Security

Last updated: January 16, 2025

We endeavor to always abide by good practices and keep improving on security at our company, OTis Co., Ltd. This of course applies to RikaiAI and this website. Our infrastructure communicates over HTTPS encryption to ensure secure data transmission, and has multiple measures in place at various levels to safeguard against potential security threats.

Our security measures include:

• HMAC and timestamp validation for Slack requests.
• OAuth 2.0 for installation flow.
• Principle of Least Privilege for permission scopes.

User authentication is also passwordless. We use Slack’s sign in feature for this.

Data Collection

The data we collect, how and why we use them, and for how long we store them are detailed in our Privacy Policy. As much as possible, we limit the data we collect to only what is needed to provide our services.

Data Storage

Our databases are hosted and managed by Amazon Web Services (AWS). We benefit from AWS’ rigorous compliance with industry standards. We also do not retain data beyond what is essential for our operations, and this differs for each type of data. Slack messages are never stored nor logged past the duration required for rendering services.

Data in RikaiAI is encrypted in transit and at rest. We do not store any passwords in our database, as our user authentication is passwordless.

User Responsibilities

• You are responsible for your login credentials. You can log in to RikaiAI via your Slack account, but if your Slack account is compromised, then your account in RikaiAI may be compromised as well.
• Review your workspace’s App Management Settings. By default, any member can install/uninstall any Slack app. We recommend restricting this to only certain members of your workspace, and to allow only pre-approved apps for installation.
• We may ask additional permission scopes to add additional features for RikaiAI. We will send notifications when this is the case. When that happens, please visit our website and reinstall RikaiAI into your workspace. This will not remove any preexisting configuration being used in your workspace.

Contact

For any questions or concerns, feel free to ask us at [email protected].