Privacy at Hearth
Plain-English explanation of what we collect, what we don't, and why.
Message metadata only: who messaged (anonymized), when, which channel, message length, whether it was a thread, and whether it had reactions.
Channel information: Channel names and member counts for channels you explicitly opt in.
Community info: Your Slack workspace name and ID.
Message content: We never read, store, or process the text of any message. Ever.
Direct messages: We have zero access to DMs.
Files or attachments: Not accessed or stored.
Email addresses or real names: User identities are hashed with a unique per-community key. We cannot reverse the hash.
Channels you don't opt in: Monitoring is OFF by default for every channel.
Encrypted tokens: Your Slack OAuth token is encrypted at rest using pgcrypto. It never exists in plain text in our database.
Hashed user IDs: We use HMAC-SHA256 with a unique salt per community. Cross-community correlation is mathematically impossible.
Per-channel opt-in: Every channel starts OFF. You choose exactly which channels to monitor.
Row-Level Security: Database-level isolation ensures your data is only accessible to you.
One-tap revoke: You can revoke the integration at any time from your dashboard settings.
Cascade delete: Revoking permanently deletes ALL data — messages, channels, analytics, tokens, everything. This cannot be undone.
No backups retained: Deleted data is gone from our systems.
Hearth Slack Bot Scopes: channels:read, channels:history, groups:read, groups:history, users:read
Questions? Reach out at the GitHub repo.