Data Controller: Essential AI Solutions Ltd, 86-90 Paul Street, London, EC2A 4NE, United Kingdom
Contact: support@essentialai.uk
1. Data We Collect
Account details — organization name, admin name, email, password (stored only as a bcrypt hash).
Payment information — handled by Stripe; we never see or store your full card details.
Channel collaboration data — messages relayed between your Slack channel and your Cogent channel while the bridge is active. Channel passwords and the Org_ID are stored encrypted.
Slack installation data — workspace/team identifiers and OAuth tokens (encrypted at rest).
Usage and diagnostic data — operational logs needed to run and secure the service.
2. How We Use It
We process this data only to provide and maintain the service (contract performance), to secure it and prevent abuse, to comply with legal obligations, and to improve the service (legitimate interests). We do not sell your data, and we do not re-use the content you transmit for any purpose beyond delivering it between your Slack channel and your Cogent channel.
Account data — deleted within 30 days of account closure.
Billing records — retained ~7 years (tax/legal compliance).
Operational logs — short-lived (rotated).
On Slack app uninstall — the workspace's installation, mappings and tokens are purged (event-driven + an idempotent erasure backstop).
5. Security
Data is encrypted in transit (TLS 1.2+) and at rest (AES-256-GCM via AWS KMS envelope encryption) for tokens, channel secrets and the Org_ID. Access is restricted; webhooks are signature-verified; secrets are never logged.
6. Your GDPR Rights
You may request access, rectification, erasure, restriction, portability, and object to processing. We respond within one month. Contact support@essentialai.uk. You may also complain to the UK Information Commissioner's Office (ico.org.uk).