SGSaaSGuard
SGSaaSGuard

This is a print-friendly report. Click Print and choose “Save as PDF” in the destination dropdown to download.

SaaSGuard Risk Report

Slack

slack.com

Generated May 21, 2026

Grade

Score: / 100

Executive summary

We analyzed Slack’s Terms of Service across 8 risk dimensions and found 3 flagged clauses across 3 categories. 1 material change detected in the recent crawl history.

Recent material changes

  • 5/16/2024 · severity 5

    Slack flipped its AI training default from opt-in to opt-out, with the only opt-out path being an email from the Workspace Owner to support. The previous version explicitly excluded customer messages from any non-customer-specific model training.

    Every team using Slack for confidential business discussions whose admin hasn't yet emailed Slack support to opt out. Anything posted before opt-out may already be in training pipelines.

Flagged clauses by category

AI training on your data (1)

  • Severity 4 · material

    By using our Services, you grant us a worldwide, non-exclusive, royalty-free license to use your content to improve our products, including for the training of machine learning models.

    Slack can use anything you put in their product to train their AI models, with no end date and no payment to you.

    If you handle confidential customer data, this clause exposes that data to model training pipelines you do not control.

Auto-renewal traps (1)

  • Severity 3 · notable

    Subscriptions automatically renew at the end of each billing period at the then-current rate unless cancelled.

    Slack renews you at whatever the price is at the time, with no requirement to warn you about increases.

    You can be locked into significantly higher pricing at renewal without explicit consent.

    Matches FTC v. Vonage — settled for $100M (2022)

Right to silently change terms (1)

  • Severity 4 · material

    We reserve the right to modify these Terms at any time. Continued use of the Services constitutes acceptance.

    Slack can change the rules whenever they want, and just continuing to use the product is treated as agreement.

    You have no real veto over future changes. Any clause they add later applies to you retroactively.

Methodology

SaaSGuard uses an automated pipeline: a daily Playwright crawler captures each vendor’s public Terms of Service, Privacy Policy, and DPA. Google’s Gemini 2.5 Flash classifies each clause into one of 8 risk categories with a severity score (1–5). Clauses are cross-referenced against a curated database of real lawsuits and FTC actions via embedding-based similarity matching. Grades are computed from per-category max severity; full source code is available on request.

Built for educational and informational purposes. Not legal advice. Always have your own counsel review SaaS contracts before signing.

View live page →