Kandji
Kandji is the platform for centrally securing and managing Apple devices. Kandji saves IT teams countless hours of work with dozens of security controls organized into one-click compliance templates, pre-built automations, apps, and workflows. The Kandji integration for Slack allows you to easily configure alerts to be delivered into your Slack channels based on events configured within the Slack integration in your Kandji instance.
Permissions
Kandji will be able to view:
Kandji will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Kandji, Inc.
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Please note these terms do not supersede your organization's current agreement with Kandji, Inc.
Data is retained until such time that the agreement with the customer expires or is canceled; generally, data is removed after 30 days of termination or expiration of the Agreement. Full details can be found in section 9 of our DPA: https://www.kandji.io/data-processing-agreement
Upon termination or expiration of the Agreement or any renewal term thereof, Kandji will delete all Personal Data Processed under the Agreement that is in Kandji’s possession. In the case of any Personal Data not so deleted, Kandji will return, destroy, or render anonymous all such Personal Data in accordance with Your reasonable written Instructions submitted to Kandji within 30 days of termination or expiration of the Agreement, subject to the limitations described in the Agreement. The requirements of this Section 9 do not apply to the extent that Kandji is required by applicable law to retain some or all of Your Data, or to Your Data that is archived on back-up systems, which data Kandji shall securely isolate and protect from any further Processing and delete in accordance with Kandji’s deletion practices.
Data archiving and removal policy
Please note these terms do not supersede your organization's current agreement with Kandji, Inc.
Per section 9 of our DPA: https://www.kandji.io/data-processing-agreement
Upon termination or expiration of the Agreement or any renewal term thereof, Kandji will delete all Personal Data Processed under the Agreement that is in Kandji’s possession. In the case of any Personal Data not so deleted, Kandji will return, destroy, or render anonymous all such Personal Data in accordance with Your reasonable written Instructions submitted to Kandji within 30 days of termination or expiration of the Agreement, subject to the limitations described in the Agreement. The requirements of this Section 9 do not apply to the extent that Kandji is required by applicable law to retain some or all of Your Data, or to Your Data that is archived on back-up systems, which data Kandji shall securely isolate and protect from any further Processing and delete in accordance with Kandji’s deletion practices.
Data storage policy
Please note these terms do not supersede your organization's current agreement with Kandji, Inc.
Per section 7 of our MSA: https://www.kandji.io/legal/terms/
Kandji will maintain appropriate administrative, physical, and technical safeguards for protection of the security, confidentiality, and integrity of Your Data, as described in the Documentation. Those safeguards will include, but will not be limited to, measures designed to prevent unauthorized access to or disclosure of Your Data (other than by You, Your Affiliates, Users, and/or Authorized Persons). The terms of the data processing addendum available https://www.kandji.io/legal/data-processing-agreement (or other designated or replacement URL) (“DPA”) are hereby incorporated by reference. To the extent Personal Data (as defined in the DPA) from the European Economic Area (EEA), the United Kingdom, and Switzerland are processed by Kandji or its Affiliates as part of Your use of the Services, the Standard Contractual Clauses will apply, as further described in the DPA. For the purposes of the Standard Contractual Clauses, You and Your applicable Affiliates are each the data exporter, and Your acceptance of this Agreement, and an applicable Affiliate's execution of an Order Form, shall be treated as its execution of the Standard Contractual Clauses and Appendices. Upon Your request made within 30 days after the effective date of termination or expiration of this Agreement, Kandji will make Your Data available to You for export or download. After such 30-day period, Kandji will have no obligation to maintain or provide any of Your Data, and will thereafter delete or destroy all copies of Your Data in its systems or otherwise in its possession or control, unless legally prohibited.
Data center location(s)
United States, Germany
Data hosting company
AWS
App/service has sub-processors
no
Certifications & compliance
Data deletion request procedure
Please note these terms do not supersede your organization's current agreement with Kandji, Inc.
Per section 9 of our DPA: https://www.kandji.io/data-processing-agreement
Upon termination or expiration of the Agreement or any renewal term thereof, Kandji will delete all Personal Data Processed under the Agreement that is in Kandji’s possession. In the case of any Personal Data not so deleted, Kandji will return, destroy, or render anonymous all such Personal Data in accordance with Your reasonable written Instructions submitted to Kandji within 30 days of termination or expiration of the Agreement, subject to the limitations described in the Agreement. The requirements of this Section 9 do not apply to the extent that Kandji is required by applicable law to retain some or all of Your Data, or to Your Data that is archived on back-up systems, which data Kandji shall securely isolate and protect from any further Processing and delete in accordance with Kandji’s deletion practices.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2021-11-01
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
Any SAML based identity provider, Native Google, Native Azure.
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@kandji.io
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
no
Requires third party authorization/connections
yes
Third party services used by this app
Auth0
Uses token rotation
no