Oneflow
Stay on top of all your contract-related activities in Oneflow as they happen. You'll receive real-time notifications for a wide range of contract updates and events. Get notified whenever contracts are e-signed, published, declined, and overdue. :dizzy:Here are some tips to make the most of your experience:
• Receive instant notifications for contract updates and e-signatures. :bell:
• Securely and easily connect your Oneflow account to Slack to get notified on contract updates. :link::closed_lock_with_key:
• Head over to the Home tab to get a quick overview of your recent contracts. :house:
• Filter contracts by date and status. :mag:
• Receive instant notifications for contract updates and e-signatures. :bell:
• Securely and easily connect your Oneflow account to Slack to get notified on contract updates. :link::closed_lock_with_key:
• Head over to the Home tab to get a quick overview of your recent contracts. :house:
• Filter contracts by date and status. :mag:
Permissions
Oneflow will be able to view:
Oneflow will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Oneflow AB
Company headquarters location
Sweden
Terms of service
Privacy & data governance
Data retention policy
Data retention is managing your document data to avoid storing any information past its allowed time (GDPR). By enabling data retention in your workspaces, you can choose when your draft, overdue, declined, or terminated documents will automatically be deleted from the system.
Documents removed by data retention cannot be restored.
The retention period in settings will always be in days.
Moving a document to a workspace with data retention may remove the document.
Setting the date retention fields empty will disable data retention.
The system removes documents daily.
How to Enable data retention you can find here https://support.oneflow.com/support/solutions/articles/77000435961-data-retention
Data archiving and removal policy
Oneflow process personal data about our business relations for as long as we have an active business relation with you and thereafter a maximum of 365 after the business relationship has ended (or earlier if you have been replaced by another contact person/representative or otherwise announced that you no longer want us to process your personal data). When the business relationship terminates or when we otherwise decide that your personal data will no longer be stored for the purposes specified above, personal data will be deleted (or anonymized), except for such data that we are required by law to save for a longer time period (e.g. by virtue of tax-, bookkeeping- or accounting legislation). After your personal data has been deleted as described above, your name and contact information may continue to appear in archived agreements and related documentation in cases where Oneflow is obliged to save such material in accordance with law or other legal obligations. Users can request the deletion of their data by sending an email to support@oneflow.com. In the email, users should provide their account details and include a brief description of the data they wish to have deleted.
Data storage policy
The categories of personal data that we typically process about you are e-mail address, name, telephone number, workplace and title. If your organisation has a customer relationship with Oneflow, we also process data related to such customer relationship such as customer number, password for customer account, notes/events and transaction data relating to the account, invoicing data, payment information and information relating to signed agreement and credit checks conducted (where applicable).
Oneflow only stores your personal data as long as it is necessary in order to carry out the purposes for the processing described above. We have established internal deletion routines, based on the principle that personal data shall not be stored longer than necessary for fulfilling the respective purposes. Oneflow stores personal data processed within the framework of your customer service enquiries for up to 365 days. Said storage time is necessary for Oneflow to be able to help you and follow up on your enquiries. Oneflow stores personal data processed within the framework of your demo requests for up to 365 days. Said storage time is necessary for Oneflow to be able to help you and follow up on your request. Oneflow stores personal information that we process about you through instant messages or comments on Facebook, Twitter, LinkedIn and Youtube. Reactions and comments on our public posts are saved until you choose to delete them. This storage time is necessary for Oneflow to be able to display the reactions and comments you have chosen to leave during the time you want them to be visible. However, Oneflow may remove reactions or comments on our posts if we find them inappropriate or if otherwise necessary to fulfil our obligations under the GDPR or the Swedish law on bulletin board systems (Sw. Lagen om ansvar för elektroniska anslagstavlor (1998:112)).Types of personal data: Name, email address, phone number, title, work place and personal identity number relating to users and counterparties to contracts.As to contracts stored in the Service, personal data included therein (and thereby processed by Oneflow) may vary depending on which type of document you upload.
Data center location(s)
Ireland, Sweden
Data hosting details
Oneflow uses AWS to host the Oneflow application and as such has access to security capabilities and services offered by AWS, e.g. Cloudfront as a CDN for DDoS protections. In addition, we run the application in multiple separate availability zones (AZs), to maximize availability, and utilize AWS clustering services that automatically handle and mitigate network and hardware issues.
We have strong network security which consists of firewalls, switches, routers, and segregated wireless networks; Appropriate controls are in place to ensure the network is secure.
- AWS Network Firewall
- AWS Web Application Firewall (WAF)
- Access Control Lists (ACL)
- DDos Protection mechanisms
Data hosting company
AWS
App/service has sub-processors
yes
Guidelines for sub-processors
Certifications & compliance
Data deletion request procedure
Oneflow lets You retrieve or delete Your Data currently in Oneflow’s possession through the Service in such generally accepted format as provided by Oneflow from time to time. If this Agreement is terminated or otherwise expires for any reason, You shall promptly return to Oneflow or destroy any Confidential Information, or other materials in Your possession belonging to Oneflow and all rights and licenses granted to You by Oneflow under this Agreement shall terminate, where applicable.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2023-10-10
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
Azure, ADFS, ForgeRock, Google Workspace, Duo ,OneTouch
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@oneflow.com
Has a vulnerability disclosure program
no
Has a bug bounty program
no
Requires third party authorization/connections
no
Uses token rotation
yes