Security

The security of your data is a top priority for HeyTaco. We take pride in knowing that everything we build meets and exceeds industry standards to protect your information. Additionally, access to HeyTaco websites is restricted to HTTPS-encrypted connections.

What we collect and why

When HeyTaco is integrated with your chat platform, we collect information necessary for our services to function. We also collect information if you give it to us.

Information collected from you may be used in one of the following ways:

(a) Personalize your experience.
(b) Better respond to your individual needs.
(c) Operate and improve our Services.
(d) Improve customer service.
(e) Contact you.

Here is what we collect

• Names and URLs of chat platforms you use with HeyTaco
  • Used to display names in the product, identify your platform for support, and associate information about your platform to itself.
• The number of people on your team
  • Used for product functionality and internal reporting.

We only save messages that include taco emojis (:taco:). Messages are identifiable by id’s provided by Slack’s Web API.

What messages can the HeyTaco bot listen to?

The HeyTaco bot only listens for the usage of taco emojis (:taco:) and programmed HeyTaco commands. The bot can only listen to messages in channels it’s been added to.

Where is HeyTaco data stored?

Our databases are hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:

• ISO 27001
• SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
• PCI Level 1
• FISMA Moderate
• Sarbanes-Oxley (SOX)

What type of authentication does HeyTaco Use?

HeyTaco relies on Slack’s OAuth 2.0 protocol. Learn more about OAuth here: https://oauth.net/2/