes for customers. Our features use dynamic routing to select the appropriate mix of models that can deliver the best experience and accuracy for each scenario.

The LLM providers we use do not retain your inputs and outputs, or use them to improve their services.

Please refer to our list of data sub-processors for more information on our third-party hosted LLM providers. You can also learn more about how each feature uses LLMs on our transparency page
Do any of the LLM providers store customer data?
  

No, none of our LLM providers store the data you submit or the responses you receive.
Does Atlassian send customer data to any LLM platform to train its services?
  

The data you submit and the responses you receive from Rovo are not used to fine-tune or improve any LLM models or services. For third-party hosted models, each data request is sent to the external provider individually over an SSL-encrypted service to process and send back to Atlassian.
Can I limit which LLM providers are being used?
  

No, Rovo leverages dynamic routing between models, and do not support provider selection.
Can I turn off AI features if my organization is not ready to use them?
  

Rovo Apps are a core part of the Atlassian Cloud Platform, similar to other apps (like Projects and Goals). These Platform apps are not removable. However, Organization admins can manage (activate or deactivate) AI-powered Rovo features for Atlassian Apps in Atlassian Administration. Please note that non-AI powered Rovo features, such as Rovo Search, cannot be disabled.

You can learn more about managing AI in your apps in our documentation. To see a list of Rovo features available with AI activated, see our documentation
Can I limit the data or restrict the data that is shared with AI and Rovo?
  

We currently only offer opt-out controls for AI features at the app level.

As a reminder, Rovo Search, Studio, and Bookmarks features are always available and always on, as they are now part of the Atlassian platform. You can learn more about the available opt-out controls in our documentation.

You can also configure an allowlist or blocklist to limit the content indexed by Rovo from Google Drive or Microsoft SharePoint. To configure an allowlist or blocklist, review our documentation.

Keep your data secure

Are you using my inputs and outputs to train Atlassian apps and services?
  

No, Rovo does not use your inputs or outputs to train Atlassian apps and services. These features only use data about how you interact with our features, such as the people you work with and the size and type of attachments, and the feedback you opt to provide.
Does Rovo use my data to serve other customers?
  

The data you submit and the responses you receive are used only to serve your experience. They are not used to train models across customers or shared between customers.
Is any data transferred outside our current site?
  

When using Rovo, data is transferred outside of the current site to third party LLM providers (e.g., OpenAI) in order to generate a response. Even though the data is transferred, it follows existing Atlassian security practices. For Rovo, each data request is sent to our LLM providers individually, over an SSL-encrypted service, to process and send back to Atlassian.

Please refer to our list of data sub-processors for more information on our external LLM providers.
Do Atlassian customer terms apply to Rovo?
  

Yes, the Atlassian Customer Agreement covers Rovo.  Additionally, the policies and terms incorporated by reference in the Atlassian Customer Agreement, including the Privacy Policy, Acceptable Use Policy, Data Processing Addendum, Product-Specific Terms, govern your use of Rovo.

If your request does not align with our customer terms, it may not be fulfilled by this service.
How are Rovo capabilities ensuring my data is protected?
  

In addition to the restrictive policies we have in place with our LLM providers, these features continue to follow our existing security practices we have for each app. Rovo has completed the external assessment and compliance certifications for SOC 2 and ISO 27001.

To get a deeper look at how our LLM providers secure their platforms, please visit our subprocessor page.
Does Rovo respect data residency?
  

Yes, data residency support is available for Rovo. With data residency for Rovo turned on, all of your in-scope app data will remain stored in the region you've selected. To initiate a request to pin in-scope app data for Rovo, review our documentation.
Does Rovo impact my compliance with GDPR?
  

We are committed to helping our customers stay compliant with GDPR and their local requirements. As we do today for all of our apps, we will process and transmit data for Rovo in accordance with our Privacy Policy, Data Processing Addendum, and GDPR commitment.
Is Rovo SOC 2 and ISO 27001 compliant?
  

Yes, Rovo has completed the external assessment and compliance certifications for SOC 2 and ISO 27001. Moving forward, Atlassian's AI capabilities will be included as part of Atlassian’s annual compliance audit.
Is Rovo HIPAA compliant?
  

No, at this time Rovo is not HIPAA compliant and our Business Associate Agreement (BAA) does not cover these features. If you are required to comply with HIPAA, we recommend that you do not turn AI-powered features on until we have expanded our coverage to include them.

Enforce usage policies

Does Rovo respect existing permissions?
  

Rovo honors all existing permissions within each feature. Users will not be able to create or generate content based on resources they do not have access to.

Ex. #1. You would not see issues/projects that you do not have access to if you do a natural language search to JQL or you would not get Confluence pages sourced for an answer to a question if you did not have access to those pages.

Ex. #2. If a Confluence user executes a smart search, the results shown will take into account the pages and spaces the user has permission to view, and ignores restricted pages and spaces.
Which users within my organization can access my data in Rovo if we enable these features?
  

Rovo respects all of your existing permissions. In fact, two users may receive different results based on the content they have access to.

The data a user has access to is not limited to the app they’re working on. Due to the connected nature of our apps, as long as a user has access to a Jira work item or Confluence page, information can be pulled from across those experiences to inform a response (or output).

This policy extends to any third-party connector you have in Rovo. All permissions set in our platform and your third-party connector source will be respected as long as they are set accordingly.
Are Rovo third-party connectors enabled by default?
  

There are two types of Rovo connectors:

  • Admin-managed connectors: are not enabled by default, your organization admin must manually connect each third-party app. In addition, these connectors respect existing user permissions. When enabled, they enhance Rovo Agents, Search, and Chat for your organization.
  • Smart Link connectors: don’t require setup by an admin, these connectors use Smart Link data to show results based on an individual user’s permissions and history.

Before connecting to a third-party app, we recommend reviewing the types of data stored in that app, ensuring all user permissions are set appropriately, and confirming that connecting this data aligns with your internal data use policies and practices. You can learn more about third-party connectors in the documentation.
How are Rovo Agents controlled?
  

Rovo Agents are designed with security and privacy in mind: they can only access and act on information that you, as the user, already have permission to see or modify.

To protect sensitive data and ensure agents respect your organization’s security boundaries, your existing access controls govern all actions available to agents.

Please note, when automation rules call agents, the agent's access to knowledge is determined by the permissions of the 'connecting' user specified in the Rovo node, meaning the agent will retrieve information that this user is permitted to access.
Лучший частный хостинг