Privacy Policy

Last updated: July 2, 2026

1. Overview

This policy explains what data SignalHQ (“Feedbacker.io,” “we,” “us”) collects, from whom, and why. Because the product has two distinct populations — registered users and anonymous message senders — we treat their data differently, as described below.

2. Information from registered users

When you create an account, we collect:

  • Name, username, and email address.
  • A securely hashed password (we never store your password in plain text).
  • Organization and Team data you create or are added to, and your role within them.
  • The Questions you create and the Messages sent to you, including any replies you write.
  • Basic product analytics (see Section 5) if you haven't opted out and our analytics providers are configured.

3. Information from anonymous senders

Submitting feedback through a SignalHQ link does not require an account, a name, or an email address, and we do not ask for or store any of these unless you choose to include them in your message text. The content of the message itself is stored so the recipient can read and, if enabled, reply to it.

We temporarily log limited technical data (such as IP address) for messages submitted through public endpoints, solely to enforce rate limits and reduce spam/abuse. This data is not linked to a sender identity, is not shown to the message recipient, and is not used to re-identify who sent a given message.

4. How we use data

We use the data described above to:

  • Operate core features — accounts, links, questions, and messages.
  • Send transactional email: verification codes, password resets, and organization invitations.
  • Enforce rate limits and detect abuse on public submission endpoints.
  • Understand aggregate product usage to improve SignalHQ.
  • Comply with legal obligations where applicable.

We do not sell personal data.

5. Third parties we use

SignalHQ relies on a small number of service providers to operate:

  • MongoDB — hosts our database (accounts, organizations, questions, and messages).
  • Resend — delivers transactional email (verification, password reset, invitations).
  • Google Analytics and Microsoft Clarity — optional product-analytics tools, only active when we've configured them for a given deployment. They may use cookies or similar technology to understand aggregate usage.

These providers process data on our behalf and are not permitted to use it for their own purposes.

6. Cookies

We use a session cookie to keep you signed in. If analytics is configured (Section 5), those providers may set their own cookies to distinguish visitors. We don't use cookies for cross-site ad tracking.

7. Data retention

We retain account data for as long as your account is active. Messages and Questions persist until you delete them or delete your account. Rate-limiting technical logs (Section 3) are kept only for a short window needed to enforce limits, not indefinitely.

8. Your rights and choices

You can review and edit your account details, and delete individual Questions or Messages, directly from your dashboard. Self-service account deletion is on our near-term roadmap; until it ships, you can request deletion of your account and associated data by emailing us at the address below, and we'll process it promptly.

Depending on your location, you may have additional rights under laws like the GDPR or CCPA — including access, correction, and portability of your data. Contact us to exercise these rights.

9. Data security

We use industry-standard measures to protect data in transit and at rest, including hashed passwords and access-controlled infrastructure. No system is perfectly secure, and we can't guarantee absolute security, but we take reasonable steps to protect your information and will notify affected users if we become aware of a breach affecting their data, as required by law.

10. Children's privacy

SignalHQ is not directed at children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us personal data, contact us and we'll delete it.

11. Changes to this policy

We may update this policy as the product evolves. We'll update the “last updated” date below, and for material changes we'll make reasonable efforts to notify registered users.

12. Contact

Questions about this policy, or want to exercise a data right? Reach us at nishchay.agar@gmail.com.