Your data is secure when using draw.io for Atlassian Confluence or Atlassian Jira:

draw.io for Confluence and Jira (Cloud)

Your user authentication is only stored in your browser. Saving/loading your diagrams is directly between your browser and Atlassian's servers, these operations do not transit through third-party servers.

draw.io for Confluence and Jira (Server/Data Center)

Your draw.io data is exclusively stored on the server that you are using to run your Confluence or Jira deployment. No diagram data ever gets tracked or saved to a source outside your deployment or used by one of our servers or third party services. 

In the default setup, no diagram data is ever sent externally under any conditions. There is an option to connect to an external image generation server to improve font support the draw.io PDF export. Note that this is disabled by default and PDF export is still available by default, just with limited font support.

ISO/IEC certifications

Because your diagram data is not shared or stored outside of your device and the platform where you save your diagram, draw.io can help you achieve certification under the ISO 27000, 27001 and 27002 standards, the three worldwide standards that cover data protection.

Along with the comprehensive and integrated Confluence revision history, your draw.io diagrams will help you get certified under ISO 19011 (auditing and quality management systems).

Linking to diagram data outside of Atlassian deployments

draw.io offers to embed existing diagrams from the web service diagrams.net. These diagrams will only be linked to the Confluence page if you manually choose so. There is no possibility to edit the diagram with the Atlassian deployment. It's a view only mode for cloud-based diagrams from Google Drive or other cloud hosting services. 

More information about data privacy and security

Please also refer to our Data privacy section and our Seibert Media - End User License Agreements to learn more on how we protect your data and make it secure. You can also conclude your own Data Processing Agreement. You will find a corresponding template on our website.

There is also a blog post on data security from 2018 that you may be interested in.


Short link to this page: https://seibert.biz/notrackingindrawio


  • No labels

This content was last updated on 12/19/2022.

This content hasn't been updated in a while. That doesn't have to be a problem. Some of our pages live for years without becoming obsolete. Please click this link if you want us to update this page. Old content can be incorrect, misleading or outdated. Please get in contact with us via a form on this page, our live chat or via email with content@seibert.group if you are in doubt, have a question, suggestion, or want changes from us.