Back to Home
Legal

Privacy Policy

Effective February 15, 2026Last updated February 15, 2026

Amaranthine Private Limited ("Company", "we", "us", or "our") operates Tickr, an AI-powered task management bot for Slack ("Service"). This Privacy Policy explains how we collect, use, store, and protect information when you install and use Tickr in your Slack workspace.

This Privacy Policy describes our practices regarding the information we handle when you use the Service. By installing Tickr, you acknowledge that you have read and understood this policy. Our processing of your data is based on the contractual necessity of providing the Service, our legitimate interests in maintaining and improving the Service, and compliance with applicable law.

1. Information We Collect

1.1 Slack Workspace Data

When you install Tickr, we collect:

  • Workspace identifiers — Slack team ID and workspace name
  • Installer identity — Slack user ID of the person who installed the app
  • Authentication tokens — Bot token and signing secret issued by Slack during OAuth, used to operate the bot in your workspace

1.2 User Interaction Data

When members of your workspace interact with Tickr, we collect:

  • Slack user IDs — to identify task assignees, creators, and participants
  • User display names — resolved from Slack profiles for display in task cards
  • Channel IDs — to associate task boards with the correct channels
  • Command and message content — text sent via /tickr slash commands, @Tickr mentions, and threaded replies that Tickr processes
  • Thread context — recent messages in a thread (up to 10) when Tickr is invoked within a conversation, used to understand context

1.3 Task and Work Data

Tickr stores the following task management data:

  • Task titles, descriptions, statuses, priorities, estimates, and due dates
  • Task assignments (Slack user IDs and display names)
  • Task updates and comments (including update text, timestamp, and author)
  • Milestones, subtasks, and dependency/blocker relationships
  • AI-generated task summaries

1.4 Subscription and Usage Data

  • Subscription plan — your workspace's current plan (trial, pro, or max)
  • Trial expiry date — when your free trial ends
  • Active user count — number of unique users interacting with Tickr each month, tracked for plan enforcement
  • Active user set — set of Slack user IDs that have interacted with Tickr in the current billing month (reset monthly)

1.5 Nudge and Engagement Data

  • Nudge delivery status (sent, responded, escalated)
  • Response timestamps
  • Escalation counts

1.6 Application Logs

We log operational data including user interactions, errors, and system events. Logs may contain Slack user IDs, channel IDs, command text, and error details. Logs are retained for 30 days.

2. How We Use Your Information

We use the information we collect to:

  • Operate the Service — create, update, and manage tasks within your Slack workspace
  • Provide AI features — send message content and task context to our AI provider (AWS Bedrock) for natural language understanding, task parsing, standup summaries, update quality evaluation, and highlights generation
  • Send nudges and reminders — notify users about overdue or stale tasks based on configurable schedules
  • Enforce subscription limits — track active users per workspace to enforce plan-level user caps
  • Manage your subscription — track trial periods and plan status
  • Maintain and improve the Service — debug issues, monitor performance, and ensure reliability
  • Communicate with you — send upgrade prompts, feature gating messages, and service notices within Slack

3. Legal Basis for Processing

We process your information on the following legal bases:

  • Contract performance — processing necessary to provide the Service you have installed and subscribed to (task management, nudges, AI features)
  • Legitimate interest — processing necessary for our legitimate business interests, including maintaining, improving, and securing the Service, provided these interests are not overridden by your data protection rights
  • Legal obligation — processing necessary to comply with applicable laws, regulations, or legal process

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction that requires consent for certain types of processing, we will obtain your consent where required by law.

4. AI Processing

Tickr uses AWS Bedrock (powered by Anthropic's Claude) to process natural language. When you interact with Tickr, the following data may be sent to AWS Bedrock:

  • Your message text
  • Current task board state (task titles, statuses, priorities, assignees, recent updates)
  • Thread conversation context (recent messages)
  • Workload summaries (task counts per person)

AWS Bedrock does not retain your data for model training. Inputs and outputs are not used to improve foundation models. Data is processed in real-time and not stored by AWS Bedrock beyond the duration of the API request.

5. Data Storage and Security

5.1 Where We Store Data

All data is stored in Amazon Web Services (AWS) infrastructure in the US East (N. Virginia) region:

  • Amazon DynamoDB — task data, board configurations, installation records, subscription data, and nudge records
  • AWS Secrets Manager — Slack authentication tokens (encrypted at rest)
  • Amazon CloudWatch — application logs (30-day retention)

5.2 Security Measures

  • All data is encrypted at rest using AWS-managed encryption keys
  • All data in transit is encrypted via TLS/HTTPS
  • Slack authentication tokens are stored in AWS Secrets Manager with encryption
  • Multi-tenant data isolation ensures each workspace's data is logically separated
  • IAM roles restrict access to AWS resources
  • No data is stored on local machines or developer devices in production

5.3 Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected workspace administrators within 72 hours of becoming aware of the breach
  • Provide details of the nature of the breach, the data affected, and the measures taken to address it
  • Report the breach to relevant supervisory authorities where required by applicable law (e.g., GDPR Art. 33, India DPDPA Sec. 8)

5.4 Data Retention

Data TypeRetention
Tasks, boards, and updatesRetained during active use; deleted 30 days after workspace uninstalls Tickr or requests deletion
Installation and subscription dataRetained until app is uninstalled or tokens are revoked; deleted within 30 days
OAuth state tokensAuto-deleted after 10 minutes
Application logs30 days
Active user tracking setsReset monthly; historical sets are not retained

6. Data Sharing

6.1 Third-Party Service Providers (Sub-Processors)

We share data with the following service providers, solely to operate the Service:

ProviderPurposeData Shared
Amazon Web Services (AWS)Cloud infrastructure, AI processing, data storageAll application data (hosted on AWS)
AWS Bedrock (Anthropic Claude)Natural language processing and AI featuresMessage content, task context, thread history
Slack (Salesforce)Messaging platform integrationBot responses, task cards, canvas updates

We will notify workspace administrators at least 30 days in advance before engaging a new sub-processor that will have access to your data. If you object to a new sub-processor, you may terminate your use of the Service.

6.2 We Do Not

  • Sell your personal information to third parties
  • Share your data with advertisers
  • Use your data to train AI models

6.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, such as a court order or government request.

7. Slack Permissions

Tickr requests the following Slack OAuth scopes:

ScopePurpose
app_mentions:readReceive and respond to @Tickr mentions
channels:historyRead channel messages for thread context
groups:historyRead private channel messages for thread context
chat:writePost task cards, nudges, and responses
commandsReceive /tickr slash commands
users:readResolve user display names for task cards
canvases:readRead board canvas for updates
canvases:writeCreate and update board canvas

Tickr only reads messages in channels where it is explicitly invited or mentioned. It does not read messages in channels where it is not present.

8. Your Rights and Choices

8.1 Access and Deletion

  • Uninstall Tickr from your Slack workspace at any time. Uninstalling removes your installation record and authentication tokens. Remaining task data is deleted within 30 days.
  • Request data deletion by contacting us at the address below. We will delete all task data, board configurations, and subscription records associated with your workspace within 30 days of your request.

8.2 Data Portability

You may request an export of your workspace's task data in a machine-readable format (JSON) by contacting us.

8.3 Opt Out of AI Processing

AI processing is integral to Tickr's functionality. If you do not wish for your messages to be processed by AI, you should not use the Service. Basic slash commands (e.g., /tickr create, /tickr list) interact with the database directly without AI processing.

8.4 Rights Under Specific Regulations

If you are located in a jurisdiction with specific data protection rights (e.g., GDPR, India DPDPA), you may have additional rights including the right to access, rectify, restrict processing of, or object to the processing of your personal data. To exercise these rights, contact us at the address below.

9. Data Processing Agreement

For customers subject to the General Data Protection Regulation (GDPR), India's Digital Personal Data Protection Act (DPDPA) 2023, or similar data protection legislation that requires a formal data processing agreement, we offer a Data Processing Agreement (DPA) upon request. Contact us at the address below to request a DPA.

10. Children's Privacy

Tickr is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. International Data Transfers

Your data is processed and stored in the United States (AWS US East region). By using Tickr, you acknowledge the transfer of your data to the United States. We rely on AWS's compliance certifications (SOC 2, ISO 27001) and standard contractual clauses where required to ensure adequate data protection for international transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify affected workspace administrators of material changes at least 30 days in advance by posting a notice in Slack or by email. Your continued use of Tickr after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or need to request a Data Processing Agreement, contact us:

Amaranthine Private Limited B-914, 6th Avenue, Gaur City 1 Noida, Gautambuddha Nagar - 201301 Uttar Pradesh, India

Email: legal@heytickr.com

Questions?

Need to get in touch?

For privacy-related inquiries, data requests, or to exercise your rights, reach out to our team.

Contact LegalTerms of Service