Data Processing Agreement (DPA)

Braid Social Inc.
Last updated: March 24, 2025

Definitions

  • "Controller" uses Braid's services and determines data processing purposes.

  • "Processor" is Braid Social Inc., processing data on behalf of the Controller.

  • "Personal Data" is information related to identifiable persons.

Purpose of Processing

Braid provides interactive team-building games via Slack and a Web Dashboard for account management and customization, aimed at enhancing team cohesion in hybrid and remote workplaces.

Personal Data Processed

  • Names and Slack user IDs

  • Email addresses

  • Profile pictures from Slack

  • Interaction data (game responses, activity logs)

  • Opaque identifiers (UUIDs) for analytics

Subprocessors

Braid uses subprocessors to deliver its services. Updates are posted on Braid’s website.

Current Subprocessors:

  • Clerk (authentication)

  • Cloudflare (static assets, images, DNS, SSL)

  • AWS S3 (static assets)

  • Fly.io (compute, PostgreSQL)

  • Slack (app integration, authentication)

  • Stripe (payments)

  • Sentry (error tracking)

  • Posthog (analytics)

Security

  • Data encryption (at rest and in transit)

  • Secure authentication (Clerk, Slack Sign-in)

  • Restricted access (limited to super-admins)

  • Regular security awareness training

Data Storage

Data is hosted in the United States. GDPR-compliant mechanisms are used for subprocessors outside the EU.

Data Deletion

Data is deleted automatically within 30 days of account deletion or upon explicit support requests.

Data Breach

Controllers are notified within 72 hours of any personal data breach.

Termination

Braid deletes or anonymizes data within 30 days after termination.

Data Processing Agreement (DPA)

Braid Social Inc.
Last updated: March 24, 2025

Definitions

  • "Controller" uses Braid's services and determines data processing purposes.

  • "Processor" is Braid Social Inc., processing data on behalf of the Controller.

  • "Personal Data" is information related to identifiable persons.

Purpose of Processing

Braid provides interactive team-building games via Slack and a Web Dashboard for account management and customization, aimed at enhancing team cohesion in hybrid and remote workplaces.

Personal Data Processed

  • Names and Slack user IDs

  • Email addresses

  • Profile pictures from Slack

  • Interaction data (game responses, activity logs)

  • Opaque identifiers (UUIDs) for analytics

Subprocessors

Braid uses subprocessors to deliver its services. Updates are posted on Braid’s website.

Current Subprocessors:

  • Clerk (authentication)

  • Cloudflare (static assets, images, DNS, SSL)

  • AWS S3 (static assets)

  • Fly.io (compute, PostgreSQL)

  • Slack (app integration, authentication)

  • Stripe (payments)

  • Sentry (error tracking)

  • Posthog (analytics)

Security

  • Data encryption (at rest and in transit)

  • Secure authentication (Clerk, Slack Sign-in)

  • Restricted access (limited to super-admins)

  • Regular security awareness training

Data Storage

Data is hosted in the United States. GDPR-compliant mechanisms are used for subprocessors outside the EU.

Data Deletion

Data is deleted automatically within 30 days of account deletion or upon explicit support requests.

Data Breach

Controllers are notified within 72 hours of any personal data breach.

Termination

Braid deletes or anonymizes data within 30 days after termination.

Data Processing Agreement (DPA)

Braid Social Inc.
Last updated: March 24, 2025

Definitions

  • "Controller" uses Braid's services and determines data processing purposes.

  • "Processor" is Braid Social Inc., processing data on behalf of the Controller.

  • "Personal Data" is information related to identifiable persons.

Purpose of Processing

Braid provides interactive team-building games via Slack and a Web Dashboard for account management and customization, aimed at enhancing team cohesion in hybrid and remote workplaces.

Personal Data Processed

  • Names and Slack user IDs

  • Email addresses

  • Profile pictures from Slack

  • Interaction data (game responses, activity logs)

  • Opaque identifiers (UUIDs) for analytics

Subprocessors

Braid uses subprocessors to deliver its services. Updates are posted on Braid’s website.

Current Subprocessors:

  • Clerk (authentication)

  • Cloudflare (static assets, images, DNS, SSL)

  • AWS S3 (static assets)

  • Fly.io (compute, PostgreSQL)

  • Slack (app integration, authentication)

  • Stripe (payments)

  • Sentry (error tracking)

  • Posthog (analytics)

Security

  • Data encryption (at rest and in transit)

  • Secure authentication (Clerk, Slack Sign-in)

  • Restricted access (limited to super-admins)

  • Regular security awareness training

Data Storage

Data is hosted in the United States. GDPR-compliant mechanisms are used for subprocessors outside the EU.

Data Deletion

Data is deleted automatically within 30 days of account deletion or upon explicit support requests.

Data Breach

Controllers are notified within 72 hours of any personal data breach.

Termination

Braid deletes or anonymizes data within 30 days after termination.