Common Paper
Common Paper helps users create, sign, and get paid for contracts faster. Build trusted templates using our standard agreements, then negotiate, sign, and manage your contracts in a single workflow.With Common Paper and Slack, teams can get notified as agreements progress through the signature process. Users can customize which updates are sent to Slack and which channel to send them to.
Permissions
Common Paper will be able to view:
Common Paper will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Common Paper Inc.
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Data Retention
Common Paper, Inc. shall retain data as long as the company has a need for its use, or to meet
regulatory or contractual requirements. Once data is no longer needed, it shall be securely
disposed of or archived. Data owners, in consultation with legal counsel, may determine
retention periods for their data.
Personally identifiable information (PII) shall be deleted or de-identified as soon as it no longer
has a business use.
Data archiving and removal policy
Customers may submit requests to exercise your right to information, access or deletion via email to privacy@commonpaper.com.
Common Paper, Inc.'s engineering team is responsible for setting and enforcing the data
retention and disposal procedures for Common Paper, Inc. managed accounts and devices.
Customer Accounts:
Customer accounts and data shall be deleted within 60 days of customer request through
manual data deletion processes, unless otherwise required by applicable law or regulation.
Data storage policy
Common Paper, Inc. classifies data and information systems in accordance with legal
requirements, sensitivity, and business criticality in order to ensure that information is given the
appropriate level of protection. Data owners are responsible for identifying any additional
requirements for specific data or exceptions to standard handling requirements.
Information systems and applications shall be classified according to the highest classification
of data that they store or process.
Data center location(s)
United States
Data hosting details
Cloud hosted
Data hosting company
Heroku, AWS
App/service has sub-processors
yes
Guidelines for sub-processors
Certifications & compliance
SOC attestation
Data deletion request procedure
Customers may submit requests to exercise your right to information, access or deletion via email to privacy@commonpaper.com.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2023-12-05
Executive summary is available to potential customers upon request
no
Supports Security Assertion Markup Language (SAML)
no
Has a dedicated security team
no
Contact for security issues
security@commonpaper.com
Has a vulnerability disclosure program
no
Has a bug bounty program
no
Requires third party authorization/connections
yes
Third party services used by this app
Auth0, Dropbox Sign, AWS, Heroku
Uses token rotation
no