Privacy Policy

Last updated: May 2026

Control Tower ("we", "us", or "our") is a software service that monitors Intercom conversations for customer risk signals. This Privacy Policy explains what data we collect, how we use it, and your rights.

1. What We Collect

When you install Control Tower and connect your Intercom workspace, we collect and store:

• Organization data: Your Intercom workspace ID and organization identifier
• Intercom access token: Encrypted at rest using AES-256. Used solely to read conversation data from your workspace
• Conversation metadata: Conversation IDs, customer names, email addresses, risk scores, assignee names, and the most recent customer message (up to 300 characters). We do not store full conversation transcripts
• Subscription data: Your billing plan, subscription status, and the email address associated with your PayPal account
• Usage data: Number of conversations processed per billing period
• Session data: Authentication tokens stored as secure cookies, expiring automatically

2. How We Use Your Data

• To provide the risk monitoring and alerting service
• To enforce plan limits (conversations per month)
• To process billing and subscription management via PayPal
• To send push notifications and Slack alerts you have configured

We do not sell your data, share it with third parties for advertising, or use it to train AI models.

3. Data Storage and Security

• All data is stored on servers within our infrastructure
• Intercom access tokens are encrypted at rest (AES-256)
• All data in transit is protected by TLS/HTTPS
• We use row-level multi-tenancy — your data is logically isolated from all other customers

4. Intercom Access

Control Tower requests read-only access to your Intercom workspace. We use this access only to receive conversation webhooks and retrieve conversation details for risk assessment. We do not write to your Intercom data except when you explicitly trigger an escalation action from our dashboard.

5. Data Retention

We retain your data for as long as your account is active. Conversation metadata is retained for up to 12 months. You may request deletion of all your data at any time (see Section 7).

6. Third-Party Services

• Intercom: Conversation data source. Subject to Intercom's Privacy Policy
• PayPal: Payment processing. Subject to PayPal's Privacy Policy
• Slack: Alert delivery (optional, only if you configure a Slack webhook)

7. Your Rights (GDPR)

If you are located in the European Economic Area, you have the right to:

• Access: Request a copy of the data we hold about your organization
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of all your organization's data. You can do this directly from Settings → General → "Delete my data" in the dashboard, or by contacting us
• Portability: Request your data in a machine-readable format
• Objection: Object to processing of your data

8. Cookies

We use a single session cookie (ct_session) to maintain your authenticated session. This cookie is HttpOnly, Secure, and SameSite=Strict. We do not use tracking cookies or third-party analytics cookies.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by posting a notice in the dashboard. Continued use of the service after changes constitutes acceptance.

10. Contact

For privacy questions, data requests, or to exercise your rights, contact us.