Envoy
Welcome to the workplace platform that flexes with you. Envoy transforms modern workplaces to bring people together so they can connect, collaborate, and thrive.Envoy Visitors creates a warm welcome for guests while safeguarding people, property, and ideas. Envoy Protect helps employees coordinate on-site schedulesFor set-up instructions and configuration options, visit our Help Center guide (https://help.envoy.com/slack-integration/?utm_source=technology&utm_medium=comarketing&utm_campaign=slack&utm_content=ha).
Envoy will be able to view:
Envoy will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Envoy, Inc.
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Envoy customers have options when it comes to what sign-in data they retain from employees and visitors.
By default, Envoy stores visitors’ responses to your sign-in and purges employees’ responses to your Protect health check. Companies on Premium and Enterprise plans can choose to save or purge the responses to both their visitor sign-in and employee health check. Retention settings can also be managed on a question by question basis for additional flexibility.
When responses are purged, the responses will be sent to Envoy’s server to determine if that person is approved or denied entry. This occurs in sub-seconds and then the data is deleted and not saved to our database. We run periodic jobs to ensure all data, except for the screening result (approved or denied) is deleted within 24 hours on all of Envoy’s databases.
Any visitor and employee sign-in data that is saved to Envoy based on your retention settings can be purged upon explicit request. This includes, sign-in and sign-out time for each entry, all information provided in the sign-in fields, private notes, visitor photos, and signed documents. Envoy may retain data not related to sign-ins like account settings, user profiles, and location details, for up to 30 days after the termination of the contract.
For more detailed information about how Envoy handles visitor data, please refer to this article:
https://envoy.help/en/articles/3444479-about-visitor-data#:~:text=All%20of%20your%20visitor%20data%20is%20stored%20indefinitely%20while%20you,delete%20or%20destroy%20your%20data
Data archiving and removal policy
We only delete or purge data upon explicit request. Customer data is available for download as a CSV file through the dashboard or via our API. Data can be anonymized, which removes all personally identifiable information from your Visitor Log, upon request. Envoy may retain customer data for up to 30 days after the termination of the contract.
Data storage policy
When your iPad or mobile device is connected to a network, data syncs to Envoy automatically, and all records are stored in Envoy’s database. Backups are taken every day and stored off-site in either the AWS US-East-1 data center in Virginia, US-West-1 data center in California, or US-West-2 data center in Oregon. AWS oversees the physical security of these facilities and tightly controls who has access.
Data center location(s)
United States
Data hosting details
Cloud-hosted, see more information here -> https://envoy.com/security-details/
Data hosting company
AWS
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
yes
LLM model(s) used
Anthropic Claude Opus 4.7
LLM retention settings
Anthropic auto-deletes API inputs and outputs within 30 days. Exceptions: longer-retention services we control (e.g., Files API), or data flagged for Usage Policy violations (up to 2 years). Our data is not used for training.
LLM data tenancy policy
We access Claude via the Anthropic API under Anthropic's Commercial Terms. Anthropic acts as a data processor; our inputs and outputs are isolated to our organization and are not used for model training.
LLM data residency policy
Inference runs on [US-only / global] infrastructure per our workspace inference_geo setting. Data at rest is stored in the US (the only available workspace geo).
Certifications & compliance
SOC attestation
GDPR commitment
Data deletion request procedure
We only delete or purge data upon explicit request. Customer data is available for download as a CSV file through the dashboard or via our API. Data can be anonymized, which removes all personally identifiable information from your Visitor Log, upon request. Envoy may retain customer data for up to 30 days after the termination of the contract.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2020-02-04
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
bugbounty@envoy.com
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
yes
Bug bounty program URL
Requires third party authorization/connections
no
Uses token rotation
no