Privacy at Slack
You own and control the content within your Slack workspace
- Your data is your own, including messages, files, and other content submitted through Slack
- You can export, edit and delete your data
- You have control over where your data is stored
Ownership and retention that works for you and your team
- Transfer workspace ownership
- Set retention policies that work for you (paid plans only)
- Set custom time frames to keep messages and files
- Option to retain all versions of an edited or deleted message
We’re transparent, so you can have peace of mind
- Have confidence in how Slack uses personal information, as well as when and how we contact customers
- Find clear answers with resources to help you manage email subscriptions in our Help Center
- Easily manage your cookie preferences
Compliance with global privacy laws and regulations
- We support our customers’ needs through our tooling and contractual commitments
- Data protection is built in—by design and by default
- Data privacy features and data privacy enhancing technologies are embedded directly into the design of projects and services
Submit a privacy request
We’re here to help! Customers and users can exercise their rights to access or delete data, as well as make general privacy or security related inquiries.PRIVACY REQUEST FORM
Frequently asked questions
The Primary Owner has ultimate decision-making capabilities, and represents the Customer in administering the workspace. As with all enterprise software, Slack is a tool for business and employers are responsible for setting standards for behavior and are in the best position to enforce those standards. There are some Privacy related functions that can only be performed by the Primary Owner. For example, only the Workspace Primary Owner can transfer ownership of their workspace. If you’re not sure who the Primary Owner is, visit the About This Workspace page to find out.
The Workspace Settings page is where members can review info about workspaces they've joined. Here's what you'll find there:
- Your Workspace Owners and Admins and their contact info
- Your workspace's plan
- Message and file retention policies
- Available data export options
The Primary Owner of a workspace or org controls their workspace's data (we call this Customer Data). This includes all of the content submitted by members, along with member profile information. When members leave a workspace or org, they may have the right to request their profile information be deleted by the Primary Owner. As the data controller, the Primary Owner is responsible for determining whether profile information requires deletion. Primary Owners of a workspace or org can delete a member's profile information after the account is deactivated.
Depending on your workspace's settings, you may be able to remove your profile information and/or delete messages and files you've shared before your account is deactivated. Get in touch with a Workspace Owner or Admin if you have any questions about editing and deletion settings.
For any workspace, the default message and file retention setting is to keep everything for as long as the workspace exists. On paid plans, workspace owners can customize their retention policies. They can choose to set a custom time frame to keep messages and files, and they can also choose to retain all versions of an edited or deleted message.
Slack is committed to ensuring our infrastructure is secure, redundant, and reliable, while providing your team with tools to administer your environment. We are proud to meet industry standards when it comes to protecting your organization and we"ve outlined many of our security practices and certifications on our website.
Slack provides data encryption in transit and at rest. Read more about our approach to security.
When it comes to transferring data, we offer standard contractual clauses through our Data Processing Addendum (DPA). Our Data Processing Addendum supplements the Customer Terms of Service or any MSA and is available to all of our customers on free or paid plans.
While we do not rely on the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield for the transfer of personal data, we do self-certify to both programs. Additionally, our privacy practices comply with the Asia-Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules (“CBPR”) system and the Privacy Recognition for Processors (“PRP”). More information about the APEC framework can be found here.
You can read more in our blog post: A note to our customers on international data transfers.
We adhere to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and other applicable global regulations. Read up on Slack’s commitments and review our latest certifications on our Compliance Page.