Please note that the relationship between Atlassian, customers and vendors is a bit more complicated than the blog post suggests.
See also We need to talk about GDPR (again)
The question from @candid is very relevant, because this questionnaire does not seem to take into account this complex relationship, making it very hard for vendors to enter this. It would have been more appropriate to only ask whether vendors offer a DPA, and provide a link to that DPA instead of trying to parse the position of the vendor with regard to GDPR without going into the details of this very complex relationship.