Privacy Policy
Last updated: January 2025
1. Introduction
HiChicken ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Slack application.
2. Information We Collect
We collect information that you provide directly to us when you use HiChicken:
- Slack Account Information: Your Slack user ID, username, display name, and workspace ID
- Usage Data: Chicken transactions (who gave to whom, when, and in what context)
- Workspace Data: Team name, member count, and workspace configuration settings
- Billing Information: Payment data processed securely through Stripe (we do not store your credit card information)
- Session Data: Authentication tokens and session identifiers for logged-in users
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the HiChicken service
- Track and display chicken recognition statistics and leaderboards
- Process reward redemptions
- Calculate subscription tiers based on workspace size
- Send notifications about chickens received and trial status
- Provide customer support
- Comply with legal obligations
4. Data Storage and Security
We implement appropriate technical and organizational measures to protect your personal information:
- All data is stored in secure PostgreSQL databases with encrypted connections
- Access tokens are stored securely and never logged or exposed
- We use industry-standard encryption for data transmission (HTTPS/SSL)
- Access to user data is restricted to authorized personnel only
- Sessions expire after 7 days for security
5. Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
- Within Your Workspace: Recognition statistics are visible to other members of your Slack workspace
- Service Providers: We use Stripe for payment processing and may use other service providers to help deliver our service
- Legal Requirements: We may disclose information if required by law or to protect our rights
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred
6. Data Retention
We retain your information for as long as your account is active or as needed to provide you services. You may request deletion of your data by contacting us or uninstalling the app from your Slack workspace.
7. Your Rights
You have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate data
- Request deletion of your data (subject to legal obligations)
- Object to processing of your personal information
- Export your data in a portable format
8. Slack Integration
HiChicken integrates with Slack and uses the Slack API to:
- Authenticate users via OAuth
- Read message reactions to detect chicken giving
- Send direct messages for notifications
- Post to designated channels for announcements
- Access user profiles and workspace information
We request only the minimum permissions necessary to provide our service. You can review our requested permissions during the installation process.
9. Cookies and Tracking
We use session cookies to maintain your authentication state when you log in to the HiChicken web dashboard. These cookies are essential for the service to function and expire after 7 days.
10. Children's Privacy
HiChicken is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children.
11. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this policy. Continued use of the service after changes constitutes acceptance of the updated policy.
13. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at henry@doe.coach.
14. GDPR Compliance (For European Users)
If you are located in the European Economic Area (EEA), you have additional rights under GDPR:
- Legal basis for processing: Consent and legitimate interests
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
- Right to data portability