LEAD.Bot Privacy FAQ

LEAD is GDPR Compliant and the EU-U.S. DPF and the Swiss-U.S. DPF certified. You can find out more on our website at the following locations:

LEAD is also required to go through a review process with Slack and Microsoft before our apps are approved to be listed in their stores. Those stores have more details about the API scopes granted to our app.

 

 

Frequently Asked Questions

Session 1. The questions apply to both LEAD.bot for Slack and Microsoft Teams 

Session 2. LEAD.bot for Slack related questions 

Session 3. LEAD.bot for Microsoft Teams related questions 

Session 1. Questions apply to both LEAD.bot for Slack and Microsoft Teams 

Q1. Setup Instructions?

  

Q2. Access?

 

 Q3. Security Measures, Disaster Recovery Protocol? 

(Email security@lead.app if you need to review the documents mentioned in Q3). 

  

Q4. Payment Information?

 

Q5. Hosting Provider Details?

Q6.  The retention period of the data stored by Lead app?

Q7. Is S3 leveraged for only backed up database, or also active database?  Is the S3 database public or private? 

 

Q8. Is data encrypted in transit? If so, what specific encryption methods are used? What encryption is used for data at rest? 

Q9. Would it be a shared or dedicated database for lead.app clients (FIS)? Same question (shared or dedicated) but for the S3 volumes. 

Q10. Do you have hosting possibilities in Europe?

 

Q11. Does the LEAD.bot chat window allow users to share files or capture or record a conversation? 

 

Q12. Will this solution be offered to all users on the platform?

 

Q13. In the Privacy Document, there is a paragraph written as this: LEAD Collect and store content that you send and receive, the groups you belong to, and your interaction with your friends, mentors and colleagues. This content includes any information about you that you may choose to include. Examples of content we collect and store include: the title of your matching channel/Team names, surveys created and the audience you are sending them to. Content also includes the messages and links you upload to the Services. What does this actually mean? 

 

Q14. Is the data you collect differently between the free tier, basic tier, and enterprise tier?

  

Q15. Have the terms of service and privacy documents in your company reviewed and approved by legal & privacy experts?

 

Q16. Who in your organization has access to this DB and are there any security protocols (Access rights) to accessing this information?

Q17. How is Lead Bot setup in terms of High Availability (Uptime)? 

 

Session 2.  Slack related questions: 

Q1.  Is this application developed by Slack or part of their certification program?

 Q2. What are the permissions LEAD.bot gets in Slack? 

 

Session 3.  Microsoft Teams related questions: 

Q1.  Is this application developed by Microsoft or part of their certification program?

Q2.  Does Lead.bot have access to entire Microsoft Teams calendars?

Q3. What data does LEAD.bot collect/store for Microsoft Teams? 

 

    1. only adding LEAD.Bot to Teams with generic names (ex. “Coffee-Matching”, “All-Employees”, “New-York”, “Remote-Meetups”, etc) and avoid adding LEAD.Bot to teams with private information, such as: “Upcoming-Sales-Deal-With-SpaceX”, “Closing-Series-B-Round”, etc.
    1. Informing your employees that no private company information should be sent as a direct message to LEAD.Bot. LEAD.Bot should be used exclusively to facilitate meetings through your corporate meeting system (Skype, Zoom, Hangouts, in person, etc).
    2. Only modifying the initial greeting message sent to users in a way that does not contain any personal or private information.

Q4. What are the minimum permissions the app requires in MS Teams?

 

Have other questions? email security@lead.app for any technical questions, or hi@lead.app for business-related questions. Thank you very much!