Security at Uply

Protecting your data is not an afterthought — it is foundational to everything we build. Uply is designed from the ground up with security, privacy, and compliance at its core.

EU-Only Data Hosting

All data is stored and processed exclusively within the European Union. Your data never leaves EU borders. We use GDPR-compliant infrastructure providers to ensure the highest standards of data sovereignty.

Minimal Slack Permissions

Uply follows the principle of least privilege. We request only the minimum Slack permissions needed to deliver questions and collect responses. We never read your Slack messages, access private channels, or view shared files.

Encryption Everywhere

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. Every connection between your Slack workspace and our servers is secured. Authentication is handled through Slack's OAuth 2.0 protocol.

Access Controls

We enforce role-based access control (RBAC) and the principle of least privilege across all internal systems. Only authorized personnel with a legitimate operational need can access personal data, and all access is logged and monitored.

Data Retention & Deletion

When you uninstall Uply or request data deletion, all personal data is permanently removed within 30 days. We do not retain data beyond what is necessary to provide the service. You are always in control of your data.

GDPR Compliance

Uply is built with GDPR compliance at its core. We support all data subject rights including access, rectification, erasure, portability, and objection. A Data Processing Agreement (DPA) is available for all customers.

Incident Response

We maintain a formal incident response process. In the event of a data breach, we will notify affected customers within 72 hours, in full compliance with GDPR requirements. Our team continuously monitors for security threats.

Responsible Disclosure

We welcome responsible security research. If you discover a potential vulnerability, please report it to security@uply.work. We commit to acknowledging reports promptly and working with researchers to address any confirmed issues.

Need more details?

Review our legal and compliance documentation for full details on how we handle your data.

Data Processing AgreementPrivacy Policy

Have a security question? security@uply.work