Nalvin
Nalvin is an AI-driven assistant designed to streamline product team workflows directly within Slack. By integrating with tools like GitHub, Jira, and Linear, Nalvin automates routine tasks such as drafting standups, answering product questions, delivering personalized updates, and collecting feedback. This allows teams to focus on collaboration and problem-solving rather than manual reporting. While designed to provide helpful insights and automate routine PM tasks, Nalvin may occasionally generate inaccurate or incomplete responses. Always review and verify AI-generated content before sharing with stakeholders or making business decisions. Users remain responsible for all product management decisions and communications.
Permissions
Nalvin will be able to view:
Nalvin will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Version Lens Sweden AB
Company headquarters location
Sweden
Terms of service
Privacy & data governance
Data retention policy
Nalvin retains Customer Data only as long as necessary to provide services and fulfill legal obligations. Data associated with inactive or deleted accounts is automatically purged after a defined retention period, typically 30 days unless contractual terms specify otherwise.
Data archiving and removal policy
Nalvin follows GDPR and CCPA guidelines in processing data deletion requests. Customer Data is securely deleted upon request or after the expiration of the retention period. Archived data, if any, is encrypted and retained only for legal or compliance reasons and is removed on a rolling basis.
Data storage policy
All Customer Data is stored securely using encryption-at-rest and in-transit. Data is logically separated per tenant and monitored to prevent unauthorized access. Backups are encrypted and tested regularly to ensure disaster recovery capability.
Data center location(s)
Netherlands
Data hosting details
Cloud hosted on AWS.
Data hosting company
AWS
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
yes
LLM model(s) used
OpenAI (4o, 4o-mini, o3, o4-mini), Antrophic through AWS Bedrock (Claude 3.7)
LLM retention settings
Nalvin’s LLM configuration does not retain Customer Data outside the scope of services delivered. No customer content is used to train models, ensuring compliance with GDPR, CCPA, and internal data governance standards.
LLM data tenancy policy
Nalvin’s Large Language Model (LLM) operates in a multi-tenant environment with strict logical separation. Each customer’s data is processed within shared infrastructure but is logically isolated through access controls, identifiers, and scoped API handli
LLM data residency policy
When using OpenAI models via API, customer data is processed in the United States on OpenAI’s infrastructure. This applies only to model inference, and no data is retained or used for training. All other data processed via Nalvin remains in the EU (NL).
Certifications & compliance
Data deletion request procedure
Nalvin is committed to ensuring users have control over their personal data. We fully comply with applicable data protection laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Here's how we handle data deletion requests:
1. How to Submit a Request
Users or administrators can submit a data deletion request via either of the following channels:
Email: dpo@versionlens.com or contact@nalvin.com
Requesters must provide:
Proof of identity or workspace ownership (e.g., Slack workspace ID or verified email).
Clear indication of the scope (e.g., full account deletion vs. partial data removal).
2. Verification & Authentication
To prevent unauthorized deletions:
We verify the request against workspace admin privileges or user credentials.
For team-wide deletion, requests must come from a verified workspace admin or billing owner.
3. Data Identification
Once verified, Nalvin:
Identifies all stored customer data associated with the request (e.g., Slack workspace ID, user ID, email).
Includes data across AWS (databases, logs, backups), PostHog (analytics), and any cached files.
4. Deletion Process
Primary deletion occurs immediately from active databases and file storage.
Backups are purged on a rolling basis (typically within 30 days).
Third-party processors (e.g., PostHog, AWS, OpenAI, Anthropic) are notified where required and data is deleted or access revoked.
5. Confirmation
The requester receives a confirmation once the deletion is completed.
Expected turnaround time: 7 business days for primary deletion, up to 30 days for backup cycles.
6. Exemptions & Legal Retention
Some data may be retained where required by law (e.g., invoices, compliance records) or for security (e.g., abuse prevention logs), but never for analytics or product improvement post-deletion request.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Supports Single Sign On (SSO) with the following providers
Google, Microsoft
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
no
Contact for security issues
contact@versionlens.com
Has a vulnerability disclosure program
no
Has a bug bounty program
no
Requires third party authorization/connections
yes
Third party services used by this app
Jira, Linear, Slack, Teams, GitHub, Meeting Transcript Tools (e..g Fireflies, Gong, Fathom), Support Platforms (Intercom, Zendesk, Puzzle), CRM Systems (Hubspot)
Uses token rotation
no