Data Privacy & Permissions

How Coworker ensures data is handled and shared appropriately.

Overview

Coworker is guided by three overarching policies relating to Data Privacy & Permissions:

1. Private data stays private

Coworker respects the privacy of employees within an organization. By default, Coworker will not process the contents of private conversations, such as 1:1 Slack messages, private documents that are not shared with all users within an organization.

Our default settings only process data in reports that is generally shared with your organization.

2. We respect primary data source permissions

By default, if a user in your organization does not have access to data in the source tool, they will not get access to that data in Coworker. Please read the table below for more detail, as there is some nuance related to data in tools that is considered 'shareable with the organization' even though not all members of your organization may have access to that tool (eg. Jira or HubSpot).

The following table breaks down what information is processed by Coworker reports (and therefore shared with those that have access to the Coworker platform) on a Connector by Connector basis.

Connector
Data Processed by Reports
Data Excluded

Slack

  1. Default: Public Channels only. We can turn off this default if required so that only channels where Coworker is manually added will be connected.

  2. Private Channels can be manually added (assuming their content is non-sensitive).

  1. Default: Private Channels (unless manually added).

  2. Direct Messages

Google Drive

  1. Documents, Sheets, Slides that have been shared with your organization (General Access: Your Organization, Anyone in this group with the link can view/comment/edit).

  2. Documents, Sheets, Slides that have been shared with 'Anyone with the link'

  1. Documents, Sheets, Slides that are either Restricted (shared only with you, or shared only with a subset of users.

Notion

  1. Only Pages (or nested Pages under these pages) that have had the Coworker Connector added to them. Note that if you add the Coworker Connector to a top-level page, Coworker will be connected to all nested Pages. The exception is if the Page is nested but set to 'Invite only'. These pages show as 'Restricted'.

  1. Pages that do not have the Coworker Connector added to them.

  2. 'Restricted' pages that are set to 'Invite only'

Monday.com

  1. Items that are set to 'Main' Privacy (Visible to everyone in your account) for the Workspace that Coworker has been granted access to.

  1. Items set to Private or Shareable with a subset of users.

ClickUp

  1. Spaces and content nested within those Spaces that are set to be shared with the Workspace that Coworker has been granted access to, unless those Spaces or underlying content have been set to Private.

  1. Spaces or Content that are not shared with your Workspace.

  2. Content that is set to Private.

Jira

  1. Data in the project that has been connected to Coworker.

Github

  1. Data in the Repositories that have been connected to Coworker.

  1. Data in the Repositories that have not been connected to Coworker.

Gitlab

  1. Data in the Repositories that have been connected to Coworker.

  1. Data in the Repositories that have not been connected to Coworker.

HubSpot

  1. This depends on the Scopes that you granted the Coworker App permissions to. Default Scopes generally mean that data relating to Deal management (including Deal status, connected Contacts, Deal Notes, and any emails that are associated with the Deal through HubSpot's email integration will be accessible. The default Scopes are:

CRM

  • crm.objects.owners

  • crm.objects.deals

  • crm.objects.contacts

Settings

  • settings.users

Standard

  • content

  • sales-email-read

  1. HubSpot has many other read and write Scopes that Coworker does not have access to.

Linear

  1. Data in the Workspace that you connected Coworker to.

  1. Data in any other Workspaces that you did not connect to Coworker.

3. Required business purposes only

We only allow Coworker user access for required business purposes.

  • In alignment with Coworker’s primary Data Access Policy, no member of the Coworker team has access to client data of any type other than for clear business needs. For example, software developers working on external data pipelines will require some access to client data to deliver the work product to the customer at setup and during maintenance.

PreviousSecurity & ComplianceNextAirtable

Last updated

Was this helpful?