Privacy Policy

Effective Date: 30.10.2025

Teamwins (“we,” “our,” “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share information when you use our website (teamwins.co) and services (the “Service”).

1. Who We Are

Teamwins provides software and services designed to help teams collaborate, share referrals, and manage perks. For data protection purposes, Teamwins may act as a data controller (when we decide how your data is used) and as a data processor (when processing data on behalf of our customers).

2. Information We Collect

We collect the following types of information:

Account Information: Name, email address, company, role, and login credentials.
Team & Workspace Data: Information you upload or create in Teamwins (e.g., referrals, rewards, perks, messages).
Payment Information: Processed securely by Stripe; we do not store full card details.
Usage Data: Analytics on how you use our website and app (e.g., IP address, browser type, device, interactions).
Support Data: When you contact us, we may collect additional information you provide.

3. How We Use Information

We use your personal data to:

Provide and maintain the Service.
Process transactions and billing.
Improve and personalize your experience.
Monitor usage, prevent fraud, and ensure security.
Communicate with you about updates, new features, or support requests.
Comply with legal obligations.

4. Legal Bases for Processing (EU/EEA)

Contract: To provide the Service you signed up for.
Legitimate Interest: To improve services, ensure security, and prevent fraud.
Consent: For optional activities like marketing emails.
Legal Obligation: To comply with applicable laws.

5. Data Storage & Security

Data is hosted in the EU and/or US regions through our sub-processors (e.g., Vercel, Supabase, Stripe).
We use encryption in transit (HTTPS) and at rest.
Access to personal data is restricted to authorized personnel.

6. Data Sharing

We share data only with trusted service providers who help us operate the Service, including:

Vercel (hosting, edge network)
Supabase (database, authentication)
Stripe (payments)
Other essential vendors for analytics, email, or support.

We do not sell personal data.

7. Slack Integration Data

If you connect Teamwins to your Slack workspace, we collect and process certain information from Slack to provide integration features:

Data We Collect from Slack:

Workspace Information: Slack workspace ID, workspace name, and team identifier.
User Information: User IDs and email addresses of workspace members (to match with Teamwins accounts and invite members to the #teamwins channel).
Channel Information: The ID and name of the #teamwins channel created during setup.
Bot Access Token: An encrypted OAuth token that allows Teamwins to post messages to your designated Slack channel.
Installation Metadata: Information about who installed the app and when.

How We Use Slack Data:

To post celebration messages about contributions, perks, and assists to your #teamwins channel.
To create and manage the #teamwins channel in your workspace.
To invite workspace members to the #teamwins channel based on email matching.
To respond to slash commands (e.g., /teamwins leaderboard, /teamwins status).
To send weekly summary digests (if enabled by workspace administrators).

Data Security & Encryption:

Bot access tokens are encrypted at rest using AES-256 encryption.
All communication with Slack uses HTTPS (TLS 1.2 or greater).
Webhook requests from Slack are verified using cryptographic signature validation.
Access to Slack integration data is restricted to workspace administrators only.

Data Retention:

Integration Active: Slack tokens and workspace information are retained while the integration is active.
After Disconnection: When you disconnect the Slack integration from Teamwins, all associated tokens and workspace data are immediately deleted.
After App Uninstall: If you uninstall the Teamwins app from Slack, we automatically delete all integration data within 24 hours.
Event Logs: Logs of posted messages and events are retained for 90 days for troubleshooting purposes, then automatically deleted.

Data Not Actively Used:

While we request certain Slack permissions (such as viewing channel information and user emails), we only use this data for the specific purposes listed above. We do not:

Read or store message content from Slack channels.
Access private channels you haven't explicitly added the Teamwins bot to.
Use Slack data to train artificial intelligence or machine learning models.
Share Slack data with third parties for marketing purposes.
Perform sentiment analysis on Slack messages.

Your Rights Regarding Slack Data:

You can:

Disconnect the Slack integration at any time from the Teamwins admin settings.
Uninstall the Teamwins app from your Slack workspace, which triggers automatic data deletion.
Request a copy of what Slack data we have stored about your workspace.
Request deletion of Slack integration data by contacting support@teamwins.co.

Contact for Slack Data Requests:

For any questions or requests about how we handle Slack data, contact us at support@teamwins.co. We will respond to all data access, transfer, or deletion requests within 30 days.

8. Data Retention

Account data: kept while you maintain an account.
Team/workspace data: deleted when you request account deletion or after a reasonable period of inactivity.
Billing data: retained as required by law (e.g., tax and accounting rules).

9. Your Rights (EU/EEA & UK Users)