Yes, Troops stores a small portion of your data, the smallest amount of data necessary to enable your signals to work, and only keeps data for active signals that require it. Should you delete a signal, data stored for that signal will also be deleted.
Which data from my systems is being stored?
Troops needs to store values for fields that are monitored by your signals’ conditions as well as the ID for that record. For example, if you have a signal that sends a notification when Account Stage becomes “Closed Won” and Amount is greater than 10K, Troops will store ID, Stage, and Amount for all rows in the Account object.
We do not advise setting up signals that alert on PII or sensitive information, but Troops does treat this information as sensitive in our system.
Where is my data stored? Can I pick where my data is stored?
Troops is hosted on Amazon AWS US-East Region only, including a backup replication. Currently we do not provide an option to store data in additional locations.
Does Troops store PII / sensitive data?
Generally no, but this is up to the user creating Troops signals. Because conditions in signals rarely include PII, Troops does not need to store this data. If you want to avoid Troops storing certain fields, please make sure these fields are not included in signal conditions.
Troops also stores a small amount of PII about its users (name, email, avatar)
For how long is my data being stored?
Your data will be stored for as long as you are using Troops signals that rely on that data.
When is my data deleted?
Is my data secure?
Yes! We take great care to ensure the safety of your data. It’s encrypted in transit, at rest and most sensitive data (such OAuth tokens and passwords) are encrypted at the application level using the AES-256 algorithm. Troops goes through an annual security audit and penetration test to independently certify our security. Please see our statement on Security for additional details.
Who has access to my data?
Only you and your Troops Account Manager will have access to your configuration data for the sole purpose of supporting your account. All access to your data is logged and audited by Troops to prevent misuse.
Does Troops have SOC 2, uphold GDPR / CCPA ?
Yes! Troops has been SOC 2 certified since 2017 and has passed an annual audit ever since. We conduct penetration tests annually and uphold GDPR / CCPA. For a copy of our SOC report, please contact your Troops account manager.
How are my system integrations connected to Troops?
Troops uses OAuth 2.0 to share credentials between your platforms (Salesforce, Hubspot, Zendesk, Jira, etc) and Troops for maximum security and customer control.
Do I need a separate service account inside my platforms to connect them to Troops?
In most cases, we don’t require you to have a separate license to connect your systems to Troops (unless it’s the only integration method that a system offers).
Do I need to install a Salesforce Managed Package to use Troops?
No, you don't need to install a Salesforce Managed Package. Our listing on the AppExchange is provided using API-only integration, and does not require any Salesforce components at this time.
What system permissions / OAuth scopes are required to integrate my systems with Troops?
users:read - view slack users in a workspace
users:read.email - View email addresses of users in a workspace
channels:read - view basic information about public channels in a workspace
groups:read - view basic information about private channels that Troops Bot has been added to
mpim:read - view basic information about direct messages that Troops Bot has been added to
mpm:write - start group direct messages with people
im:read - View basic information about direct messages that Troops Bot had been added to
im:write - Start direct messages with users
chat:write - Send messages as Troops Bot
chat:write.public - Send messages to public channels Troops Bot isn’t member of
Team.ReadBasic.All - Allows the app to get the list of Teams that the user has joined
Email - Access to the user's primary email address in the form of the email claim
User.Read - Allows the app to read the user id which is used to send a chat to the user
Openid - Access user information in the form of identity claims
Profile - Access user information in the form of identity claims
full - Allows access to all data accessible by the logged-in user, and encompasses all other scopes
refresh_token - Allows a refresh token to be returned when the requesting client is eligible to receive one. With a refresh token, the app can interact with the user’s data while the user is offline
The user needs to go into the Gainsight system under “Admin → Connectors 2.0 → Gainsight API” create an “Api Access Key”. They also need to provide the correct subdomain for the integration. Gainsight does not provide an ability to limit permissions to API Keys at this time, so the API Key will have full access.
contacts - Contacts, Companies, and Deals, along with the associated property APIs, Engagements API, Owners API
tickets - Provides access to the Tickets API
oauth - Required to use the authentication flow
read - Gives access to GET endpoints. Includes permission to sideload related resources
write - Gives access to POST, PUT, and DELETE endpoints
Read and list users and companies - List and view all segments, users and companies - Contacts, Companies, and Deals, along with the associated property APIs, Engagements API, Owners API
Write users and companies - Create and update users and companies
Read and write users - List all users and execute bulk actions
Read one user and one company - List and view a single user and company
Read events - List all events belonging to a single user
Write events - Submit events (i.e. user activity)
Read conversations - View conversations
Write conversations - Reply to, mark as read and close conversations
Read tags - List all tags
Write tags - Create, update, use and delete tags
Write data attributes - Create and update custom data attributes
Read counts - Count users and companies with specified criteria
Export message data - Export engagement data for messages such as open rate, click rate etc.
offline_access - Allows for refreshing of oauth credentials
read:jira-work - Read Jira project and issue data, search for issues, and objects associated with issues like attachments and worklogs
read:jira-user - View user information in Jira that the user has access to, including usernames, email addresses, and avatars
write:jira-work - Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues
Jira Service Desk
ead:servicedesk-reques - View Jira Service Desk request data Read customer request data, including approvals, attachments, comments, request participants, and status/transitions
write:servicedesk-request - Create and manage Jira Service Desk requests
manage:servicedesk-customer - Manage Jira Service Desk customers and organizations
To request a copy of our SOC 2 Type II report and penetration test results please email firstname.lastname@example.org to sign an NDA.