Canopact
Canopact turns your Slack workspace into a powerful channel for internal communications :muscle:With Canopact’s internal communications app, you can get started for free in just a few minutes and do the following: :art: Customize visually engaging, interactive Slack posts, with the ability to embed longer form content or links within a call to action. Create internal newsletters and other announcements which stand out in a busy workspace. :eyeglasses: Provide relevant stakeholders with visibility over upcoming internal comms through a shared schedule in Slack. :envelope_with_arrow: Schedule a Slack post on behalf of a colleague (e.g., CEO), so that the post is sent from their account at the specified time, pending their approval.:bar_chart: Analyze meaningful employee engagement data on Slack, such as unique clicks and average reading time. :label: Tag your internal comms by their topic, campaign and more. Use tags to segment analytics and help understand what your employees care most about. For free internal communications templates, insights and resources, check out Canopact’s Blog! :writing_hand:
Permissions
Canopact will be able to view:
Canopact will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Canopy Impact Limited
Company headquarters location
United Kingdom
Terms of service
Privacy & data governance
Data retention policy
Canopact retains Customer Data only where necessary to provide its services and only for as long as a customer is an existing Canopact user. We securely retain basic data, including Slack usernames, Slack profile images, email addresses and Slack workspace names for existing users. We only retain message data when a post is scheduled to be sent via Canopact’s app. Once posted, Canopact doesn’t retain the message data. We only retain the title/ heading and date/ time of the post for the customer’s benefit to track analytics.
Data archiving and removal policy
When a workspace administrator deletes the Canopact app, all Customer data obtained from the customer’s Slack workspace is deleted in accordance with the applicable laws (e.g., UK-GDPR, EU-GDPR). When data is deleted by Canopact, it is permanently deleted (as opposed to soft deleted). Canopact would only retain Customer Data for previous customers where we are legally required to do so.
Data storage policy
Canopact uses Render, which is a secure hosting platform for our servers (servers located in Germany). Render uses the Advanced Encryption Standard (AES) provided by Amazon RDS for PostgreSQL to encrypt data at rest and during transfer, using 256-bit encryption. Render provides fully managed TLS certificates and redirects all HTTP requests to HTTPS so that users’ security is never compromised. Canopact’s servers support TLS v1.2 and above, providing secure communications over our network. Render also backs up Canopact’s PostgreSQL databases on a daily basis to prevent data loss, retaining all backups for at least 7 days.
Data center location(s)
Germany
Data hosting details
Refer to Data Storage policy above. For list of sub-processors, refer to the table at the end of the Privacy & Security Policy.
Data hosting company
Render
App/service has sub-processors
yes
Guidelines for sub-processors
Certifications & compliance
Privacy Shield notice
GDPR commitment
Data deletion request procedure
When a workspace administrator deletes the Canopact app, all Customer data obtained from the customer’s Slack workspace is deleted in accordance with the applicable laws (e.g., UK-GDPR, EU-GDPR). When data is deleted by Canopact, it is permanently deleted (as opposed to soft deleted). Canopact would only retain Customer Data for previous customers where we are legally required to do so. Canopact users can also request for their data to be deleted by us by emailing info@canopact.com
More information can be found in section 10 of our privacy policy: https://www.canopact.com/#privacypolicy
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Supports Single Sign On (SSO) with the following providers
We use Slack auth as our sole identity provider
Supports Security Assertion Markup Language (SAML)
no
Has a dedicated security team
no
Contact for security issues
info@canopact.com
Has a vulnerability disclosure program
no
Has a bug bounty program
no
Requires third party authorization/connections
no
Uses token rotation
no