What is accessed
- Your personal name and email attributes are needed as part of signup and login authentication process
- We do no request other data from oauth channels
What data is stored
- Your name and email are stored are part of account creation process; Name, nickname and avatar can be modified within personal account
- License configuration requires you to supply name and contact details for the payee
- We do not store any payment details. All sensitive information required for billing is handled via © Stripe - at no stage are credit card details stored on, or even sent to, our servers. All credit card data is sent directly to Stripe’s secure servers. Invoices are available through Stripe's client portal
- Other data that you create and control as part of managing Consortium
- Audit of user access against a given consortium
- Audit of configuration changes
What we do with data
- Your name, nickname and email are stored on your account record; Data is encrypted at rest; You can modify name, nickname and avatar image link
- Our policy is to never share or sell data to any external party
Data Retention and Archival Policy for Neelix Core Data
- Your name, nickname, email, experiences commentary and meta data are stored for as a long as the account is maintained in the system. There is no automatic archival and there is no account deactivation policy related to lack of activity.
- User can close the account be "forgotten" as per Account cancellation policy (see below). Consortium related user identifiable information is either deleted or anonymised on account closure. Data related to payments already processed will be securely stored in order to comply with our tax, accounting, and financial reporting obligations. In all cases where we keep data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
- Stripe data retention policy provides information about billing and payments data stored on © Stripe. At no stage are credit card details stored on, or even sent to, Neelix servers.
Data Retention and Archival Policy for Integrated Channels
- This policy applies to Slack and Microsoft Teams integrations.
- When Neelix app is installed in a workspace, we store name, id, and bot token and associate the workspace with the user who added it. When channel list is refreshed, we store name, id and locale for any unrecognized channel and associate all relevant channels (new and existing) with the user who triggered the refresh. These values may be updated periodically but we do not retain any other workspace or channel data.
- If a channel is deleted, all data about the channel, including any Neelix default configuration settings and any associations with any users, are deleted. Likewise, if the app is uninstalled from a workspace, all workspace, configuration and user association data for the workspace are deleted along with the data for any channel in the workspace.
Encryption, Hosting and Geo Location of Data
- We do not run own physical infrastructure. Instead, we leverage the power and security of Google Cloud Platform
- Application and datastore are hosted in GCP - host region is us-central
- Data is encrypted at rest
- Internet communications are secure - https only
People and Access Policy
- User can access data only with specific Consortia as per permissions administered by the maintenance user(s) of each Consortium
- Only authenticated users can access functionality
Backups
Account cancellation
The process for managing subscription or closing the account is described
here.
Billing and Invoices Data Management
- We do not store any payment details. All sensitive information required for billing is handled via © Stripe - at no stage are credit card details stored on, or even sent to, our servers. All credit card data is sent directly to Stripe’s secure servers. Invoices are available through Stripe's client portal.
- Stripe data retention policy provides information about billing and payments data stored on © Stripe.
- If you are a maintenance user of a billing entity, then you will be able to access "Invoices | Stripe Customer Portal" link.
Vulnerability Management
- See Security Vulnerability Process
The right find out more about data usage & Correction of details
Contact Us
if you need more information of if you find errors that cannot be corrected via self-service, please