Data retention policy
ZoneBot is committed to safeguarding user data and ensuring privacy while delivering accurate time zone conversions in Slack. This data retention policy outlines how ZoneBot handles, stores, and deletes user data.
1. Types of Data Collected
ZoneBot collects the following data to provide its functionality:
User Time Zones: Detected automatically from user profiles or provided manually.
Message Timestamps: Used to calculate and display time zone conversions.
User and Channel Identifiers: Necessary to respond to user requests within Slack.
2. Data Retention Duration
User Time Zone Data: ZoneBot only retains time zone data during active conversations. Once the message has been processed and responded to, ZoneBot does not store any user time zone information.
Message and Interaction Data: ZoneBot does not store message content beyond the duration of the interaction. All messages and interactions are ephemeral and discarded after processing.
Audit Logs: Minimal metadata (e.g., API call logs) may be retained for up to 30 days for debugging and operational purposes.
Data archiving and removal policy
ZoneBot adheres to the following data deletion principles:
Ephemeral Data: Time zone and message data are automatically deleted after each interaction.
User Requests: Users can request deletion of any retained metadata by contacting support. ZoneBot will comply with data deletion requests within 30 days.
Routine Purges: Any retained metadata is automatically purged from our systems after 30 days.
Data storage policy
ZoneBot is committed to minimizing data storage while maintaining functionality and ensuring data security. This policy outlines how ZoneBot handles, stores, and protects user data in accordance with best practices.
1. Types of Data Stored
ZoneBot stores only the minimal amount of data required to function:
User Time Zone Information: Temporarily stored during the session for accurate time conversions.
User and Channel Identifiers: Stored only during the interaction to direct responses to the appropriate Slack users or channels.
Interaction Metadata: Metadata such as API request logs, which may include timestamps, user IDs, and other non-sensitive information, is temporarily stored for operational and debugging purposes.
2. Data Storage Location
Cloud Infrastructure: ZoneBot stores all data on secure cloud infrastructure, using servers compliant with industry-standard security protocols, such as AWS or Google Cloud.
Data Encryption: All stored data is encrypted at rest and in transit using advanced encryption techniques (AES-256 for stored data, TLS for data in transit).
3. Data Access
Access Restrictions: Only authorized personnel with strict access controls can access stored data for debugging and operational purposes.
Temporary Storage: Data is stored only as long as it is required to provide ZoneBot's functionality or for the purposes outlined in the retention policy. Sensitive data such as time zone information and message content is not stored persistently.
4. Data Backup and Recovery
No Long-term Storage: ZoneBot does not retain long-term backups of user time zone data or message content. Interaction metadata is retained for up to 30 days for troubleshooting and operational use, then automatically purged.
Disaster Recovery: Backup and disaster recovery plans are in place to ensure that the data ZoneBot needs to operate (i.e., metadata and logs) can be restored quickly in case of an outage, without storing sensitive user data.
5. Data Deletion
Ephemeral Data: ZoneBot does not store any data beyond the duration necessary for active interactions.
Automatic Deletion: All data that is temporarily stored (e.g., logs, metadata) is automatically deleted after 30 days.
User Requests: Users can request deletion of any data that may be stored, and ZoneBot will comply within 30 days.
6. Third-Party Data Sharing
No Third-Party Access: ZoneBot does not share or sell stored data to third parties. All data processing occurs solely for the purpose of delivering the service.
7. Security Measures
Encryption and Protection: All data is encrypted both at rest and in transit, with access controls to ensure only authorized personnel can access operational data.
Compliance: ZoneBot adheres to relevant data protection laws, including GDPR and CCPA, ensuring data is handled responsibly.
8. Policy Updates
ZoneBot reserves the right to update this storage policy as necessary to comply with legal or operational requirements. Users will be notified of significant changes.
App/service has sub-processors
no
App/service uses large language models (LLM)
no