Privacy Policy

Scope

Elasticfox and its affiliates (collectively, “Elasticfox,” “we”, “us”, or “our”) have created this Privacy Policy to describe how we collect, use, and disclose information. This Privacy Policy is applicable for you when you use our products, services or attend our events (as long as no other privacy policy is displayed). We refer to these as our "Services".

How we handle your data

We work continuously to ensure that your personal privacy is protected when you use our Services. Your personal data is processed in accordance with applicable legislation (the GDPR).

Compliance

Our technical solution is hosted within Amazon Web Services (AWS) and is covered by SOC2, ISO27001, ISO27017, ISO27018 and CSA. The complete list can be found here: https://aws.amazon.com/compliance/programs/

Information security

All data information is encrypted in transit and at rest using the most up to date secured ciphers and AES-256.

Amazon Web Services (AWS) has years of experience in designing, building and operating large-scale data centres. Physical access to these data centres is strictly controlled by professional security personnel. Authorized personnel must go through multiple authentication steps to gain access to these data centres. The design and precise location of these data centres constitute classified information to which, for security reasons, only selected members of the Amazon staff have access.

We never store any credit card information in our databases. All sensitive payment information is handled securely by our partner Paddle. All communication with our payment partner is encrypted in accordance with industry standards. Passwords are always saved one-way encrypted in our databases.

Our service with Slack

We provide a solution that works inside of Slack, which trusts the way Slack is managing the data for you as a customer to Slack.

The technical solution we provide does only access the data we need to provide the functionality we include to you as a customer of ours. In relation to Slack data we only process the data you give access to according to the security permissions that the bot requires. Data is primarily consumed from the Slack channels where you as a customer specifically invite the Bot.

Event data that we evaluate, but do not store, inside of channels: reactions (emojis), messages and threads, bot actions (e.g filtering). Data that we store is only related to the Tickets e.g we do not store all messages but only those related to a Ticket.

Personal data breaches

We are liable for processing your data as securely as possible by following the requirements set out in the GDPR.