Infrastructure & architecture
Minimal-footprint processing
Echo-Synch reads message content only from channels you explicitly add the bot to. Original IT request text is auto-scrubbed at each workspace's configured retention window (default 30 days). Triage metadata — labels, priorities, AI summaries, SLA timer events — is retained while the workspace is installed and hard-deleted within one hour of uninstall.
Encryption
All data is encrypted in transit via TLS 1.2+ (1.3 preferred) and at rest using AES-256. Slack bot tokens are encrypted with AWS KMS before being written to the database. Application secrets live in AWS SSM Parameter Store with at-rest encryption.
Cloud security
Hosted on AWS in eu-west-1 (Dublin, Ireland) using
serverless architecture (Lambda + Aurora Serverless v2 + SQS) for
strict isolation between requests. All processing and storage
happens in the EU.
Least privilege
We request the minimum Slack OAuth scopes needed to operate. Each scope has a justification documented at its call site in our codebase (see privacy for the list and rationale). Workspace admins can audit and revoke access at any time via Slack app management.
Compliance
- GDPR. Compliant by default for EU customers. Standard Contractual Clauses available via the DPA.
- CCPA. California residents have access, deletion, and non-discrimination rights — see privacy.
- EU–US Data Privacy Framework. All US-based subprocessors (LemonSqueezy, Resend, Sentry) self-certify under the EU–US DPF.
- SSL Labs. A+ rating for our API host. View live test →
- Data Processing Addendum. Auto-applies to every paid plan. Read the DPA →
Sub-processors
Echo-Synch uses the third-party processors below, each contractually bound to process your data only on our instructions. The complete list with locations and purposes is in Annex 1 of the DPA.
| Sub-processor | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Hosting & infrastructure | Ireland (eu-west-1) |
| Google (Vertex AI / Gemini) | Default AI provider | Belgium (EU) |
| Google Gemini under BYOM | Enterprise BYOM — runs in the Customer's own GCP project | Customer-selected region |
| LemonSqueezy | Payment processing & merchant of record | USA (DPF-certified) |
| Cloudflare | DNS, CDN, email routing | Global edge / EU primary |
| Resend | Transactional email | USA (DPF-certified) |
| Sentry | Error monitoring (PII attachment disabled) | USA (DPF-certified) |
We will provide reasonable prior notice (via this page and email to the installer) of any addition or replacement of sub-processors.
Bring Your Own Model (BYOM)
Complete data isolation
With BYOM, message content is sent directly to your own Google Cloud project — never to Echo-Synch's. Your AI credentials, your infrastructure, your control. Echo-Synch is not in the AI data path.
Data sovereignty
BYOM lets you control exactly where AI processing happens. Choose any GCP region your organisation has approved — your IT request content never leaves the regulatory boundary you define.
No model training
Whether you use our default Vertex AI provider or BYOM, your data is never used to train AI models. Processing is ephemeral and stateless. Vertex AI's default API contract explicitly excludes training use of customer prompts.
Operational practices
- Tenant isolation. Every database query is workspace-scoped. Data from different customer workspaces is logically separated and never mixed.
- Webhook security. Inbound webhooks (LemonSqueezy, Slack) are verified via HMAC-SHA256 with constant-time comparison.
- Backups. Aurora Postgres automated daily snapshots, 7-day retention. Restore procedure tested at least annually.
- Monitoring. Application errors flow to Sentry; platform metrics to CloudWatch (30-day retention). On-call alerts for queue depth, error rates, and Aurora capacity.
- Vulnerability management. Dependencies tracked via lockfile; security advisories monitored; critical patches applied within one week of disclosure.
Data residency
Primary infrastructure runs in AWS Ireland (eu-west-1),
Vertex AI runs in Google Cloud Belgium. Backups and snapshots remain
in Ireland. US-based subprocessors (LemonSqueezy, Resend, Sentry)
operate under the EU–US Data Privacy Framework with Standard
Contractual Clauses incorporated.
Questions about security?
Enterprise security questionnaires answered within 5 business days. Email security@echo-synch.com.