How data management features apply to canvas

Canvases are a secure way to collaborate and share information in Slack. Read on to learn more about how security and data management features apply when working in a canvas.

Note: Slack data exports (including exports that contain legally held canvases) currently include only the most recent version of a canvas. Primary Owners can contact our Support team to request an export of their canvas version history, if needed.

Data retention, editing and deletion

When setting a canvas-specific retention policy, it will apply to all canvases (including channel canvases). The available retention policies will depend on your subscription.

The following data will be retained for a canvas until the canvas is deleted, either manually or by your retention policy:

  • Canvas content
  • Version history
  • Comment threads

Note: If your retention policy is set to retain canvases for a set number of days, this retention period will be reset each time someone edits it.

 

Export tools

On the Business+ and Enterprise Grid subscriptions, Workspace owners and org owners can apply to export data from all public channels, private channels and direct messages (DMs). When you export your workspace data, the current version of the canvas will be included in HTML format. Here's what to expect in an export that includes a canvas:

  • The current text-based content of the canvas
  • Date of the export
  • Anchored comments
    If the canvas includes any comments, your export will include a reference to the appropriate file conversation message that contains the text of the comment.
  • Embedded files
    If a file has been embedded in the canvas, your export will include a reference to the appropriate channel message that contains the download URL. 

Tip: Learn more about how to read Slack data exports.

 

Discovery API and Audit Logs API

On the Enterprise Grid subscription, Org Owners can use eDiscovery and Data Loss Prevention (DLP) apps to review and regulate content in canvases. The existing Discovery API endpoints can be used to download and scan canvases, and to perform operations such as tombstoning or deleting content.

Discovery API

Available operations:

  • Find when a canvas has been edited
  • Fetch the direct link to a canvas
  • Retrieve comments on a canvas
  • Tombstone and restore a canvas shared in a message
  • Delete a canvas using the API

Audit logs API

The following audit log events are captured for canvases:

  • Canvas created
  • Canvas edited
  • Canvas deleted
  • Canvas tombstoned
  • Canvas restored
  • Canvas opened
  • Canvas shared
  • Canvas unshared
  • Canvas access granted
  • Canvas access revoked
  • Canvas access upgraded
  • Canvas access downgraded
  • Canvas downloaded
  • Link sharing enabled
  • Link sharing disabled

 

Enterprise Key Management

Enterprise Key Management (EKM) allows customers to bring their own encryption keys to control their data. Canvases will use the same key process for encryption as Slack messages and files, so if you've already configured EKM for your organisation, you won't need any additional configuration for canvases.

  • Key rotation
    When an encryption key is rotated, canvas data will be re-encrypted with the new key.
  • Key revocation
    Access to canvases can be revoked using the same process as file revocation.

 

Data residency

Data residency for Slack allows you to choose the region where certain types of data are stored. Data from canvases that you create after configuring data residency will be stored in your selected region. The data from any canvases that you created prior to enabling data residency will remain stored in the US.

 

Legal holds

In an Enterprise Grid organisation, anyone with the Legal Holds Admin system role can place a legal hold on specific members to preserve their messages and files in Slack.

A channel or DM canvas

A canvas on its own

A channel or direct message (DM) canvas is subject to legal hold if it's in a conversation where a custodian is or was a member. There is no requirement that any activity occur within the channel or the canvas during the hold’s active period.
To be subject to a legal hold, a canvas must meet these requirements:
  • Be associated with one of the hold’s custodians.
  • Have been active during the hold period.

Associated with the custodian
The following conditions determine whether a canvas is associated with the custodian:

  • Created by the custodian before the end of the hold period.
  • Shared to a held channel before the end of the hold period.
  • Edited by the custodian before the end of the hold period.

The following are not considered when determining whether the canvas is associated with a custodian:

  • The canvas was viewed by the custodian.
  • The custodian is in the canvas’s file conversation.
  • The custodian has starred/saved the canvas.

Active during the hold period
For a canvas to be considered active during the hold period, it must:

  • Have been created during the hold period.
  • Have been deleted during the hold period.
  • Have been shared to a held channel during the hold period.
  • Had its contents edited, by anyone, during the hold period.
  • Had a comment created, edited or deleted, by anyone, during the hold period.

 

Note: Reading a canvas during a hold period does not constitute the canvas being ‘active during the hold period’.