FeedbackKit Privacy Policy

Last Updated: January 9, 2026

Introduction

Swiftly Business Consulting BV ("Swiftly," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use FeedbackKit, including the FeedbackKit SDK, FeedbackKit Admin application, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

1. Information We Collect

1.1 Information You Provide Directly

Account Information:

  • Name and email address
  • Company name and role
  • Password (encrypted)
  • Billing information (processed through third-party payment processors)
  • Profile information

Customer Content:

  • Feedback data submitted by your end users
  • Project configurations and settings
  • Integration credentials (encrypted)
  • Comments and conversations
  • API keys (encrypted)

Communication:

  • Support inquiries and correspondence
  • Survey responses and feedback about the Service

1.2 Information Collected Automatically

Usage Data:

  • Device information (operating system, device type, version)
  • Application activity (features used, time spent, interactions)
  • Session data (login times, session duration)
  • Error logs and crash reports

Technical Data:

  • IP address
  • Browser type and version
  • Time zone and location data
  • Device identifiers
  • Cookie data

Analytics:

  • Feature usage statistics
  • Performance metrics
  • Aggregated usage patterns

1.3 End User Data (Collected via SDK)

When developers integrate the FeedbackKit SDK into their applications, the SDK may collect:

  • Feedback text submitted by end users
  • User identifiers provided by the developer
  • Device and session information
  • Vote and engagement data
  • User metadata (if provided by the developer)

Important: Developers who integrate the FeedbackKit SDK are data controllers for their end users' data. We process this data on behalf of our developer customers and act as a data processor.

2. How We Use Your Information

2.1 To Provide and Maintain the Service

  • Create and manage your account
  • Process feedback data and enable feedback management
  • Provide customer support
  • Send service-related communications

2.2 To Improve the Service

  • Analyze usage patterns and trends
  • Develop new features and functionality
  • Conduct research and development
  • Fix bugs and improve performance

2.3 For Business Operations

  • Process payments and prevent fraud
  • Comply with legal obligations
  • Enforce our Terms of Service
  • Protect our rights and property

2.4 To Communicate With You

  • Send product updates and announcements
  • Respond to your inquiries
  • Send marketing communications (with your consent)
  • Request feedback about the Service

2.5 For Analytics and Measurement

  • Understand how users interact with the Service
  • Measure the effectiveness of features
  • Generate aggregated statistics

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your information depends on the data and context:

  • Contract Performance: Processing necessary to provide the Service
  • Legitimate Interests: Improving the Service, preventing fraud, ensuring security
  • Consent: Marketing communications, optional features
  • Legal Obligations: Compliance with applicable laws

4. Data Sharing and Disclosure

4.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4.2 Service Providers

We share data with trusted third-party service providers who assist us in operating the Service:

  • Hosting Providers: Cloud infrastructure and data storage
  • Payment Processors: Billing and subscription management
  • Email Services: Transactional and marketing emails
  • Analytics Providers: Usage analytics and performance monitoring
  • Customer Support Tools: Help desk and support systems

All service providers are contractually obligated to protect your data and use it only for specified purposes.

4.3 Integration Partners

When you enable integrations (e.g., ClickUp, Slack, Linear), we share data necessary to provide those integrations. Your use of third-party services is subject to their privacy policies.

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.5 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Government or regulatory requests
  • Protection of our rights, property, or safety
  • Prevention of fraud or illegal activity
  • Compliance with legal obligations

4.6 Aggregated Data

We may share aggregated, anonymized data that cannot identify you for research, marketing, or analytics purposes.

5. Data Processing for Developers

5.1 Developer as Data Controller

When you integrate the FeedbackKit SDK into your application:

  • You are the data controller for end user data collected through your app
  • We are the data processor acting on your behalf
  • You must obtain appropriate consent from your end users
  • You must provide privacy notices to your end users
  • You are responsible for complying with applicable privacy laws

5.2 Data Processing Agreement

For customers subject to GDPR, we provide a Data Processing Agreement (DPA) upon request that outlines:

  • The subject matter and duration of processing
  • The nature and purpose of processing
  • Types of personal data processed
  • Categories of data subjects
  • Our obligations as a data processor

5.3 Sub-processors

We may use sub-processors (such as cloud hosting providers) to process data. We maintain a list of sub-processors and notify customers of changes.

6. Data Security

6.1 Security Measures

We implement industry-standard security measures to protect your information:

Technical Safeguards:

  • Encryption in transit (TLS/SSL)
  • Encryption at rest for sensitive data
  • Secure API authentication
  • Regular security audits and assessments
  • Intrusion detection and prevention systems

Organizational Safeguards:

  • Access controls and role-based permissions
  • Employee training on data protection
  • Confidentiality agreements
  • Incident response procedures

6.2 Limitations

While we implement reasonable security measures, no system is completely secure. We cannot guarantee absolute security of your data.

6.3 Your Responsibility

You are responsible for:

  • Maintaining the confidentiality of your account credentials
  • Using strong passwords
  • Enabling two-factor authentication (if available)
  • Reporting suspected security breaches

7. Data Retention

7.1 Account Data

We retain your account data for as long as your account is active or as needed to provide the Service.

7.2 Feedback Data

Feedback data is retained according to your account settings and project configurations. You can delete feedback data at any time through the Service.

7.3 After Account Termination

After you terminate your account:

  • Active data is deleted within 30 days
  • Backup data may persist for up to 90 days
  • Some data may be retained longer if required by law or for legitimate business purposes (e.g., financial records, legal disputes)

7.4 Legal Obligations

We may retain data longer if required by law, regulation, legal process, or to protect our rights.

8. Your Data Rights

Depending on your location, you may have the following rights:

8.1 European Economic Area (EEA) Rights

If you are in the EEA, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis
  • Lodge a Complaint: File a complaint with your local data protection authority

8.2 California Rights (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know: Request information about data we collect and how we use it
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt out of the sale of personal information (we do not sell data)
  • Non-Discrimination: Not be discriminated against for exercising your rights

8.3 Other Jurisdictions

Users in other jurisdictions may have similar rights under applicable privacy laws.

8.4 Exercising Your Rights

To exercise your rights, contact us at privacy@swiftly.dev. We will respond to your request within the timeframe required by applicable law (typically 30 days).

9. International Data Transfers

9.1 Data Storage

Your data may be processed and stored in countries other than your country of residence, including but not limited to the United States and European Union member states.

9.2 Safeguards for EEA Users

For data transfers from the EEA to countries without adequate data protection laws, we implement appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

10. Cookies and Tracking Technologies

10.1 Types of Cookies We Use

Essential Cookies:

  • Authentication and session management
  • Security features
  • Service functionality

Analytics Cookies:

  • Usage statistics and performance monitoring
  • Feature engagement tracking
  • Error logging

Preference Cookies:

  • User settings and preferences
  • Language and region settings

10.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

10.3 Do Not Track

We currently do not respond to "Do Not Track" signals from browsers.

11. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately, and we will delete such information.

12. Third-Party Links and Services

The Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

13.1 Updates

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated Privacy Policy on our website
  • Sending an email notification to your registered email address
  • Displaying a prominent notice in the Service

13.2 Effective Date

Changes become effective on the "Last Updated" date at the top of this Privacy Policy. Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

14. Data Protection Officer

For questions about data protection or to exercise your rights, you can contact our Data Protection Officer:

Email: info@swiftly-workspace.com

Mail: Swiftly Developed BV, Attn: Data Protection Officer

15. Supervisory Authority

If you are in the EEA and have concerns about how we handle your data, you have the right to lodge a complaint with your local data protection authority.

Belgium Data Protection Authority:

Website: https://www.autoriteprotectiondonnees.be/

Email: contact@apd-gba.be

16. California "Shine the Light" Law

California residents can request information about personal information we disclose to third parties for their direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

17. Contact Us

For questions about this Privacy Policy or our privacy practices, please contact us:

Swiftly Developed BV

Email: info@swiftly-workspace.com

Website: swiftly-workspace.com/feedbackkit

Address: Borsbeeksebrug 34, 2600 Antwerpen

General Inquiries: info@swiftly-workspace.com

Security Issues: info@swiftly-workspace.com

Data Protection Officer: info@swiftly-workspace.com

Appendix: Data Processing Details

Categories of Personal Data

  • Identity data (name, email)
  • Account data (username, password)
  • Financial data (payment information)
  • Transaction data (subscription details)
  • Technical data (IP address, device information)
  • Usage data (how you use the Service)
  • Communication data (correspondence with us)
  • End user feedback data (collected via SDK)

Purposes of Processing

  • Service delivery and account management
  • Customer support and communication
  • Product improvement and development
  • Security and fraud prevention
  • Legal compliance and dispute resolution
  • Marketing and analytics (with consent)

Recipients of Data

  • Cloud hosting providers
  • Payment processors
  • Email service providers
  • Analytics platforms
  • Customer support tools
  • Integration partners (at your direction)

Retention Periods

Data Type Retention Period
Account data Duration of account + 30 days
Feedback data User-configurable, minimum 30 days
Financial records 7 years (legal requirement)
Logs and analytics 12-24 months
Backup data 90 days

By using FeedbackKit, you acknowledge that you have read and understood this Privacy Policy.