Privacy Policy | Cogniflock | Slack Collaboration Analytics

1. Information We Collect

1.1 Slack Workspace Data

When you connect your Slack workspace to Cogniflock, we collect and process the following types of data:

Message Content

Text content of messages in channels where our bot is invited for sentiment, clarity, tone, and topic analysis.

User Information

User IDs, display names, real names, and profile information for network analysis and engagement metrics.

Channel Metadata

Channel names, privacy settings, member lists, topics, and creation dates for organizational analysis.

Interaction Data

Message timestamps, reactions, replies, thread participation for engagement and activity analysis.

1.2 Account and Organization Data

Organization details and settings
User account information and access permissions
Billing and subscription information
Integration settings and preferences

1.3 Analytics and Usage Data

How you interact with our dashboard and features
Feature usage patterns and preferences
Performance metrics and error logs
Browser information and IP addresses

2. How We Use Your Information

2.1 Core Analytics Services

We process your Slack data to provide our core analytics features:

Sentiment Analysis: AI analysis of message emotional tone and team morale trends
Engagement Metrics: Calculation of participation rates, activity levels, and interaction patterns
Clarity Assessment: Evaluation of message clarity, complexity, and communication effectiveness
Tone Analysis: Assessment of formality, collaboration, urgency, and positivity in communications
Network Analysis: Mapping team collaboration patterns, identifying influencers and bottlenecks
Topic Clustering: Automatic categorization of discussions into business-relevant topics

2.2 Insights and Recommendations

We generate actionable insights and recommendations to help improve team communication, including:

Identification of communication bottlenecks and silos
Suggestions for improving message clarity and engagement
Trend analysis and early warning indicators
Best practice recommendations based on high-performing teams

2.3 Service Operation and Improvement

Providing customer support and technical assistance
Improving our AI models and analytics accuracy
Developing new features and capabilities
Ensuring platform security and performance

3. Data Processing and AI Analysis

3.1 OpenAI API Integration

We use OpenAI's API (GPT-3.5-turbo and GPT-4-turbo models) to analyze your communication data for sentiment, tone, clarity, and topic classification. Important details about this third-party processing:

Your message data is sent to OpenAI's servers via their API for analysis
OpenAI processes this data according to their API Data Usage Policies
As of OpenAI's current policy, API data is not used to train their models
OpenAI does not retain your data beyond the API request processing
Data transmission to OpenAI is encrypted via HTTPS
We have no control over OpenAI's data processing - you should review OpenAI's privacy policy

3.2 Our Own Analytics Processing

We perform certain analytics using our own algorithms without involving third-party AI services:

Network Analysis: Calculated using our proprietary algorithms for centrality metrics, bottleneck detection, and network density
Engagement Metrics: Computed from message frequency, response patterns, and participation data
Activity Patterns: Analyzed using time-based calculations and statistical methods

3.3 What We Store vs. What We Process

Important: We store analytics results and insights, but not your complete message content or conversations. Our word frequency analysis retains commonly used words or phrases from your messages, but we employ privacy filters to exclude sensitive information. Your full Slack messages are processed temporarily for analysis but never stored in our systems.

Data We Store Permanently:

Analytics Results: Aggregated metrics, sentiment scores, engagement statistics, and trend data
Network Analysis: Communication patterns, influence metrics, and collaboration insights
Activity Metrics: Number of messages, reactions, and contributors per channel/time period
Filtered Word Frequency Data: Most commonly used words and phrases for sentiment analysis, with sensitive information automatically filtered out (may include fragments of non-sensitive message content)
User Metadata: User IDs, display names, and role information (for dashboard access)
Channel Metadata: Channel names, member counts, and activity statistics
Account Information: Organization settings, billing data, and subscription details

Data We Process but Don't Store:

Complete Message Content: Sent to OpenAI API for analysis, then immediately discarded
Individual Conversations: Full message threads and personal communications are not retained
User Context: Messages are not linked to specific users in our stored word frequency data

Privacy Protection: Filtered Word Frequency Data

Our word frequency analysis includes built-in privacy filters that automatically exclude:

Personal Information: Phone numbers, email addresses, social security numbers, and other personal identifiers
Financial Data: Credit card numbers, bank account information, and financial details
Sensitive Business Information: Common patterns that may indicate confidential business data
Custom Filter Lists: Additional terms and patterns that your organization can specify for exclusion

Enhanced Privacy: While our automated filters provide strong protection against common sensitive data types, we recommend avoiding repeated sharing of highly confidential information in channels where Cogniflock is active. Consider using private channels or direct messages for the most sensitive communications.

4. Data Security and Protection

4.1 Security Measures

HTTPS encryption for all data transmission
Secure cloud hosting infrastructure
Database encryption for stored analytics results
Role-based access controls for dashboard users
Regular security updates and monitoring
Secure API integration with third-party services

Note: We rely on our third-party service providers (OpenAI, cloud hosts, etc.) for their respective security measures. We cannot guarantee security beyond our direct control.

4.2 Third-Party Security Dependencies

OpenAI: Processes your data according to their security standards and API policies
Cloud Providers: We rely on reputable cloud hosting services for infrastructure security
Database Services: MongoDB Atlas provides enterprise-grade database security
Slack: Data collection occurs through Slack's secure API infrastructure

5. Data Sharing and Third Parties

5.1 No Data Selling

We never sell, rent, or trade your data to third parties for marketing or advertising purposes.

5.2 Third-Party Service Providers

We share your data with the following third-party services to operate our platform:

OpenAI (Required): Your message content is sent to OpenAI's API for sentiment, tone, clarity, and topic analysis. This is essential for our core functionality.
Cloud Hosting Providers: For secure data storage and application hosting
MongoDB Atlas: For database hosting and management
Email Services: For sending notifications and support communications

Important: By using Cogniflock, you consent to your message data being processed by OpenAI's API. If you're not comfortable with this, please do not use our service.

5.3 Legal Requirements

We may disclose data if required by law, court order, or to protect our rights, safety, or the safety of others.

6. Your Rights and Controls

6.1 Access and Control

Channel Control: You control which channels our bot can access
Data Export: Download your analytics data and reports
Account Settings: Manage privacy preferences and data retention
User Anonymization: Option to anonymize individual user names in reports

6.2 Data Subject Rights (GDPR/CCPA)

Right to Access: Request copies of your personal data
Right to Rectification: Correct inaccurate personal data
Right to Erasure: Request deletion of your personal data
Right to Portability: Receive your data in a machine-readable format
Right to Object: Object to certain processing activities

7. Data Retention and Deletion

7.1 Retention Periods

Active Subscriptions: Data retained for service operation
Cancelled Accounts: Data deleted within 90 days unless legally required to retain
Analytics Results: Retained for historical analysis unless deletion requested
Backup Data: Automatically purged according to backup retention schedule

7.2 Data Deletion Process

Upon account cancellation or deletion request:

Immediate cessation of data collection from Slack
Removal of personal identifiers from analytics data
Deletion of message content and metadata within 30 days
Purging of backup systems within 90 days

8. International Data Transfers

Your data may be processed in countries other than your own. We ensure adequate protection through:

Standard Contractual Clauses (SCCs) with service providers
Adequacy decisions where applicable
Additional safeguards for sensitive data transfers

9. Children's Privacy

Cogniflock is designed for business use and is not intended for individuals under 18. We do not knowingly collect personal information from children under 18.

10. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will:

Notify you of material changes via email or platform notification
Provide 30 days notice before changes take effect
Maintain previous versions for your reference
Update the "Last updated" date at the top of this policy

11. Contact Information

Privacy Questions or Concerns

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: contact@cogniflock.com

EU Representative (GDPR)

For EU data protection matters: contact@cogniflock.com

Response Time

We aim to respond to privacy inquiries within 5 business days and fulfill data subject requests within 30 days as required by applicable law.