This Data Processing Addendum ("DPA") forms part of the Terms of Service ("Agreement") between Echo-Synch ("we", "us", "Processor") and the customer organisation ("you", "Customer", "Controller") that has installed Echo-Synch into its Slack workspace. Where this DPA conflicts with the Agreement on matters of personal data processing, this DPA controls.
1. Context & architecture
Echo-Synch operates as a minimal-footprint processor inside your Slack environment. We do not ingest your full Slack history; we process only the messages posted in channels that you explicitly add Echo-Synch to.
- Triaged-thread retention. When an IT request arrives in a monitored channel, we store its Slack channel ID, message timestamp, poster Slack User ID, AI-generated summary, label, and priority. Original message text is auto-scrubbed after each workspace's configured retention window (default 30 days; configurable).
- Metadata retention. Channel IDs, message timestamps, label assignments, SLA timer events, audit logs.
- Hosting. EU only — AWS
eu-west-1(Dublin, Ireland). - Uninstall. All workspace records are hard-deleted within one hour of uninstall.
2. Definitions
- "GDPR" means Regulation (EU) 2016/679 (General Data Protection Regulation).
- "CCPA" means the California Consumer Privacy Act of 2018, as amended.
- "Personal Data" has the meaning given in the GDPR.
- "Processing" has the meaning given in the GDPR.
- "Sub-processor" means any third-party data processor engaged by Echo-Synch to process Personal Data on its behalf.
- "Standard Contractual Clauses" or "SCCs" means the EU Commission's standard contractual clauses for the transfer of Personal Data to third countries (Decision 2021/914).
3. Scope and details of processing
- Subject matter: provision of the Echo-Synch Slack bot and dashboard for IT request triage, AI-categorisation, SLA tracking, and assignee management.
- Duration: the term of the Agreement plus the deletion period set out in §6.
- Nature and purpose: automated analysis of IT request messages to produce structured triage decisions (label, priority, summary), tracking of per-priority SLA windows, and notification of assignees and admins.
- Categories of Personal Data:
- Slack profile data: Slack User IDs, display names, real names, emails (where exposed via
users:read.email), avatars, timezones. - Communication data: message content from monitored channels, retained as the original IT request text until the workspace's retention window elapses; AI-generated summary retained while the workspace is installed.
- Metadata: Slack channel IDs, message timestamps, thread IDs, label assignments, SLA timer events, audit logs.
- Subscription metadata: LemonSqueezy subscription ID, plan, seat count, period start/end. Card details are NOT held by us.
- Slack profile data: Slack User IDs, display names, real names, emails (where exposed via
- Data subjects: users within the Controller's Slack workspace (employees, contractors, or other authorised members of the Slack team).
4. Processor obligations
- Instructions. Echo-Synch processes Personal Data only on documented instructions from the Controller, including the instructions inherent in the Agreement and this DPA.
- Confidentiality. Echo-Synch ensures that all personnel with access to Personal Data are bound by appropriate confidentiality obligations.
- Security. Echo-Synch maintains the technical and organisational measures set out in Annex 2.
- Sub-processors. Echo-Synch uses the sub-processors listed in Annex 1. We will provide reasonable prior notice (via email and update of this page) of any addition or replacement of sub-processors. The Controller may object to such changes within 14 days; if the objection cannot be reasonably resolved, the Controller may terminate the Agreement without penalty.
- Data subject rights. Echo-Synch will assist the Controller, by appropriate technical and organisational measures and to the extent possible, in fulfilling its obligation to respond to requests from data subjects.
- Breach notification. Echo-Synch will notify the Controller without undue delay (and in any event within 72 hours) after becoming aware of a Personal Data Breach affecting the Controller's data.
- Audit. Echo-Synch will, at the Controller's reasonable written request and on no less than 30 days' notice, provide information necessary to demonstrate compliance with this DPA.
5. International data transfers
Primary processing happens in the EU. Where transfers to non-adequate third countries occur (currently: LemonSqueezy and Sentry, both US-based; and any BYOM provider the Controller chooses outside the EEA), such transfers are governed by the EU Standard Contractual Clauses 2021/914 incorporated into the relevant subprocessor agreements. Both LemonSqueezy and Sentry self-certify under the EU–US Data Privacy Framework.
6. Deletion or return of data
On uninstall of the Slack bot, or on termination of the Agreement, Echo-Synch will delete all Personal Data within one hour, with the following exceptions retained only for the period and on the legal basis stated:
- Subscription and invoicing records — retained for the period required by Italian and EU tax law (typically 7 years).
- Aggregated, anonymised usage statistics — retained without time limit; cannot be traced back to a workspace.
Within the one-hour purge window, Personal Data may persist briefly in caches and replicated database snapshots that age out within 7 days. The Controller may request expedited deletion in writing; we will execute it on a best-effort basis but cannot guarantee sub-minute removal from cloud-provider backup systems.
Annex 1 — Authorised sub-processors
The following sub-processors are authorised under this DPA. The list is current as of the Effective date above.
| Sub-processor | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Cloud infrastructure: Lambda, Aurora Postgres, SQS, KMS, Secrets Manager, EventBridge | Ireland (eu-west-1) |
| Google (Vertex AI / Gemini) | Default AI provider for triage and summaries | Belgium (EU) |
| Google (Vertex AI / Gemini) under BYOM | AI provider when Enterprise customer configures Bring Your Own Model — runs in the Customer's own GCP project | Customer-selected region |
| LemonSqueezy (Lemon Squeezy LLC) | Merchant of record — payments, invoicing, subscription management | USA (DPF-certified) |
| Cloudflare | DNS, CDN, and email routing for echo-synch.com | Global edge; primary EU data centres |
| Resend | Transactional email (e.g. billing notifications, security alerts) | USA (DPF-certified) |
| Sentry | Application error monitoring; PII attachment is disabled by configuration | USA (DPF-certified) |
Note. When an Enterprise customer configures Bring Your Own Model with their own Google Gemini API key, message content is processed via the Customer's own GCP project and is not routed through Echo-Synch's default Vertex AI infrastructure.
Annex 2 — Security measures
- Encryption. TLS 1.2+ in transit (1.3 preferred); AES-256 at rest via AWS KMS for Slack tokens and database backups.
- Access control. Least-privilege IAM. Multi-factor authentication required for all internal access to production infrastructure.
- Tenant isolation. Every database query is workspace-scoped. Data from different Customer workspaces is logically separated and never mixed.
- Operational security. Secrets stored in AWS SSM Parameter Store with at-rest encryption; webhook signatures verified via HMAC-SHA256; rate limiting at the API gateway.
- Monitoring. Application errors flow to Sentry (PII disabled); platform metrics flow to CloudWatch with 30-day retention.
- Backup and disaster recovery. Aurora Postgres takes automated daily snapshots with 7-day retention. Restore-from-snapshot procedure tested at least annually.
- Vendor security. Sub-processors are selected to provide at least equivalent technical and organisational measures and are bound by contract to Article 28 GDPR obligations.
Contact
For DPA-related matters, including audit requests and breach notifications: legal@echo-synch.com.