Skip to main content
Common questions about incident.io’s security practices, data handling, and compliance. For more detailed information, visit our Trust Center.
Our primary web application, Slack integration, and other related components are deployed onto the Google Cloud Platform (GCP).Any data we store is kept either in our PostgreSQL database (also securely hosted and managed by GCP) or in GCP’s BigQuery platform. All data is encrypted at rest in both Postgres and BigQuery.Two-factor authentication and IAM policies are applied to restrict access to resources within the Google Cloud Platform.
Yes. We are happy to provide access to our SOC2 data room on request (help@incident.io).
For transactional data processing (interacting with the Slackbot, and viewing the dashboard), the data is hosted in GCPs Belgium region, in europe-west1. We additionally have a hot standby in the Netherlands region, europe-west4.For analytical data processing (for our internal analytical use case), data is stored within Europe.We currently don’t send any data outside of Europe.
If you decide to stop using incident.io, we’re happy to delete application data upon request. Just let us know at help@incident.io.For removing specific sensitive data from alerts, escalations, incidents, or AI processing, see Managing sensitive data.
By default, users authenticate via Slack — however your organization authenticates with Slack (directly or via a single sign-on provider), that same mechanism is used to access incident.io.You can also configure SAML SSO to authenticate users through your identity provider instead.For the web application, temporary sessions are granted when you sign in. These periodically expire and are refreshed by redirecting the user through the OAuth flow. We can also revoke these tokens.
Yes, incident.io has been approved by Slack and can be found in the Slack App Store here.
To delete your entire organization, see Deleting your organization. To remove an individual user account, see Deleting users.