Last Updated: October 13, 2017
When you use Meeting Bot in Slack, our connection to Slack's servers are encrypted using one of the following:
When you visit or interact with the Meeting Bot website (e.g. through links that we provide you in Slack), your connection is encrypted using HTTPS over Transport Layer Security (TLS). Our website does not operate in a non-encrypted HTTP mode.
Data that we deem to be sensitive, which includes, but is not limited to, OAuth2 refresh tokens from Google and passwords to Microsoft Exchange Calendar servers, are encrypted at rest using the Fernet Library Standard which employs industry leading security standards:
We use Amazon's Web Services (AWS) to host our Service and store data we collect from you. The servers are firewalled and access is restricted to SSH keys only.
We put considerable efforts into keeping all our software and libraries up-to-date to their latest versions with security patches applied as needed. That said, we cannot guarantee that every single piece of software or library that we use is up-to-date at any given point in time.
When you install Meeting Bot on your Slack team, we may collect the following data from anyone engaging with the bot:
We do not collect or store conversation data or attachments from Slack channels that the bot is not invited to.
In order to provide our Service we may ask you to grant us access your calendar provider (e.g. Google or Exchange server). Meta data such as access tokens or credentials you directly provide to us may be stored on our servers. See the above sections on 'How your data is encrypted ...' to learn about how we keep this safe.
We may query and retrieve data from your calendar provider and store it (or temporarily cache it) on our servers. New data that we send to your calendar provider on your behalf may also be stored or temporarily cached on our servers.
In addition to the data that we collect from you mentioned above, meta data such as time of interaction or type of interaction, may be collected, stored and analyzed. We also collect data from your browser when you visit our website using Google Analytics.
We collect your data for the primary purpose of providing our service. We do not sell your data.
Data we collect from you is stored with our production server hosting provider (AWS) and secured as described in the section above on 'Security of our servers'.
Third Party NLP Service
The data we collect from you and store on our servers may be backed up periodically. Backups are stored with our production server hosting provider (AWS). We do not transfer or download copies of those backups outside AWS.