In the workspace search bar, we can enter information either particular to our organization’s projects and tasks (“Workspace Content”, per the privacy policy), or we can search for a term in the Asana guide (“Other Information”). This combined functionality undesirably is causing proprietary information about Workspace Content to leak to “Other Information” and is a violation of your Privacy Policy.
For example, suppose we type in “Patent Number 12345” and press enter in that search box. Depending on the exact sequence of mouse and keyboard shortcuts (e.g., whether we blur and the refocus), pressing “enter” either searches projects and tasks in our Workspace Content, or it sends that query into the Asana guide, queries to which are not protected under the Privacy Policy.
Leaking queries about Workspace Content is a clear violation of the “only as necessary” language in the Privacy Policy and should be corrected immediately. Give one search box for the Workspace and another search box for support and help.
A Privacy Policy is about what the service provider sees and how a service provider can use our data (e.g., asana). It’s not about what an end user sees.
If you were to “Search the Asana Guide for patent number 12345”, as the search box suggests in your screenshot, then that search string would become “other information” which asana could use broadly in more ways than it could ordinarily use “workspace content.”
Because these searches happen accidentally depending on your exact keyboard and mouse input, the asana search box essentially steals workspace content into another part of the privacy policy. I would never intentionally email asana support a message saying, “Hey, FYI, we’re interested in patent 12345.” But oops, I just did.