Security FAQ
Meagan Jaskot avatar
Written by Meagan Jaskot
Updated over a week ago

Does Troops store my data?

Yes, Troops stores a small portion of your data, the smallest amount of data necessary to enable your signals to work, and only keeps data for active signals that require it. Should you delete a signal, data stored for that signal will also be deleted.

Which data from my systems is being stored?

Troops needs to store values for fields that are monitored by your signals’ conditions as well as the ID for that record. For example, if you have a signal that sends a notification when Account Stage becomes “Closed Won” and Amount is greater than 10K, Troops will store ID, Stage, and Amount for all rows in the Account object. We do not advise setting up signals that alert on PII or sensitive information, but Troops does treat this information as sensitive in our system.

Where is my data stored? Can I pick where my data is stored?

Troops is hosted on Amazon AWS US-East Region only, including a backup replication. Currently we do not provide an option to store data in additional locations.

Does Troops store PII / sensitive data?

Generally no, but this is up to the user creating Troops signals. Because conditions in signals rarely include PII, Troops does not need to store this data. If you want to avoid Troops storing certain fields, please make sure these fields are not included in signal conditions.Troops also stores a small amount of PII about its users (name, email, avatar)

For how long is my data being stored?

Your data will be stored for as long as you are using Troops signals that rely on that data.

When is my data deleted?

All your data will be deleted 5 business days after termination or on demand by contacting us. Please see Deletion of Customer Data in our Privacy Policy.

Is my data secure?

Yes! We take great care to ensure the safety of your data. It’s encrypted in transit, at rest and most sensitive data (such OAuth tokens and passwords) are encrypted at the application level using the AES-256 algorithm. Troops goes through an annual security audit and penetration test to independently certify our security. Please see our statement on Security for additional details.

Who has access to my data?

Only you and your Troops Account Manager will have access to your configuration data for the sole purpose of supporting your account. All access to your data is logged and audited by Troops to prevent misuse.

Does Troops have SOC 2, uphold GDPR / CCPA ?

Yes! Troops has been SOC 2 certified since 2017 and has passed an annual audit ever since. We conduct penetration tests annually and uphold GDPR / CCPA. For a copy of our SOC report, please contact your Troops account manager.

How are my system integrations connected to Troops?

Troops uses OAuth 2.0 to share credentials between your platforms (Salesforce, Hubspot, Zendesk, Jira, etc) and Troops for maximum security and customer control.

Do I need a separate service account inside my platforms to connect them to Troops?

In most cases, we don’t require you to have a separate license to connect your systems to Troops (unless it’s the only integration method that a system offers).

What system permissions / OAuth scopes are required to integrate my systems with Troops?

Slack

  • users:read - view slack users in a workspace

  • users:read.email - View email addresses of users in a workspace

  • channels:read - view basic information about public channels in a workspace

  • groups:read - view basic information about private channels that Troops Bot has been added to

  • mpim:read - view basic information about direct messages that Troops Bot has been added to

  • mpm:write - start group direct messages with people

  • im:read - View basic information about direct messages that Troops Bot had been added to

  • im:write - Start direct messages with users

  • chat:write - Send messages as Troops Bot

  • chat:write.public - Send messages to public channels Troops Bot isn’t member of Salesforce

Microsoft Teams

  • Team.ReadBasic.All - Allows the app to get the list of Teams that the user has joined

  • Email - Access to the user's primary email address in the form of the email claim

  • User.Read - Allows the app to read the user id which is used to send a chat to the user

  • Openid - Access user information in the form of identity claims

  • Profile - Access user information in the form of identity claims

Salesforce

  • full - Allows access to all data accessible by the logged-in user, and encompasses all other scopes

  • refresh_token - Allows a refresh token to be returned when the requesting client is eligible to receive one. With a refresh token, the app can interact with the user’s data while the user is offline

Hubspot

  • contacts - Contacts, Companies, and Deals, along with the associated property APIs, Engagements API, Owners API

  • tickets - Provides access to the Tickets API

  • oauth - Required to use the authentication flow

Zendesk

  • read - Gives access to GET endpoints. Includes permission to sideload related resources

  • write - Gives access to POST, PUT, and DELETE endpoints

Intercom

  • Read and list users and companies - List and view all segments, users and companies - Contacts, Companies, and Deals, along with the associated property APIs, Engagements API, Owners API

  • Write users and companies - Create and update users and companies

  • Read and write users - List all users and execute bulk actions

  • Read one user and one company - List and view a single user and company

  • Read events - List all events belonging to a single user

  • Write events - Submit events (i.e. user activity)

  • Read conversations - View conversations

  • Write conversations - Reply to, mark as read and close conversations

  • Read tags - List all tags

  • Write tags - Create, update, use and delete tags

  • Write data attributes - Create and update custom data attributes

  • Read counts - Count users and companies with specified criteria

  • Export message data - Export engagement data for messages such as open rate, click rate etc.

Jira

  • offline_access - Allows for refreshing of oauth credentials

  • read:jira-work - Read Jira project and issue data, search for issues, and objects associated with issues like attachments and worklogs

  • read:jira-user - View user information in Jira that the user has access to, including usernames, email addresses, and avatars

  • write:jira-work - Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues

Jira Service Desk

  • read:servicedesk-reques - View Jira Service Desk request data Read customer request data, including approvals, attachments, comments, request participants, and status/transitions

  • write:servicedesk-request - Create and manage Jira Service Desk requests

  • manage:servicedesk-customer - Manage Jira Service Desk customers and organizations

To request a copy of our SOC 2 Type II report and penetration test results please email support@troops.ai to sign an NDA.

You can also download this document as a security white paper.

Did this answer your question?