Privacy Policy

Last updated July 4, 2026

Feedock is built to be privacy-friendly: no tracking by default, minimum data, and clear consent before we email anyone. This policy explains what we collect, why, and the choices you have.

01Who this covers

Two kinds of people use Feedock. Team members hold accounts and run a workspace. End users are the people who give feedback on a workspace's public surfaces: they submit requests, vote, comment, and subscribe with an email address only, no account required.

Account-less end-user identities are scoped to a single workspace. We do not build a cross-workspace or cross-site profile of anyone.

02What we collect

  • Account data: your name, email, hashed password, avatar choice, and workspace and membership details.
  • Workspace content: the feedback, roadmap items, tasks, milestones, docs, changelog entries, and comments you and your users create.
  • End-user data: an email address (normalized for deduplication and delivery), what a person asked for or voted on, and their notification consent. If a workspace connects its own billing data, it may attach a plan label and an account value to an end user so its team can weigh feedback by customer tier. This is supplied by the workspace, never derived by us, and is never sent to the AI.
  • Technical data: short-lived logs and a project-scoped visitor identifier used for unread state, rate limiting, and coarse deduplication, not for tracking. IP addresses are used only for security and abuse prevention and are not stored long-term.

03How we use it

  • To run the loop: turn feedback into roadmap, tasks, and changelog, and keep everyone's view in sync.
  • To notify the people who asked, only when they have consented.
  • To secure the service, prevent abuse, and enforce plan limits.
  • To support you and improve Feedock.

04Consent and notifications

We only email end users with their explicit consent, for example when they subscribe to updates or opt in to “notify me when this ships.” Every such email includes one-click unsubscribe and a List-Unsubscribe header. Unsubscribing takes effect immediately and never requires creating an account.

05AI processing

To power dedupe, scaffolding, and changelog drafts, we send relevant workspace content, such as feedback text and aggregate counts, to our AI providers: Anthropic (Claude) for drafting and scaffolding, and OpenAI for the text embeddings that group similar feedback. We never send end users' email addresses, unsubscribe tokens, or integration secrets to the AI, and the AI never receives data from another workspace. AI assists; your team approves what gets published.

06Analytics and cookies

We don't add tracking pixels or cross-site trackers to the public portal or the widget. On our marketing site we use privacy-friendly, consent-gated analytics: nothing loads until you allow it, and it measures anonymous, aggregate usage only.

We use a small number of functional cookies to keep you signed in, remember your active project, store your theme and layout preferences, and record your cookie choice.

07Sharing and processors

We don't sell your data. We share it only with the service providers who help us run Feedock, under contract and only as needed: hosting and databases, email delivery (Resend), AI (Anthropic and OpenAI), and consent-gated analytics on our marketing site (PostHog, hosted in the EU).

We also connect to the third-party developer and chat tools you choose, such as GitHub, GitLab, Slack, or Discord. Access tokens for those integrations are encrypted at rest, and you can disconnect them at any time. We may disclose data if required by law or to protect the rights, safety, and security of Feedock, our users, or the public.

08Storage and security

Your data is stored in a self-hosted PostgreSQL database. We encrypt integration and identity secrets at rest, hash passwords, verify webhook signatures, and scope every workspace's data so it can't leak across tenants. Caches, queues, and rate-limit counters live in Redis with short lifetimes and are never the durable source of truth.

09Data retention

We keep account and workspace data for as long as your workspace is active, and for a reasonable period afterward to meet legal and operational needs. Short-lived logs and rate-limit data expire automatically.

10Your rights

Some things are self-serve: team members can edit their profile and delete their projects from within the app, and end users can unsubscribe from any email in one click. For the rest (to access, correct, export, or delete the personal data we hold about you), email legal@feedock.com and we'll action the request. End users can likewise ask us to erase their stored identity; on an erasure request we hard-delete or irreversibly anonymize the email address while preserving aggregate counts where the law allows.

Depending on where you live, you may have additional rights under laws such as the GDPR. We handle these requests manually: email legal@feedock.com and we'll respond within the timeframe your local law requires.

11International users

Feedock may process and store data in countries other than where you live. Where we transfer data, we take steps to protect it consistent with this policy and applicable law.

12Children

Feedock is not intended for children under 16, and we don't knowingly collect their data.

13Changes to this policy

We may update this policy as Feedock and the law evolve. We'll change the date above and, for material changes, give notice where appropriate.

14Contact

Questions or requests about your privacy? Email legal@feedock.com.