This is Slack's main legal agreement that applies when a company or organization subscribes to Slack's services. It sets out the rules for how Slack can be used, what data Slack can access, and what happens in a dispute. If your employer uses Slack, your company agreed to this on your behalf — meaning your employer, not you personally, has most of the legal rights and responsibilities.
Technical Summary
Slack's Main Services Agreement (MSA) governs the relationship between Slack Technologies LLC and its business customers ('Customers') who purchase or access Slack's hosted communication and collaboration services. The agreement establishes a B2B framework under which the Customer (typically an employer or organization) is the primary contracting party and bears responsibility for its authorized users' compliance. Key provisions include a broad intellectual property ownership structure that grants Slack a license to use Customer data to operate and improve services, a mutual limitation of liability capped at fees paid in the prior 12 months, a mandatory arbitration clause with class action waiver applicable to certain disputes, and Customer indemnification obligations for third-party claims arising from Customer data or misuse. The agreement incorporates by reference a Privacy Policy, Acceptable Use Policy, and any applicable data processing addenda relevant to GDPR or other privacy regulatory frameworks.
Institutional Analysis
The MSA engages GDPR and CCPA through incorporation of a Data Processing Addendum (DPA) and Privacy Policy by reference, requiring compliance teams to ensure a DPA is executed where EU personal data …
The MSA engages GDPR and CCPA through incorporation of a Data Processing Addendum (DPA) and Privacy Policy by reference, requiring compliance teams to ensure a DPA is executed where EU personal data is processed. The limitation of liability clause caps Slack's exposure at 12 months of fees paid, wh…
🔒
Compliance intelligence locked
Regulatory exposure, material risk, and due diligence action items.
Disputes between Slack and its customers must be resolved through individual arbitration rather than in court, and customers give up their right to join class-action lawsuits against Slack.
For customers whose use of Slack involves processing personal data under GDPR or similar laws, Slack offers a Data Processing Addendum that must be separately executed to govern that data processing.
By using Slack, your organization grants Slack a license to access, use, and process the data you put into the platform to operate and improve its services.
If a third party sues Slack because of something your organization did — such as uploading infringing content or violating the Acceptable Use Policy — your organization must cover Slack's legal costs and damages.
Your employer (as the Slack Customer) has full administrative control over your workspace, including the ability to access, monitor, export, or delete your messages and files.
Slack can suspend or terminate your organization's access to the service if it believes your organization has violated the agreement or Acceptable Use Policy, sometimes without advance notice.
By agreeing to the MSA, your organization and all its users must comply with Slack's Acceptable Use Policy, which restricts certain types of content and behaviors on the platform.
Slack retains ownership of its platform, technology, and any improvements it develops. Your organization retains ownership of the data and content you upload, but grants Slack a license to use it.