How do SweetHawk's Zendesk apps work?
Each of SweetHawk's apps needs to be provisioned before it can be used. This process is very straight forward. The app is essentially hidden in the background until this is done.
The first time you try to use the app, follow the prompts to enable it. This must be done by an admin because to provision the apps we need server side access to modify the app's internal settings securely.
The provisioning process takes place on zendesk.sweethawk.co. This is a secure server owned by SweetHawk. The first time an app is initialized, we create your account on the server. This account is assigned a unique token which identifies your account. This token is never shared with anyone and is required to access the data associated with your app. Once you authorize our server to access your data via API, we can then store this token with your app. This happens behind the scenes on the server side over a secure connection only.
As part of the provisioning process we request write access to the API. The reason we need this, aside from writing the token to the app, is that most apps also include server side functionality which uses the API to get and set data. Examples of these interactions include:
* Calendar: setting ticket fields and at the time of the event start and end, tagging the ticket. Also for sending notifications when other users update a calendar event.
* Tasks: setting fields on tickets, such as how many tasks are completed and what the parent ticket ID is.
* Due Time: tagging a ticket at the due date/time and sending an in-app notification.
* Deadline: updates a ticket with a special tag when the deadline hits.
* Reminders: sending in-app notifications to agents who requested to be reminded.
* Approvals: loads ticket data to send messages to approvers, tags tickets if required, sets a custom field called Approval Date when all approvals are granted, and creates targets for automatic approvals.
The apps RightGIF and Undo do not require access to the REST API and do not store any data on our servers.
Note: if you use an IP address whitelist for incoming REST API requests, you must add all our server's IP addresses:
What data is stored on SweetHawk's servers?
To create the best experience in the apps, at times we mirror some data from Zendesk when app functionality is used, for example, we download and store ticket data when: a due time is set, a calendar item is created, or tasks are added. The reason the data is stored is for the purpose of caching, performance and to keep the rate of API calls to your Zendesk as low as possible. We also store credentials that are needed for example for external integrations. This information is kept securely on our server. We use a PostgreSQL database server running on a server only accessible from our multi-tenanted Ruby on Rails application server.
We also access information about the user of the app so ensure they have the correct access levels.
The diagram below outlines how we authorize external services such as Google Calendar:
Do I have access to my data?
We live by the philosophy that your data is yours first. If you wish to obtain your data please contact us and we will kindly oblige.
I'm no longer using your app, can you delete my data?
Of course, just contact us and we'll dispose of your data responsibly.