Legal
Privacy Policy
1. Introduction
Welcome to Griot Labs (“Griot,” “we,” “us,” or “our”). We provide an institutional knowledge capture platform that integrates with Slack and Microsoft Teams, accessible at app.askgriot.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By using Griot, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: Name, email address, company name, and authentication credentials
- Workspace Configuration: Custom fields, entity types, and organizational preferences
- Payment Information: Processed through third-party payment processors; we do not store full credit card details
2.2 Information Collected Automatically
- Slack Workspace Data: Messages and threads you choose to capture, user IDs, workspace identifiers, channel names and metadata, timestamps and interaction data
- Microsoft Teams Data: Messages and threads you choose to capture, user IDs, tenant identifiers, team and channel names and metadata, timestamps and interaction data
- Usage Data: Features used, search queries, time spent on platform, click patterns and navigation
- Technical Data: IP addresses, browser type, device information, operating system, and cookies
3. How We Use Your Information
- Service Delivery: To provide, maintain, and improve Griot’s knowledge capture functionality
- AI Processing: To generate summaries, tags, and insights using AI models
- Search and Retrieval: To enable semantic search across your organizational knowledge
- Communication: To send service updates, security alerts, and support messages
- Analytics: To understand usage patterns and improve our product
- Compliance: To comply with legal obligations and enforce our Terms of Service
4. Data Processing and AI
Griot uses third-party AI models (including Anthropic’s Claude) to generate summaries, semantic tags, and embeddings for knowledge matching. Content you capture may be processed by these providers. We only share content necessary for processing, and we do not allow AI providers to train models on your data.
5. Data Storage and Security
Your data is stored on secure cloud infrastructure (Supabase/PostgreSQL) with industry-standard encryption in transit (TLS/SSL) and at rest. We implement access controls, regular security assessments, and secure development practices. No method of transmission or storage is 100% secure.
6. Platform Integrations
6.1 Slack
When you connect Griot to a Slack workspace, we access designated channels and process messages as configured by your workspace administrators. You may revoke Slack permissions at any time through Slack’s own settings. You are responsible for ensuring your organization has the appropriate authority to connect the workspace and for obtaining any necessary consents from workspace members.
6.2 Microsoft Teams
When you install Griot for Microsoft Teams, we access your Teams tenant via the Microsoft Bot Framework and process messages in channels you configure. Data collected through the Teams integration is handled under the same terms as other data described in this policy. You may remove the Griot app from your Teams environment at any time through your Microsoft 365 admin settings. You are responsible for ensuring your organization has the appropriate authority to install the app and for obtaining any necessary consents from team members.
7. Data Retention
We retain your information for as long as your account is active or as needed to provide services. Deleted content is removed from active systems within 30 days; backups may retain data for up to 90 days. Upon account termination, data is deleted or anonymized within 90 days unless retention is required by law.
8. Data Sharing and Disclosure
We share information with service providers acting on our behalf, within your organization as configured by administrators, and when required by law. We do not sell your personal information, share your captured knowledge with other Griot customers, or use your data to train AI models for other customers.
9. Your Rights and Choices
Depending on your location, you may have rights to access, correct, delete, or port your data, and to restrict or opt out of certain processing. To exercise these rights, contact us at hello@askgriot.com with “Privacy Request” in the subject line.
10. Cookies and Tracking
We use cookies to maintain your session and preferences, analyze usage patterns, and improve service performance. You can control cookies through your browser settings.
11. Children’s Privacy
Our Service is not intended for users under 16 years of age. We do not knowingly collect information from children.
12. California Privacy Rights (CCPA)
California residents have the right to know what personal information is collected, whether it is sold or disclosed, to opt-out of sale (we do not sell personal information), and to request deletion without discrimination for exercising these rights.
13. European Privacy Rights (GDPR)
If you are in the EEA, we process data based on consent, contractual necessity, legal obligations, and legitimate interests. You have the right to lodge a complaint with your local data protection authority.
14. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy, updating the “Last Updated” date, and sending email notification for significant changes.
15. Contact Us
Griot Labs
Email: hello@askgriot.com
Website: app.askgriot.com
| Data Type | Purpose | Retention |
|---|---|---|
| Account credentials | Authentication | Account lifetime |
| Slack messages | Knowledge capture | User-controlled |
| Microsoft Teams messages | Knowledge capture | User-controlled |
| AI-generated summaries | Service delivery | User-controlled |
| Usage analytics | Product improvement | 24 months |
| Payment information | Billing | 7 years (legal) |
| Support communications | Customer service | 3 years |