Dialogflow iconfeeqd

Privacy Policy

Last Updated: March 23, 2026

Welcome to feeqd ("we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This privacy policy explains how we collect, use, store, and share your information when you use our website at https://feeqd.com and our feedback management platform (collectively, the "Service").

If you have any questions, please contact us at [email protected].

1. Information We Collect

Information you provide

  • Account information: name, email address, and password when you create an account.
  • Third-party login data: if you sign in using Google, we receive your name, email address, and profile picture from Google. We do not receive or store your Google password.
  • Workspace and team data: workspace names, team member invitations, and role assignments.
  • Feedback content: feedback boards, entries, comments, votes, and roadmap items you create or submit.
  • Widget configuration: settings for your embeddable feedback widgets.
  • Payment information: billing details are processed by our payment provider, Paddle. We do not store your credit card details directly.
  • Communications: messages you send to us via email or support channels.

Information collected automatically

  • Usage data: IP address, browser type, device information, operating system, pages visited, and referring URLs.
  • Cookies and similar technologies: we use essential cookies for authentication (session cookies, CSRF tokens) and service functionality. See Section 5 for details.

Information from end users

When your website visitors submit feedback through our embeddable widget, we collect the data they provide (such as feedback text, ratings, and email if included in the form). You, as our customer, are the data controller for this information. We process it on your behalf as a data processor.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process your account registration and manage your subscription
  • Process payments through Paddle
  • Send transactional emails (account verification, password resets, billing notifications)
  • Respond to your requests and support inquiries
  • Monitor and improve the security and performance of the Service
  • Comply with legal obligations

We do not sell your personal data. We do not use your data for advertising purposes.

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your data based on:

  • Contract performance (Art. 6(1)(b) GDPR): to provide the Service you signed up for — account management, feedback processing, subscription handling.
  • Legitimate interests (Art. 6(1)(f) GDPR): to maintain security, prevent fraud, and improve the Service. Our legitimate interest does not override your rights.
  • Legal obligation (Art. 6(1)(c) GDPR): to comply with applicable laws, such as tax and accounting requirements.
  • Consent (Art. 6(1)(a) GDPR): for optional marketing communications. You can withdraw consent at any time.

4. Who We Share Your Data With

We share your information only with:

  • Google: if you choose to sign in with Google, authentication is handled through Google's OAuth 2.0 service. We only receive basic profile information (name, email, profile picture). Google's Privacy Policy applies to their processing of your data.
  • Paddle: our payment processor, to handle subscriptions and billing. Paddle acts as a Merchant of Record and has its own privacy policy.
  • Hosting providers: our infrastructure is hosted on Hetzner (Germany, EU) for data storage and processing.
  • Law enforcement: if required by law or to protect our legal rights.

We do not share your data with third-party advertisers or data brokers.

5. Cookies

We use the following cookies:

  • Session cookies: to keep you logged in (authentication tokens). Essential for the Service to function.
  • CSRF token: to protect against cross-site request forgery attacks. Essential for security.
  • Identity cookie: to maintain your session across page loads. Essential for the Service.

We do not use analytics cookies, tracking cookies, or third-party advertising cookies. All our cookies are essential for the Service to function and do not require consent under the ePrivacy Directive.

6. Data Storage and Transfers

Your data is stored on servers located in Germany (EU), hosted by Hetzner Online GmbH. We do not transfer your personal data outside the European Economic Area, with the following exception:

  • Google OAuth: if you choose to sign in with Google, your authentication data is processed by Google, which may involve transfers to the United States. Google participates in the EU-U.S. Data Privacy Framework. This transfer is limited to the authentication flow and we do not store your data on non-EU servers.

If additional transfers become necessary in the future, we will ensure appropriate safeguards are in place (such as Standard Contractual Clauses) and update this policy accordingly.

7. Data Retention

We retain your data as follows:

  • Account data: for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
  • Feedback data: for as long as the workspace owner maintains the data. Workspace owners can delete feedback entries at any time.
  • Billing records: retained as required by tax and accounting laws (typically 7 years).
  • Server logs: retained for up to 90 days for security and debugging purposes.

8. Your Rights

Under the GDPR and applicable data protection laws, you have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure: request deletion of your personal data ("right to be forgotten").
  • Restriction: request that we limit how we use your data.
  • Data portability: receive your data in a structured, machine-readable format.
  • Objection: object to processing based on legitimate interests.
  • Withdraw consent: for processing based on consent, at any time.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

If you believe we are unlawfully processing your data, you have the right to lodge a complaint with your local data protection authority. For the EEA, find yours at edpb.europa.eu.

9. Children

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete it.

10. Changes to This Policy

We may update this privacy policy from time to time. The updated version will be indicated by the "Last Updated" date at the top of this page. If we make material changes, we will notify you by email or by a notice on the Service prior to the change becoming effective.

11. Contact Us

If you have questions about this privacy policy or how we handle your data, contact us at [email protected].