The default data retention policy is to retain all data for the entire time that the application is installed in the workspace, and the workspace still exists.
Data archiving and removal policy
User deleted data is archived for anywhere between zero (0) and thirty (30) days. After that time, the data is deleted completely. User deleted data should be considered removed completely. Deleting your account will remove all personal information from our systems.
Data storage policy
All data is encrypted at rest and in transit using standard tooling as a part of our cloud service providers. Database data is encrypted using the 256-bit Advanced Encryption Standard. Data in transit travel over the Internet using Transport Layer Security (HTTPS).
You may delete your data at anytime by uninstalling the application from your Slack workspace. You may also request data deletion by e-mailing firstname.lastname@example.org.
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack App Directory, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Executive summary is available to potential customers upon request
Supports Single Sign On (SSO) with the following providers
Supports Security Assertion Markup Language (SAML)
Has a dedicated security team
Contact for security issues
Has a vulnerability disclosure program
Vulnerability disclosure program covers Slack app
Has a bug bounty program
Requires third party authorization/connections
Third party services used by this app
Firebase from Google Cloud Platform is our main hosting provider. Additional web services are provided by Amazon AWS, GCP and Datadog. All payment processing is done through Braintree, a PayPal company or Stripe.