Privacy Policy

Last Updated: May 22, 2026

Introduction

CheckinPigeon ("we," "us," "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Slack application.

Consent

By installing the Slack app, connecting your Slack workspace, or using the Service, you acknowledge and agree to the collection and processing of information as described in this Privacy Policy.

Where we rely on your consent (for example, for certain communications), you may withdraw your consent at any time by contacting us. Withdrawal of consent does not affect the lawfulness of processing before withdrawal.

Information We Collect

Information from Slack

  • Workspace ID and name
  • User IDs, names, and email addresses (if available)
  • Bot installation details (scopes, and tokens needed to operate the Slack app)
  • Messages and responses you submit to standups and polls

Files Uploaded to Slack During Standups

If you upload files (for example, images, videos, or other attachments) as part of a standup response in Slack, we may download and store those files in our own secure cloud storage (Cloudflare R2 in the EU) so they can be displayed reliably in reports and dashboards.

  • We store the file contents and basic metadata (such as file name, type, size, and Slack file ID)
  • We do not make these files public; access is restricted to authorized users in the relevant Slack workspace
  • We may use temporary signed URLs to allow authorized viewing/downloading

Information You Provide

  • Standup questions and configurations
  • Poll questions and options
  • Response data to standups and polls
  • Account settings and preferences

Automatically Collected Information

  • Log files and diagnostic data (for example, IP address, request timestamps, and basic request metadata)
  • Limited website analytics (via Cloudflare Web Analytics) to understand page traffic and improve the site
  • Application error reports (via AppSignal) to diagnose and fix issues
  • Live chat data (via Crisp) when you contact us for support, including:
    • Your name and email (if provided)
    • Chat messages and conversation history
    • Pages you visit on our website (visible to support agents)
    • Device and browser information
    • IP address and approximate location

Payment Information

We use Polar (our payment processor) to handle payments. We do not store credit card numbers. Our payment provider collects billing information and payment details. Listed prices exclude applicable taxes, and applicable tax may be added at checkout based on your address/location. See Polar's Privacy Policy at https://polar.sh/legal/privacy

For usage-based Pro billing, we may send Polar metered usage events that identify the workspace customer and a participant identifier needed to count unique active participants during a billing period. These usage events are used for billing, invoice calculation, support, fraud prevention, and dispute resolution.

First-time Pro subscribers may request a full refund within 14 days of their first Pro purchase. This money-back guarantee is available only once per Slack workspace, organization, customer, billing email, or payment account. Refunds are not available for subscription renewals, repeated purchases, reactivations, abuse, excessive usage, or accounts that previously received a refund. We may retain limited billing records and provider reference identifiers where needed to evaluate refund eligibility, prevent abuse, provide support, resolve disputes, or comply with legal and accounting requirements.

AI Features and Third-Party Processing

AI-Powered Standup Insights

If you enable AI features, CheckinPigeon may process standup and poll content using artificial intelligence to generate optional insights for your team. These features include AI Blocker Detection, Weekly AI Summary, AI answers from standup history, Smart Reminder, and Sentiment / Mood Tracking.

How It Works:

  • Relevant standup questions, response text, poll context, schedule context, blocker context, mood context, and retrieved standup-history context may be sent to an AI provider when the related AI feature is enabled
  • We use OpenRouter as our AI service provider, and it may route requests to third-party model providers
  • The AI analyzes the text and returns blocker detection, concise Slack summary, standup-history answers, reminder wording, or mood-insight results depending on the feature you enabled
  • Results may be displayed in Slack channels, direct messages, dashboard views, or admin views depending on the feature and plan

Identity Minimization for AI Requests:

  • AI requests do not include direct Slack user IDs, Slack mentions, real names, display names, email addresses, or profile identifiers
  • When a summary, sentiment insight, or standup-history answer needs person attribution, CheckinPigeon may send opaque, report-scoped cryptographic mention placeholders such as CPMENTION_8F3D2A9C4B7E1D20 to the AI provider
  • These placeholders are generated with a dedicated HMAC secret and are scoped to the specific report, standup, and time period. They are not Slack IDs, names, emails, workspace IDs, or encoded user records
  • After the AI response returns, CheckinPigeon replaces valid placeholders locally with Slack mentions before posting the final message to Slack
  • Placeholder mappings are not stored in cache, Redis, database, logs, or AI report payloads. Invalid or unknown placeholders are removed or rendered as neutral teammate references

What Data May Be Sent:

  • Standup and poll question text
  • Standup response text or poll response context needed for the enabled AI feature
  • Standup schedule metadata needed to generate the right summary or reminder
  • Date range, requested filters, and retrieved standup-history context needed to answer a workspace query
  • Mood and blocker context where those features are enabled
  • Opaque mention placeholders when person attribution is needed, but not direct personal identifiers

Raw standup and poll response text is stored in CheckinPigeon's first-party response tables under the normal workspace retention rules described in this Privacy Policy. AI report payloads are minimized and do not duplicate raw AI prompts, raw response facts, placeholder mappings, Slack IDs, names, email addresses, or placeholders.

AI Summary, Standup-History Answers, and Reporting Shape:

  • The Slack weekly summary is intended to be an AI-assisted executive summary that is concise enough to read in Slack
  • Standup-history answers are intended to answer workspace questions using submitted standup data available to the Service for that workspace, scoped by the requesting Slack user's standup access permissions
  • Detailed attribution views, exports, or reports are generated from first-party workspace data and may include relevant participants with their Slack mentions
  • For large workspaces, CheckinPigeon processes AI-assisted summaries in bounded batches instead of sending one full workspace-sized prompt to an AI provider
  • Processing batch size is a safety and reliability control, not a pricing cap and not a limit on which paid participants may appear in first-party reports

Third-Party AI Processing:

We use OpenRouter as our AI service provider. OpenRouter may route requests to different underlying model providers (such as Meta, Google, Anthropic, or others) depending on availability and configuration. These providers may:

  • Process data in different countries
  • Have their own data retention policies
  • Change over time as we optimize the feature

Important Notes:

  • AI features are optional and can be enabled/disabled per standup, subject to your plan
  • Some AI features may be made available in beta and may change as we improve reliability, supported question types, and output quality
  • We do not control the data handling practices of underlying AI model providers
  • AI providers' policies may vary and are subject to their own terms
  • We configure providers to minimize data retention where supported, but cannot guarantee all providers meet the same standards

By enabling AI features, you acknowledge and agree that data may be transferred to and processed by third-party AI providers in various jurisdictions outside your country of residence.

We recommend that you do not include sensitive personal data or highly confidential information in content processed by AI features.

Data Retention for AI Features:

  • We do not intentionally retain full raw AI request and response payloads long-term, except for limited temporary logging needed for debugging, abuse prevention, or reliability
  • AI-derived outputs may be stored within the Service as relevant standup summaries, blocker records, reminder text, mood or sentiment insights, standup-history answers, aggregate metadata, or final rendered report output
  • Requests may be logged temporarily for debugging and abuse prevention (up to 30 days)
  • OpenRouter and underlying model providers may have their own retention policies

Training on Your Data:

  • We do not use your data to train our own AI models
  • We configure AI providers not to use customer content for model training where such options are available
  • However, we cannot guarantee that all underlying model providers honor no-training policies, especially for free-tier models

Your Control:

  • You can enable or disable AI features at any time per standup, subject to your plan
  • Disabling a feature stops sending data to AI providers for new requests for that feature
  • Previously processed data may be retained by AI providers per their policies

How We Use Your Information

We use collected information to:

  • Provide and maintain the Service
  • Process standups and polls
  • Send notifications and reminders
  • Provide customer support
  • Improve and optimize the Service
  • Communicate updates and changes
  • Comply with legal obligations
  • Prevent fraud and abuse

Reporting Features

Pro includes reporting features that let workspace administrators move standup data outside Slack.

CSV Export

  • CSV export allows authorized workspace users to download standup data for reporting, audits, and analysis
  • Exported files may contain standup questions, responses, participation data, timestamps, and related workspace metadata
  • Once exported, that file is controlled by the workspace that downloaded it and is no longer governed solely by this Service

Google Sheets Sync

  • If enabled, Google Sheets sync sends standup data to a spreadsheet connected by the workspace
  • Synced data may include standup questions, responses, participation data, timestamps, and related workspace metadata
  • Data stored in Google Sheets is then subject to Google's terms, privacy practices, access controls, and retention settings

Data Roles

For the purposes of applicable data protection laws:

  • Workspace administrators act as the Data Controllers
  • CheckinPigeon acts as a Data Processor on behalf of the workspace
  • We process personal data solely to provide the Service as instructed by the workspace administrators.

Data Storage and Security

Where We Store Data

Our application servers and database are hosted on a VPS in Falkenstein, Germany, European Union. Our file storage uses Cloudflare R2 with data stored in European Union. Core infrastructure is located within the European Union.

How We Protect Data

We also use application-level encryption for certain sensitive fields (such as authentication tokens) to reduce the risk of exposure if the database or backups are accessed.

  • Industry-standard security measures
  • Regular dependency updates and security patches
  • Access controls and authentication
  • Encrypted database connections
  • Regular backups

International Data Transfers

Our servers are hosted in Falkenstein, Germany, European Union. If you are located outside Germany, your data will be processed on servers located in Falkenstein, Germany, EU.

Additionally, if you enable AI features, your standup response data may be processed by AI model providers located in various countries, including the United States and other regions, depending on which providers OpenRouter uses at the time of processing.

If you enable Google Sheets sync, standup data may also be transferred to and stored by Google in accordance with the Google account, spreadsheet configuration, and Google's own international data handling practices.

For international data transfers outside the EU, particularly for AI processing features, we rely on our third-party providers' stated data transfer safeguards and terms. See each provider's privacy policy for details on how they handle international data transfers.

Data Retention

We retain personal data only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

Retention Categories

  • Account / Workspace data: retained while the workspace is active
  • Communication records: standup and poll responses and related records are retained for as long as the workspace is active. When a standup is deleted, all associated responses and attachments are permanently deleted.
  • Standup file attachments: retained while the related standup exists, then deleted when the standup is deleted
  • Logs and analytics: diagnostic logs are retained per our infrastructure and monitoring providers' own retention policies. We do not independently store or manage raw log retention beyond what our providers retain.
  • Payment and tax records: retained for up to 7 years (where applicable) to comply with accounting and legal requirements
  • Exported CSV files are generated on demand for the workspace user who requests them; after download, retention of that exported file is controlled by the workspace

Deletion of Standup Attachments

  • If a standup is deleted in CheckinPigeon, we delete the stored copies of attachments associated with that standup
  • If a workspace administrator requests Slack workspace data deletion, we will delete workspace data (including cached attachments) within 14 business days after verified request, as required by Slack's developer policies, except where retention is required for legal, accounting, or billing purposes.

Billing Data After Deletion

When workspace data is deleted, we retain limited subscription and billing records where required for legal, accounting, fraud-prevention, support, or dispute-resolution purposes.

We may retain:

  • Subscription history, including plan, status, billing dates, metered usage, and amounts
  • Transaction records needed for tax or accounting compliance
  • Limited provider reference identifiers needed for billing records, returning-customer recognition, fraud prevention, or support

We remove or delete:

  • Billing email addresses and other workspace-linked personal data not required for retention
  • Raw billing webhook event records associated with the deleted workspace
  • Workspace content and operational records not required for legal or billing retention

This may include minimal billing records such as:

  • Subscription history (dates, plan types, metered usage, amounts)
  • Transaction records for tax compliance
  • Minimal audit trail for dispute resolution

Slack App Uninstall

  • If the Slack app is uninstalled, we will stop processing workspace data. Workspace administrators may request deletion of Slack workspace data at any time by contacting support@checkinpigeon.com. Upon verified request, workspace data, including cached attachments, will be deleted within 14 business days, except where retention is required for legal, accounting, or billing purposes.
  • If you have an active paid subscription, we may schedule cancellation at the end of the current billing period and send a confirmation email

Log Files

Like many online services, we collect log files to operate and secure the Service. These logs may include:

  • Internet Protocol (IP) address
  • Browser type, device information, and basic request details
  • Time and date of access and pages/features used
  • Error and diagnostic information

We use this information for security monitoring, troubleshooting, abuse prevention, and improving reliability.

We process such data based on our legitimate interests in ensuring the security, reliability, and performance of the Service, as well as preventing fraud and abuse.

Data Sharing and Disclosure

We do NOT sell your data.

We may share data with:

Service Providers

  • Cloud hosting providers for infrastructure
  • Polar for payment processing
  • Cloudflare Web Analytics for website analytics
  • Google Sheets / Google APIs for optional spreadsheet sync features (when enabled by the workspace)
    • Google may receive standup questions, responses, participation records, timestamps, and related workspace metadata needed to populate the connected sheet
    • Data stored in Google Sheets is subject to Google's privacy practices, security controls, and retention policies
  • Resend for email delivery services
  • AppSignal for error tracking
  • OpenRouter for optional AI-powered standup features (when enabled)
    • OpenRouter may use various underlying AI model providers
    • These providers may change over time
    • See OpenRouter's Privacy Policy at https://openrouter.ai/privacy
  • Crisp for live chat customer support
    • Crisp collects chat conversations, browsing activity on our website, and basic contact information
    • Crisp is hosted in the EU
    • See Crisp's Privacy Policy at https://crisp.chat/en/privacy/
    • By using the chat widget, you consent to the processing of your data by Crisp as described in this Privacy Policy.

Legal Requirements

We may disclose data if required by law, to:

  • Comply with legal processes
  • Enforce our Terms of Service
  • Protect our rights and safety
  • Prevent fraud or security issues

Your Data Rights

Depending on your location, you may have rights including:

For All Users

  • Access your data by contacting us at support@checkinpigeon.com
  • Request deletion of your account and data by contacting us at support@checkinpigeon.com

Regarding AI Processing:

If you are concerned about third-party AI processing, you can:

  • Disable AI features for your standups
  • Contact us to request exclusion from AI processing
  • Note that once data is sent to AI providers, we cannot guarantee deletion from their systems

For EU Users

  • Right to access personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

For California Users (CCPA)

  • Right to know what data is collected
  • Right to delete personal data
  • Right to opt-out of data sales (we don't sell data)

To Exercise Your Rights:

To exercise any of these rights, contact us at support@checkinpigeon.com. General privacy-rights requests receive a response within 30 days unless a shorter platform-specific requirement applies. Slack workspace data deletion requests are completed within 14 business days after verified request. Rights are fulfilled manually by our team.

How to Request Data Deletion

To request deletion of your personal data:

Contact Methods

Email: support@checkinpigeon.com

What Happens Next

  • We will verify your identity and workspace ownership/admin status
  • For Slack workspace data deletion, including cached attachments, we will complete deletion within 14 business days after verified request unless retention is required for legal, accounting, or billing purposes
  • For other privacy-rights deletion requests, we will respond within 30 days unless a shorter platform-specific requirement applies
  • Some minimal records may be retained for legal, accounting, or tax compliance (as described in our Data Retention section)
  • You will receive confirmation via email once deletion is complete

Note: If you have an active paid subscription, we recommend canceling it first. Data deletion does not automatically cancel billing.

Slack App Uninstall: Uninstalling the Slack app stops the Service for your workspace. Workspace administrators may request deletion of Slack workspace data at any time as described above.

Cookies and Tracking

We use minimal tracking technologies:

Essential Cookies

  • Session cookies to keep you logged in
  • Authentication tokens
  • User preferences
  • Crisp chat widget (for live customer support)

Analytics

We use Cloudflare Web Analytics, which is privacy-friendly and does NOT use cookies. Cloudflare Web Analytics does not track users across websites and collects only aggregated, anonymized usage statistics. No cookies or persistent identifiers are used for analytics. See: https://www.cloudflare.com/privacypolicy/

No Marketing Cookies

  • We do not use marketing or advertising cookies
  • We do not track you across websites

You can disable cookies in your browser settings, but this may prevent you from logging in.

Live Chat and Customer Support

Crisp Chat Widget

When Crisp is enabled on our website, the Crisp live chat widget may load when you visit so we can provide customer support.

What Crisp Collects:

  • Messages you send through the chat widget
  • Your name and email (if you provide them)
  • Device information (browser, operating system)
  • IP address and approximate location

How We Use This Information:

  • Provide real-time customer support
  • Understand common support issues
  • Improve our website and documentation
  • Track customer satisfaction

Your Control:

  • You can request deletion of your chat history by contacting support@checkinpigeon.com
  • Crisp chat data is retained per Crisp's own retention policy. See Crisp's Privacy Policy for details.

Data Storage:

Crisp stores data on servers located in the European Union (France).

Third-Party Privacy Policy:

See Crisp's Privacy Policy: https://crisp.chat/en/privacy/

Third-Party Services

Our Service integrates with:

We are not responsible for the privacy practices of third-party services.

We use third-party subprocessors (such as hosting, analytics, payment processing, and customer support providers) to operate the Service. These subprocessors may be updated from time to time.

Children's Privacy

Our Service is not intended for users under 16. We do not knowingly collect data from children under 16. If you believe we have collected data from a child, contact us immediately.

Data Breach Notification

In the event of a data breach that affects your personal data, we will make all reasonable efforts to:

  • Notify relevant supervisory authorities within 72 hours of becoming aware of a breach, and notify affected users without undue delay
  • Take immediate steps to contain and remedy the breach

Data Processing Addendum

A Data Processing Addendum (DPA) is available upon request for customers requiring additional data protection commitments.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting updated Privacy Policy on our website with a new effective date. Where reasonably possible, we may also notify workspace administrators via email.

Continued use after changes constitutes acceptance.

Contact Us

Operator: CheckinPigeon (independent developer)

Location: Bangladesh

For privacy-related questions or to exercise your rights: