Last Updated: May 22, 2026
This Data Processing Addendum ("DPA") forms part of the Terms of Service between CheckinPigeon ("Processor") and the customer ("Controller") and governs the processing of personal data by CheckinPigeon on behalf of the customer.
Definitions
"Personal Data", "Processing", "Controller", and "Processor" have the meanings given in applicable data protection laws including the GDPR.
Scope and Purpose
CheckinPigeon processes personal data solely to provide the Service as described in the Terms of Service and as instructed by the Controller. CheckinPigeon will not process personal data for any other purpose.
Data Processed
Categories of data subjects: Workspace administrators and members who use the Service.
Categories of personal data: Names, email addresses, Slack user identifiers, Slack workspace and channel metadata, standup and poll questions and responses, uploaded standup attachment contents and metadata, mood and sentiment values, blocker records, AI-derived summaries, reminders, answers and report metadata, billing and metered-usage metadata, support chat messages, and optional Google Sheets sync data where those features are used.
Subprocessors
CheckinPigeon uses third-party subprocessors as listed at checkinpigeon.com/subprocessors. CheckinPigeon will notify Controllers of any changes to subprocessors with reasonable notice.
Security
CheckinPigeon implements appropriate technical and organizational measures to protect personal data including encrypted connections, access controls, application-level encryption for sensitive credentials, and regular backups hosted in the European Union.
Data Retention and Deletion
CheckinPigeon retains personal data only as long as necessary to provide the Service. Slack workspace data, including cached attachments, will be deleted within 14 business days after verified workspace deletion request except where retention is required by law. Other verified deletion requests are processed within 30 days unless a shorter platform-specific requirement applies.
Data Subject Rights
CheckinPigeon will assist the Controller in responding to data subject requests as described in the Privacy Policy at checkinpigeon.com/privacy.
Data Transfers
Personal data is primarily processed in the European Union. Where subprocessors process data outside the EU, CheckinPigeon relies on those subprocessors' own transfer safeguards and compliance measures.
Breach Notification
CheckinPigeon will notify the Controller of any personal data breach affecting Controller data without undue delay and within 72 hours where feasible.
Contact
For DPA-related questions contact: support@checkinpigeon.com
This DPA is incorporated into and subject to the CheckinPigeon Terms of Service at checkinpigeon.com/terms.