To comply with laws. To comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
One plus here -- Slack does have a Transparency Report, listed a couple of links below this, that notes how they comply with gov't requests and how often they are asked. Wish more companies did this (list is growing).
to respond to lawful requests, court orders and legal process.
Some organizations will red-line this to note that the requests must be provided to the customer first. Of course, the power dynamic in user-oriented SaaS apps doesn't lend itself to that.
The third party provider of the integration may share certain information about your account with Slack. However, we do not receive or store your passwords for any of these third party services.
Thank goodness for OAuth. Although -- as the Google Docs hack a few weeks back showed -- the implications for security risks through an OAuth channel are tremendous, too, and lightly understood. Their policy here is more reassuring than one might think. I'd love to see privacy policies more explicitly note how to and provide interfaces to allow you to revoke tokens.