Privacy Policy

Last updated: May 2026

Trako is an AI-powered incident investigation agent for Slack. This policy explains what data we collect, how we use it, and how it is protected.

Data We Collect

• Slack workspace ID and bot token -- required to post messages and create channels in your workspace on your behalf.
• Integration credentials -- OAuth tokens for GitHub, Sentry, and Linear; IAM credentials for AWS CloudWatch. These are provided by your team and stored encrypted.
• Incident channel thread content -- fetched from Slack to generate postmortem drafts. This content is sent to the Anthropic Claude API and is not stored by Trako.

How We Use Data

• Integration credentials are used solely to query your connected services (GitHub, Sentry, CloudWatch, Linear) when an incident investigation is triggered.
• Incident thread content is sent to Anthropic's Claude API to generate postmortem drafts. Anthropic does not use API data for model training.
• We do not sell, share, or rent any data to third parties.

Data Storage and Security

• All integration credentials are encrypted at rest using Fernet symmetric encryption. The encryption key is stored in AWS SSM Parameter Store as a SecureString.
• Encrypted credentials are stored in AWS DynamoDB, isolated by workspace ID.
• No credentials are stored in application code or environment variables.

Data Retention

Credentials are retained until you disconnect the integration via the App Home tab, or until the Trako app is uninstalled from your Slack workspace. Uninstalling removes all workspace data.

Your Rights

You may disconnect any integration at any time via the Trako App Home tab in Slack. To request deletion of all data associated with your workspace, contact us at the address below.

Contact

For privacy questions or data deletion requests, contact: privacy@yourdomain.com