PullNotifier

Security & Privacy

Your security is our top priority. We request only the minimum permissions needed and follow industry-standard practices to keep your data safe.

🔒TLS 1.3 Encryption

🛡️Read-Only Access

📝SOC 2 Aligned

🗑️30-Day Data Deletion

GitHub App Permissions

Minimal read-only access to what we need

View on GitHub Marketplace

Repository AccessRead Only

Read access to issues, metadata, and pull requests

Why: To detect when pull requests are opened, reviewed, merged, or closed, and to read PR metadata like title, description, labels, and assignees for notifications.

Organization AccessRead Only

Read access to organization members

Why: To map GitHub usernames to Slack users and enable team-based notification routing. This helps mention the right people in Slack when they're assigned PRs or requested for reviews.

User AccessMinimal

Read access to email addresses and public profile data

Why: To identify users for notifications and provide personalized settings. Email access is used for billing notifications and important account updates only.

You control repository access. By default, our GitHub app has no access to any repositories. You explicitly choose which repositories to grant access to during installation, and can modify this at any time.

Slack App Permissions

Send-only permissions — we never read your messages

chat:writeSend Only

Send messages as @PullNotifier

Why: Core functionality — sending GitHub pull request notifications to your designated Slack channels. We can only send messages, never read them.

chat:write.customizeSend Only

Send messages with customized username and avatar

Why: To make notifications more informative by showing GitHub avatars and usernames in the notification message.

chat:write.publicSend Only

Send messages to channels @PullNotifier isn't a member of

Why: To send notifications to any channel you specify, without requiring the bot to be manually added to each channel first.

incoming-webhookSend Only

Post messages to specific channels

Why: To enable repository-to-channel mapping, allowing you to route different GitHub repositories to different Slack channels automatically.

We cannot read your messages. Our Slack app only has write permissions — we can send messages but cannot read, edit, or delete any messages in your workspace.

Security Practices

Industry-standard measures protecting your data

HTTPS Everywhere

All data transmission uses TLS 1.3 encryption with perfect forward secrecy

Encryption at Rest

All stored data is encrypted using AES-256 encryption standards

Secure Infrastructure

Enterprise-grade cloud infrastructure with regular security updates

Access Controls

Role-based access with principle of least privilege

Data Minimization

We collect and store only the minimum data necessary for functionality

Zero Trust Architecture

Every request is authenticated and authorized regardless of source

Data Processing & Storage

Data is stored in SOC 2 Type II compliant data centers with 99.9% uptime SLA

Regular automated backups with point-in-time recovery capabilities

Data retention policies ensure information is deleted when no longer needed

Frequently Asked Questions

As a growing startup focused on providing exceptional value to our users, we are currently working towards SOC 2 Type II compliance. Given our current size and resources, we have prioritized implementing strong security practices and controls that align with SOC 2 requirements. We are committed to achieving formal SOC 2 certification as we continue to scale.

Yes, we provide Data Processing Agreements upon request for enterprise customers. Our DPA outlines how we handle personal data in compliance with GDPR, CCPA, and other applicable privacy regulations. Please contact our support team to request a copy.

No. Our GitHub app only requests metadata and pull request read permissions, which allow us to see PR information like titles, descriptions, labels, and review status. We do not have access to repository contents, source code, or file changes.

We retain data only as long as necessary to provide our services. When you uninstall our app or delete your account, we delete your data within 30 days, except where longer retention is required by law (such as for billing records).

We do not sell or share your data with third parties for marketing purposes. We only share data with essential service providers (like our cloud hosting and payment processor) who are bound by strict data protection agreements.

We have a comprehensive incident response plan. In the unlikely event of a security incident, we will immediately investigate, contain the issue, and notify affected customers within 72 hours (or sooner if required by law).

Absolutely. You can revoke our GitHub app's access through your GitHub settings, and our Slack app's permissions through your Slack workspace settings. You can also disconnect specific integrations through our dashboard at any time.

Have Security Questions?

We're committed to transparency and happy to address any concerns.

security@pullnotifier.com