Privacy & Security

How we handle your data and keep it secure.

Data Handling

Wellback stores only the minimum data necessary to function: PTO dates, flagged messages, and queue items. We do not store message content beyond what's needed to display your queue.

Not suitable for sensitive data

While all queued messages are encrypted at rest with AES-256-GCM and salted before storage, Wellback is not designed for sensitive information such as credentials, financial data, health information, or personal identifiers. Please use appropriate channels for such content.

Encryption

All queued messages are encrypted before being stored in our database.

AES-256-GCM encryption for all stored messages
PBKDF2 with 100,000 iterations for key derivation
Unique salt per workspace
Encryption key derived from workspace ID + Slack signing secret

If our database is compromised, messages cannot be read without access to your Slack workspace's signing secret.

Access Controls

Only users in your Slack workspace can interact with Wellback
Chaperones can view flagged items for the user they're helping
Workspace admins can uninstall the app at any time
No external access to any stored data

Slack App Permissions

When installing Wellback, you'll be asked to grant the following permissions:

chat:write Send direct messages and notifications to users
channels:read List public channels to detect @mentions of OOO users
groups:read List private channels to detect @mentions of OOO users
users:read Look up user information (names, display names, avatars)
users.profile:read Check custom profile fields if used for PTO status
reactions:write Add reactions to messages as confirmations

We do not request:

Access to read message history or content
Access to files or attachments
Admin-level permissions
Webhooks or real-time event access beyond what's listed

Data Retention

Wellback automatically deletes:

Queue items once marked as done or dismissed
All data when the app is uninstalled from the workspace
Historical PTO data older than 90 days