Security for Slack AI

We take our commitment to protecting customer data seriously. Learn how we built Slack to be secure and private.

Slack is committed to data ownership, security, and privacy, and Slack AI has been built to uphold those commitments from day one.

Slack AI security basics

  • Customer data never leaves Slack’s infrastructure.
  • Customer data  is never used to train large language models (LLMs).
  • Slack AI only works with data that members can already access.
  • Slack AI upholds all of Slack’s enterprise-grade security and compliance requirements.

Slack AI falls under the same security program as the rest of Slack. For more information, visit our Trust Center.



How does Slack AI work?

Slack AI uses third party large language models (LLMs), hosted within Slack’s secure Amazon Web Services (AWS) infrastructure and the message data already in your Slack workspace or Enterprise grid organization to power a suite of productivity tools personalized to you. When you request a summary or search answer, we use our standard architecture and in-house models to find and sort the most relevant information to summarize. This information is then sent to a LLM. The LLM is offline and self-hosted, meaning your data never leaves Slack. The LLM generates a response and Slack AI returns the response to you. The LLM does not retain any information from the request.

What type of AI model does your system use and is it explainable?

Slack AI is a set of generative AI tools and uses a commercial off-the-air model that hasn't been trained on customer data.

Is my Slack data used to train third-party AI models?

No. No customer data is used to train third-party LLM models. Instead, we use a technique called Retrieval Augmented Generation (RAG) that sends the data necessary for each task to the LLM at inference time only – no training required. Because this data is sent in the context of a single request, the LLM does not retain any of the data.

Will Slack AI show private data members don’t have access to?

Slack AI only uses Slack data that members have access to at the time of request and won’t display or use data from private channels or DMs they aren’t a member of. For example, Slack search answers will never surface any results that Slack’s regular search would not. Similarly, summaries will never contain content that you could not otherwise see while reading channels or direct messages (DMs).

How does Slack AI protect the security of our data?

Slack AI was built to uphold Slack’s security practices and compliance standards. Where possible, Slack AI messages are ephemeral – meaning, messages disappear and they aren’t stored on devices or servers. Where that’s not possible, we use Slack’s existing compliance infrastructure such as enterprise key management, data residency, and data loss prevention.

How long will Slack AI retain data?

Conversation summaries and search answers

Conversation summaries and search answers produce ephemeral AI responses (ex. responses will eventually disappear when you navigate away or close out the result), and that data is not stored on devices or servers.


Recap data is stored temporarily so that you can revisit past recap history. Recap data will be stored for up to 90 days. If messages used in the recap are deleted or tombstoned (ex. a record to show data was deleted) by any deletion or compliance policy, the stored recap will also be deleted.

How does Slack AI prevent misleading information (or AI “hallucinations”)?

Slack AI results include citations to the source message that informed the summary or search answer. Select a citation to jump to the original message and review it for more details or verification. Additionally, Slack AI LLM prompts follow best practices from our model provider to ensure accurate, consistent, and safe results.

Can I turn off Slack AI or limit access?

Yes, when you purchase Slack AI, it's turned on by default but admins and owners can manage access if they need to.

Want to learn more about Slack AI? Visit