We’ve received several security certifications from the American Institute of Certified Public Accountants such as SOC 2 and SOC 3. Slack has received internationally recognised security certifications for ISO 27001 (information security management system), ISO 27017 (security controls for the provision and use of cloud services) and ISO 27018 (for protecting personal data in the cloud). </p> <p>Slack has invested heavily in building a robust security team, one that can handle a variety of issues – everything from threat detection to building new tools. In accordance with GDPR requirements relating to security incident notifications, Slack will continue to meet its obligations and offer contractual assurances.</p> <p>If you’d like to learn more about Slack’s security policies and procedures, please see our security page. It provides detailed information on how we approach security, and includes a white paper on how Slack ensures user data security in particular, including our technical and organisational measures(TOMs), as well as our encryption standards.</p>International data transfers<p>To comply with European Union data protection laws around international data transfer mechanisms, we offer European Union Model Clauses, also known as Standard Contractual Clauses, to meet adequacy and security requirements for our customers who operate in the European Union and the United Kingdom.