Privacy Policy

Effective date: July 7, 2026

This policy describes what data Workspace Historian ("the app", "we") collects from your Slack workspace, how it is used, how long it is kept, and how you can access or delete it. It applies to the Workspace Historian Slack app and to this website. The short version: we are built around zero-copy data handling — your raw Slack messages are never stored.

What data we collect

We store only the minimum needed to run the decision knowledge base:

  • Decision-entry metadata: the AI-generated title, summary, and reasoning of each decision entry; the channel ID of the source conversation; the timestamp of the source message; a permalink to the original thread; participant user IDs; tags; entry timestamps (when the entry was created and reviewed); and its review status (whether it is awaiting curator review or published).
  • OAuth installation credentials: the tokens required to call the Slack API for your workspace, stored encrypted at rest by our hosting provider.
  • Channel monitoring state: the last-processed message timestamp for each channel the bot has been invited to, so it can resume where it left off.

This website itself sets no cookies and contains no analytics or trackers.

What we do NOT collect

  • Raw message content. Messages are pulled in real time via the Slack API, processed in memory to detect decisions, and immediately discarded. They are never written to storage.
  • Files and message attachments. These are never collected or stored.
  • Profile data. We store no profile information beyond user IDs. Display names are looked up live when an entry is rendered and are not stored.
  • Private conversations. The app reads only public channels it has been explicitly invited to. It cannot see private channels, group direct messages, or direct messages between other people; the only DMs it can read are the ones members send to the app itself.

How data is used

  • Message content (transient) is sent, in excerpt form, to the AI model to identify decisions, generate each entry's title, summary, and reasoning, and answer members' questions. It is processed for inference only and discarded.
  • Decision-entry metadata is used to show proposed entries to curators, to display published entries in the app's Home tab, and to answer questions asked through Slack's AI agent panel or the /historian command.
  • OAuth credentials are used solely to call the Slack API on behalf of your workspace.
  • Channel monitoring state is used to avoid re-reading messages the app has already processed.

Your data is never used for advertising, never sold, and never used to train any AI model.

Data retention

  • Decision-entry metadata is retained until your workspace uninstalls the app or a curator deletes the entry.
  • When the app is uninstalled, all stored data for your workspace — decision entries, OAuth credentials, and monitoring state — is deleted within 30 days.
  • Raw message content exists only in memory while it is being processed and is discarded immediately afterward; there is nothing to retain.

How to access, export, or delete your data

Workspace members and admins can request a copy, an export, a correction, or the deletion of the decision metadata stored for their workspace by emailing sibivelc@gmail.com. We honor these requests within 30 days. We may need to verify that a request comes from a member or admin of the workspace concerned before acting on it.

Curators can also delete any individual decision entry directly within the app at any time.

If you are in a jurisdiction covered by the GDPR, you have the right to access, rectify, erase, restrict, object to the processing of, and receive a portable copy of your personal data. If you are a California resident, the CCPA gives you the right to know what personal information we hold, to request its deletion, and to opt out of its sale — we do not sell personal information — and we will never discriminate against you for exercising these rights. To exercise any of these rights, email sibivelc@gmail.com.

AI/LLM processing disclosure

  • Model provider: Groq — GPT OSS 20B/120B, accessed via the Groq API.
  • What is sent: prompts contain excerpts of Slack messages transiently, for inference only — to detect decisions, generate entry summaries, and answer questions. Excerpts are not retained by the app.
  • Training: your Slack data is never used to train any model, by us or on our behalf. The Groq API does not train on API inputs or outputs by default.

Please note: Workspace Historian uses AI to generate summaries and answers. AI-generated content can be inaccurate or incomplete — always verify against the linked original conversation before relying on it.

Data sharing

We do not sell your data, and we do not share it with third parties for marketing or for their own purposes. We use two sub-processors to operate the service: Groq (transient AI inference) and Fly.io (hosting infrastructure and encrypted-at-rest storage). Neither is authorized to use your data for their own purposes or to train models on it. We would disclose data only if legally required to do so.

Security

  • All data in transit is protected with TLS 1.2 or higher.
  • OAuth tokens are stored encrypted at rest.
  • The app requests least-privilege OAuth scopes and reads only channels it has been explicitly invited to.
  • The app runs as a single-tenant instance, hosted in the United States by default (data residency depends on the deployment region).

Changes to this policy

If this policy changes, we will post the updated version on this page and revise the effective date above. Material changes will be noted prominently here. Continued use of the app after a change takes effect constitutes acceptance of the updated policy.

Contact

For privacy questions or data requests, email sibivelc@gmail.com. For general help, see the support page.