1. Who We Are
Ruby is a design‑workflow chatbot operated by ion design and engineering, inc. (“Company,” “we,” “our,” or “us”). Ruby resides in Slack workspaces to help users generate and refine design assets.
2. Scope of This Policy
This Privacy Policy explains how we collect, use, disclose, and safeguard Personal Data when you interact with Ruby in any Slack workspace that has installed the Ruby app (the “Service”). It applies to all users, workspace owners, and administrators (“Users”).
3. What Data We Collect
Category | Examples | Source | Legal Basis* |
|---|---|---|---|
Account & Workspace Data | Slack user ID, display name, email, workspace ID, channel IDs, profile photo | Slack APIs | Performance of contract (provide Service) |
Conversation Content | Messages you send to Ruby, design prompts, file uploads (e.g., images, PDFs, Figma links) | You | Performance of contract; legitimate interests |
Usage & Device Data | Timestamps, feature‑usage metrics, error logs, IP address (if visible via Slack events), device type | Automatic | Legitimate interests (service improvement, security) |
Billing & Admin Data (for paid tiers) | Workspace billing contact, plan tier, transaction history | Workspace owner/admin | Performance of contract; legal obligations |
GDPR bases shown for reference; map to local laws as needed.
Sensitive Data
Ruby is not intended to process Sensitive Personal Data (e.g., health, financial, or government ID numbers). Please refrain from submitting such information.
4. How We Use Data
Service delivery: generate design outputs, maintain context between messages, provide support.
Improvement & research: aggregate, de‑identify usage trends to refine algorithms and train internal models.
Security & abuse prevention: detect spam, malicious files, or policy violations.
Legal compliance: respond to lawful requests, enforce our Terms of Service.
5. Automated Processing & AI
Ruby uses machine‑learning models—including third‑party foundation models—to transform user prompts into design suggestions. Automated scoring may flag content for policy review.
We do not use Customer Content to train public models; all training stays within isolated, Company‑controlled environments.
6. Data Sharing & Disclosure
Recipient | Purpose | Safeguards |
|---|---|---|
Slack Technologies, LLC | Message routing & storage per Slack workspace settings | Slack’s security & encryption in transit and at rest |
Cloud infrastructure providers | Hosting Ruby backend and encrypted data storage | SOC 2‑ or ISO 27001‑certified vendors |
Sub‑processors for AI inference | Generate or refine design outputs | Data‑processing addenda; EU standard contractual clauses (SCCs) |
Legal authorities | Compliance with subpoenas, court orders, or similar | Only after verifying scope & legality |
Business transfers | Merger, acquisition, or asset sale | Notice to users; data subject rights preserved |
We never sell Personal Data.
7. International Transfers
If you are located outside the country where our servers reside, your data may be transferred internationally. We rely on recognized transfer mechanisms such as SCCs, the UK Addendum, or adequacy decisions.
8. Data Retention
Data Type | Default Retention | Deletion Mechanism |
|---|---|---|
Logs & metrics | 12 months | Aggregated or deleted |
Billing records | 7 years | Legal‑compliance archive |
Workspace owners can request expedited deletion via the admin dashboard or by emailing privacy@ion.design.
9. Your Rights
Depending on your jurisdiction, you may have rights to:
Access or receive a copy of your Personal Data
Correct inaccurate data
Delete or erase data (“right to be forgotten”)
Restrict or object to processing
Data portability
Lodge a complaint with a supervisory authority
Submit requests through email - support@ion.design.
10. Security Measures
TLS 1.3 encryption for all data in transit
AES‑256 encryption at rest
Least‑privilege, role‑based access controls
Annual penetration tests & continuous vulnerability scanning
Incident‑response plan with 72‑hour breach‑notification target
11. Children’s Privacy
Ruby is not directed to children under 16. We do not knowingly collect Personal Data from minors. If you learn that a minor has provided data, contact us for prompt deletion.
12. Third‑Party Links & Integrations
Ruby may share design previews via external links (e.g., Figma, Adobe CC). Your interactions with those services are governed by their own privacy policies.
13. Updates to This Policy
We may modify this Privacy Policy periodically. Material changes will be announced via:
A message from Ruby in each connected Slack workspace, and
Updating the “Last Updated” date below.
Continued use after changes means you accept the revised Policy.
14. Contact Us
Questions, concerns, or requests?
Email: privacy@ion.design
Mail: ion design and engineering, inc., Attn: Privacy, 763 Gates st, San Francisco, California 94110
Last Updated: July 25th, 2025
1. Who We Are
Ruby is a design‑workflow chatbot operated by ion design and engineering, inc. (“Company,” “we,” “our,” or “us”). Ruby resides in Slack workspaces to help users generate and refine design assets.
2. Scope of This Policy
This Privacy Policy explains how we collect, use, disclose, and safeguard Personal Data when you interact with Ruby in any Slack workspace that has installed the Ruby app (the “Service”). It applies to all users, workspace owners, and administrators (“Users”).
3. What Data We Collect
Category | Examples | Source | Legal Basis* |
|---|---|---|---|
Account & Workspace Data | Slack user ID, display name, email, workspace ID, channel IDs, profile photo | Slack APIs | Performance of contract (provide Service) |
Conversation Content | Messages you send to Ruby, design prompts, file uploads (e.g., images, PDFs, Figma links) | You | Performance of contract; legitimate interests |
Usage & Device Data | Timestamps, feature‑usage metrics, error logs, IP address (if visible via Slack events), device type | Automatic | Legitimate interests (service improvement, security) |
Billing & Admin Data (for paid tiers) | Workspace billing contact, plan tier, transaction history | Workspace owner/admin | Performance of contract; legal obligations |
GDPR bases shown for reference; map to local laws as needed.
Sensitive Data
Ruby is not intended to process Sensitive Personal Data (e.g., health, financial, or government ID numbers). Please refrain from submitting such information.
4. How We Use Data
Service delivery: generate design outputs, maintain context between messages, provide support.
Improvement & research: aggregate, de‑identify usage trends to refine algorithms and train internal models.
Security & abuse prevention: detect spam, malicious files, or policy violations.
Legal compliance: respond to lawful requests, enforce our Terms of Service.
5. Automated Processing & AI
Ruby uses machine‑learning models—including third‑party foundation models—to transform user prompts into design suggestions. Automated scoring may flag content for policy review.
We do not use Customer Content to train public models; all training stays within isolated, Company‑controlled environments.
6. Data Sharing & Disclosure
Recipient | Purpose | Safeguards |
|---|---|---|
Slack Technologies, LLC | Message routing & storage per Slack workspace settings | Slack’s security & encryption in transit and at rest |
Cloud infrastructure providers | Hosting Ruby backend and encrypted data storage | SOC 2‑ or ISO 27001‑certified vendors |
Sub‑processors for AI inference | Generate or refine design outputs | Data‑processing addenda; EU standard contractual clauses (SCCs) |
Legal authorities | Compliance with subpoenas, court orders, or similar | Only after verifying scope & legality |
Business transfers | Merger, acquisition, or asset sale | Notice to users; data subject rights preserved |
We never sell Personal Data.
7. International Transfers
If you are located outside the country where our servers reside, your data may be transferred internationally. We rely on recognized transfer mechanisms such as SCCs, the UK Addendum, or adequacy decisions.
8. Data Retention
Data Type | Default Retention | Deletion Mechanism |
|---|---|---|
Logs & metrics | 12 months | Aggregated or deleted |
Billing records | 7 years | Legal‑compliance archive |
Workspace owners can request expedited deletion via the admin dashboard or by emailing privacy@ion.design.
9. Your Rights
Depending on your jurisdiction, you may have rights to:
Access or receive a copy of your Personal Data
Correct inaccurate data
Delete or erase data (“right to be forgotten”)
Restrict or object to processing
Data portability
Lodge a complaint with a supervisory authority
Submit requests through email - support@ion.design.
10. Security Measures
TLS 1.3 encryption for all data in transit
AES‑256 encryption at rest
Least‑privilege, role‑based access controls
Annual penetration tests & continuous vulnerability scanning
Incident‑response plan with 72‑hour breach‑notification target
11. Children’s Privacy
Ruby is not directed to children under 16. We do not knowingly collect Personal Data from minors. If you learn that a minor has provided data, contact us for prompt deletion.
12. Third‑Party Links & Integrations
Ruby may share design previews via external links (e.g., Figma, Adobe CC). Your interactions with those services are governed by their own privacy policies.
13. Updates to This Policy
We may modify this Privacy Policy periodically. Material changes will be announced via:
A message from Ruby in each connected Slack workspace, and
Updating the “Last Updated” date below.
Continued use after changes means you accept the revised Policy.
14. Contact Us
Questions, concerns, or requests?
Email: privacy@ion.design
Mail: ion design and engineering, inc., Attn: Privacy, 763 Gates st, San Francisco, California 94110
Last Updated: July 25th, 2025
