Your Data is Safe With Us

Privacy Policy

Last updated: March 6, 2025

Loqet Shield ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI agent security platform for Slack workspaces. By using our service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

We collect the following types of information to provide and improve our services:

Account Information

When you sign up, we collect your email address and name through Clerk authentication. This is necessary to create and manage your account.

Slack Workspace Metadata

We collect workspace ID, team name, and member count to identify your workspace and provide accurate scanning results.

App & Integration Data

During scans, we discover app names, permissions, OAuth scopes, and integration metadata. This is the core data needed for security analysis.

Scan Results & Risk Assessments

We store the results of our security scans, including identified risks, severity scores, and recommended remediation actions.

Subscription & Billing Information

Payment processing is handled by Lemon Squeezy. We receive subscription status and billing history but do NOT store credit card numbers.

Usage Analytics

We collect anonymous usage data including page views and feature usage to improve our platform. This data is aggregated and cannot identify individual users.

Important: We do NOT collect or store Slack message content, file uploads, direct messages, or any user-generated content from your workspace.

2. How We Use Information

We use the collected information for the following purposes:

  • Provide security scanning services and generate risk reports
  • Send security alerts and weekly digest emails (Pro users)
  • Process payments and manage your subscription
  • Improve our AI analysis algorithms and detection capabilities
  • Respond to your support requests and inquiries
  • Comply with legal obligations and protect our rights
  • Prevent fraud, abuse, and unauthorized access

3. Data Storage & Security

We implement industry-leading security measures to protect your data:

Encrypted Database

PostgreSQL with AES-256 encryption at rest

Secure Transit

TLS 1.2+ for all data in transit

SOC 2 Type II

Certified infrastructure and processes

Regular Audits

Security audits and penetration testing

No Message Storage

We NEVER store Slack message content

No AI Training

We NEVER use your data to train models

4. Data Sharing

We do NOT sell your data to third parties.

We share data only with the following subprocessors necessary to provide our service:

ServicePurposeLocation
ClerkAuthenticationUS
NeonDatabase hostingUS
Lemon SqueezyPayment processingUS
ResendEmail deliveryUS
Google GeminiAI risk analysisUS

All subprocessors are GDPR-compliant and have signed Data Processing Agreements (DPAs). We only share the minimum data necessary for each service to function.

We may disclose information to law enforcement only when legally required by valid subpoena, court order, or other legal process.

5. Your Rights (GDPR/CCPA)

Depending on your location, you have the following rights regarding your personal data:

1

Right to Access

Request a copy of all data we hold about you

2

Right to Correction

Update or correct inaccurate information

3

Right to Deletion

Request complete account and data deletion

4

Right to Portability

Export your data in a machine-readable format

5

Right to Object

Opt-out of non-essential data processing

6

Right to Restrict

Limit how we process your data

To exercise any of these rights, please contact us at privacy@loqetlabs.com. We will respond within 30 days.

6. Data Retention

We retain your data according to the following schedule:

Active accounts:Data retained while subscription is active
🗑
Cancelled accounts:Complete deletion within 30 days of cancellation
📊
Scan logs:90 days, then anonymized for analytics
💾
Backup retention:Maximum 7 days for disaster recovery

7. International Transfers

Our servers are located in the United States (AWS us-east-1). If you are accessing our service from outside the US, your data will be transferred to and processed in the United States.

For EU customers, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) with all subprocessors
  • Data Processing Agreements (DPAs) in place
  • Encryption of data in transit and at rest
  • Regular compliance audits

8. Cookies & Tracking

We use only essential cookies necessary for the service to function:

  • Authentication session cookies (Clerk)
  • Security and fraud prevention cookies

We do NOT use third-party marketing cookies, advertising trackers, or social media pixels. Analytics are collected via privacy-focused Plausible (optional, can be disabled).

9. Children's Privacy

Our service is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@loqetlabs.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Sending an email to the address associated with your account
  • Posting a prominent notice on our website
  • Requiring acknowledgment of changes on next login (for material changes)

Your continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Loqet Shield

Email: privacy@loqetlabs.com

We typically respond to privacy inquiries within 24 hours.

Back to Home