Security & Privacy
Your security and privacy are our top priorities. Learn about the minimal permissions we request and the industry-standard security practices we implement to keep your data safe.
GitHub App Permissions
Minimal access to only what we need for core functionality
Repository Access
Read OnlyRead access to issues, metadata, and pull requests
Why we need this: To detect when pull requests are opened, reviewed, merged, or closed, and to read PR metadata like title, description, labels, and assignees for our notifications.
Organization Access
Read OnlyRead access to organization members
Why we need this: To map GitHub usernames to Slack users and enable team-based notification routing. This helps us mention the right people in Slack when they're assigned PRs or requested for reviews.
User Access
MinimalRead access to email addresses and public profile data
Why we need this: To identify users for notifications and provide personalized settings. Email access is used for billing notifications and important account updates only.
Important: You Control Repository Access
By default, our GitHub app has NO access to any repositories. You explicitly choose which repositories to grant access to during installation, and you can modify this at any time.
Slack App Permissions
Send-only permissions with channel control
chat:write
Send OnlySend messages as @PullNotifier
Why we need this: This is our core functionality - sending GitHub pull request notifications to your designated Slack channels. We can only send messages, never read them.
chat:write.customize
Send OnlySend messages with customized username and avatar
Why we need this: To make notifications more informative by showing Github avatars and usernames in the notification message.
chat:write.public
Send OnlySend messages to channels @PullNotifier isn't a member of
Why we need this: To send notifications to any channel you specify, without requiring the bot to be manually added to each channel first.
incoming-webhook
Send OnlyPost messages to specific channels
Why we need this: To enable repository-to-channel mapping, allowing you to route different GitHub repositories to different Slack channels automatically.
Privacy Guaranteed: We Cannot Read Your Messages
Our Slack app only has "write" permissions - we can send messages but cannot read, edit, or delete any messages in your workspace. You also control exactly which channels we can post to.
Security Practices
Industry-standard security measures protecting your data
HTTPS Everywhere
All data transmission uses TLS 1.3 encryption with perfect forward secrecy
Encryption at Rest
All stored data is encrypted using AES-256 encryption standards
Secure Infrastructure
Hosted on enterprise-grade cloud infrastructure with regular security updates
Access Controls
Role-based access with principle of least privilege
Data Minimization
We collect and store only the minimum data necessary for functionality
Regular Security Audits
Continuous monitoring and regular security assessments of our infrastructure
Incident Response
24/7 monitoring with established procedures for security incident response
Zero Trust Architecture
Every request is authenticated and authorized regardless of source or location
Data Processing and Storage
- Data is stored in SOC 2 Type II compliant data centers with 99.9% uptime SLA
- Regular automated backups with point-in-time recovery capabilities
- Data retention policies ensure information is deleted when no longer needed
Frequently Asked Questions
Have More Security Questions?
We're committed to transparency and happy to address any security concerns you may have.
Contact us at security@pullnotifier.com for security-related inquiries or to request additional security documentation.