Privacy Policy
Last updated: April 30, 2025
1. Who we are
Feeduro ("we", "us", or "our") is a feedback management platform that helps product teams collect, organise, and act on user feedback. Our service is available at feeduro.com and through embeddable widgets installed on our customers' products.
This policy explains what personal data we collect, why we collect it, and your rights over it.
2. Data we collect
Account and profile data
When you sign up — directly or through Google OAuth — we collect your name, email address, and profile picture. We use this solely to create and identify your account.
Workspace and product data
We store everything you create inside Feeduro: workspace names and settings, feedback boards, posts, comments, votes, changelog entries, roadmap items, team member records, and API tokens you generate.
End-user data (submitted via widget or public board)
If you install the Feeduro widget on your product, your end-users may submit feedback through it. That feedback (post content, email if provided, votes, and comments) is stored in your Feeduro workspace. You are responsible for informing your own users that their submissions are processed by Feeduro. We act as a data processor for this category of data.
Payment data
We do not store credit card or bank details. Payments are handled directly by our payment processor — Dodo Payments. We only store your subscription plan, status, and billing period.
Technical and usage data
Our infrastructure runs on Cloudflare Workers. Like any web service, we receive standard HTTP request data (IP address, browser type, referring URL) as part of serving requests. We use session cookies to keep you signed in.
3. How we use your data
- To provide, operate, and maintain the Feeduro service
- To authenticate your identity (email/password or Google OAuth)
- To process subscription payments through Dodo Payments
- To send transactional emails you explicitly trigger — such as team invitation emails
- To enforce usage limits based on your subscription plan
- To diagnose errors and improve reliability — we may review logs that contain request metadata
We do not use your data for advertising, and we do not sell or rent your data to third parties.
4. Legal basis for processing
Where applicable (e.g. under GDPR), we process your personal data on the following legal bases:
- Contract performance — processing necessary to create your account, deliver the service, and fulfil our subscription agreement with you
- Legitimate interests — improving reliability, diagnosing errors, and preventing abuse, where these interests are not overridden by your rights
- Legal obligation — retaining financial records as required by applicable law
- Consent — where you have explicitly opted in (e.g. marketing communications, if any)
5. Third-party services
| Service | Purpose | Data shared |
|---|---|---|
| OAuth sign-in | Name, email, profile picture | |
| DodoPayments | Payment processing | Email, subscription details |
| Cloudflare | Hosting, CDN, DDoS protection | All request traffic |
6. International data transfers
Feeduro is hosted on Cloudflare's global infrastructure and uses MySQL-compatible database services. Your data may be stored and processed in the United States or other countries where our service providers operate.
Where data is transferred from the European Economic Area (EEA) or the United Kingdom to countries that have not received an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or transfers to service providers that participate in the EU-U.S. Data Privacy Framework (e.g. Dodo Payments, Cloudflare).
7. Cookies and sessions
We use a single session cookie to keep you authenticated. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.
8. Data retention
We retain your data for as long as your account is active. If you delete your account or workspace, we will permanently delete the associated data within 30 days, except where we are required to retain it for legal or financial record-keeping obligations (e.g. payment records, which may be retained for up to 7 years).
9. Your rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your account and associated data
- Export your workspace data in a portable format (available in Settings → Data & Import)
- Object to or restrict certain processing
- Withdraw consent at any time where processing is based on consent
- Lodge a complaint with your local data protection authority (e.g. the ICO in the UK, or the supervisory authority in your EU member state)
To exercise any of these rights, email us at privacy@feeduro.com. We will respond within 30 days.
10. Children's privacy
Feeduro is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at privacy@feeduro.com and we will delete it promptly.
11. Security
All data is transmitted over HTTPS. Passwords are hashed and never stored in plain text. API tokens are stored as hashed values. We apply access controls so that workspace data is only accessible to authenticated members of that workspace. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but take commercially reasonable measures to protect your data.
12. Business transfers
If Feeduro is involved in a merger, acquisition, or sale of all or a portion of its assets, your personal data may be transferred as part of that transaction. We will notify you by email or a prominent notice in the app before your data is transferred and becomes subject to a different privacy policy.
13. Data Processing Agreement
If you use Feeduro to process personal data on behalf of your own users (e.g. via the widget or public board), you may require a Data Processing Agreement (DPA) to satisfy your obligations under GDPR or similar regulations. Please contact us at privacy@feeduro.com to request a DPA.
14. Changes to this policy
We may update this policy from time to time. We will notify you of material changes by email or by a notice in the app. The "Last updated" date at the top of this page always reflects the most recent revision.
15. Contact
If you have questions about this Privacy Policy or how we handle your data, please contact us at privacy@feeduro.com.