AI Vendor Packet
IndexableHigh priorityLast reviewed 2026-05-214/4 fresh sources

Intercom vendor policy review packet for SaaS teams

Intercom should be reviewed when a SaaS team relies on it for workflows that may touch customer data, internal evidence, or regulated account records. This page keeps the review grounded in official sources: Intercom Privacy Policy, Intercom Terms and Policies, Intercom Data Processing Agreement, Intercom Subprocessors List. The practical question is whether your customer-facing answer still matches the exact product, plan, agreement, and data path in use. For Intercom, the highest-risk drift pattern is that support teams can add new automation, transcripts, or integrations without refreshing customer data and subprocessor answers.

Scan Intercom against your commitmentsBack to vendor database

Vendor category

Customer support and messaging platform

Typical use

Support inboxes, customer chat, help center automation, product messaging, support workflows, and customer conversation history.

Common data involved

Customer conversations, user profiles, support transcripts, attachments, chat metadata, account traits, and agent activity.

Documents monitored

Privacy policy, terms and policies, data processing agreement, and subprocessor list.

Last reviewed

2026-05-21

Review priority

High

Source freshness

4/4 sources have recent review dates

What to monitor

Privacy, data-use, or AI policy

Verified source

Use the official Intercom privacy or data-use source before answering whether customer content, account data, prompts, files, logs, or support records are processed for the stated service purpose.

Terms and customer agreement

Verified source

Check the governing Intercom terms before copying a short security questionnaire answer into a DPA exhibit, Trust Center record, or renewal packet.

DPA or data protection terms

Verified source

Tie processor, controller, transfer, retention, and customer-data statements to the agreement path that actually covers your Intercom account or workspace.

Subprocessors or service providers

Verified source

Review the official Intercom subprocessor or service-provider source before changing a customer vendor exhibit.

Security and trust evidence

Verified source

Pair vendor security sources with your own configuration notes, because Intercom controls do not describe every setting, integration, export, or log controlled by your team.

Review checklist

  • Identify the exact Intercom product, workspace, account, region, and plan in use.
  • List the customer data categories sent to the vendor, including logs, files, metadata, and support records.
  • Check privacy, terms, DPA, security, and subprocessor sources against the customer-facing commitment.
  • Record any implementation settings your team controls, including retention, exports, integrations, access, and logging.
  • Attach official source links, review date, and owner notes before reusing the answer in customer evidence.

Customer commitments that may be affected

  • Intercom is named correctly in customer-facing vendor lists, DPA exhibits, and Trust Center records.
  • Customer data is handled under the Intercom product, plan, and agreement path your team actually uses.
  • Subprocessor, service-provider, or third-party access statements are refreshed before customer records are reused.
  • Security questionnaire answers cite current Intercom sources instead of old screenshots or copied sales notes.
  • Internal usage guidance separates managed company accounts from unmanaged, personal, trial, or customer-owned accounts.

Recent changes

No material public change is asserted beyond this source review. Treat 2026-05-21 as the baseline date for future Intercom page comparisons.

AI Vendor Packet organizes review packet evidence and review prompts. It does not provide legal advice.

Applicability notes by plan or product

Scope
Production customer data
Applies to
Workflows where Intercom receives, stores, routes, or helps process customer data or customer-adjacent records.
Watch for
Confirm product scope, data categories, retention settings, exports, integrations, and the agreement that covers the Intercom account.
Scope
Employee or internal use
Applies to
Internal use of Intercom for support, sales, operations, engineering, security, or collaboration workflows.
Watch for
Do not extend enterprise commitments to unmanaged accounts, test workspaces, or personal usage without a separate source review.
Scope
Customer contract and audit evidence
Applies to
Trust Center statements, security questionnaires, SOC 2 monitoring evidence packets, customer DPAs, and renewal evidence packets.
Watch for
Keep the public answer tied to source links, review date, reviewer, product scope, and known implementation limits.

Related pages

Use issue pages for narrower customer review questions.

Intercom data use review for SaaS customer commitmentsIntercom data use answers should start with the official source set for the exact product, plan, and agreement in use. Do not reuse a broad vendor statement when the workflow involves different accounts, integrations, AI features, logs, exports, or customer data categories. Keep the answer narrow, dated, linked to source evidence, and clear about what your team still controls.Intercom subprocessor review for SaaS customer commitmentsIntercom subprocessor answers should start with the official source set for the exact product, plan, and agreement in use. Do not reuse a broad vendor statement when the workflow involves different accounts, integrations, AI features, logs, exports, or customer data categories. Keep the answer narrow, dated, linked to source evidence, and clear about what your team still controls.Intercom DPA review for SaaS customer commitmentsIntercom DPA answers should start with the official source set for the exact product, plan, and agreement in use. Do not reuse a broad vendor statement when the workflow involves different accounts, integrations, AI features, logs, exports, or customer data categories. Keep the answer narrow, dated, linked to source evidence, and clear about what your team still controls.

Source freshness

For packet evidence, critical AI and SaaS vendor sources should show a recent reviewed date. Material vendor notices, Trust Center updates, DPA changes, subprocessor notices, and customer-reported changes should be checked before the packet is reused externally.

All listed source dates are recent for the current packet freshness model.

  • Recent review date: Sources used in a paid packet should have a visible reviewed date and should be rechecked before they are reused for a new customer answer.
  • Urgent-change handling: Material vendor notices, broken source links, DPA updates, subprocessor notices, and customer-reported source changes should be routed to the relevant owner before reuse.
  • Stale-source warning: A source older than 60 days, missing a reviewed date, or failing the latest source check should be marked for review before the packet is reused externally.

Source documents

Each factual vendor claim on this page is tied to official source documents reviewed on 2026-05-21.

Intercom Privacy Policyhttps://www.intercom.com/legal/privacyLast verified: May 21, 2026 · Registry verifiedFreshIntercom Terms and Policieshttps://www.intercom.com/legal/terms-and-policiesLast verified: May 21, 2026 · Registry verifiedFreshIntercom Data Processing Agreementhttps://www.intercom.com/legal/data-processing-agreementLast verified: May 21, 2026 · Registry verifiedFreshIntercom Subprocessors Listhttps://www.intercom.com/legal/subprocessors-listLast verified: May 21, 2026 · Registry verifiedFresh

Scan Intercom against your own commitments.

Compare official vendor sources with the customer-facing promises your team has already made. Use the scanner first, then order the $199 review packet when you want the evidence organized for legal, privacy, security, or founder approval.

Scan Intercom against your commitmentsSee the $199 packet