Your feedback data is sensitive. Here's how we protect it.
Your data is hosted on Convex's SOC 2 Type II compliant infrastructure. Automatic backups, zero-downtime deployments, and global edge distribution.
The web application runs on Vercel's edge network with automatic TLS encryption, DDoS protection, and 99.99% uptime SLA.
All data is encrypted in transit (TLS 1.3) and at rest. API keys are hashed before storage. Session tokens use HTTP-only secure cookies.
Three permission levels: Owner, Admin, and Member. Control who can manage settings, moderate feedback, and invite team members.
Powered by Better-Auth with bcrypt password hashing, CSRF protection, and session management with automatic rotation.
Sign in with GitHub or Google. No passwords stored when using social login.
We process data in accordance with GDPR. Users can request data export or deletion at any time.
Read our Privacy PolicyOur entire codebase is open source. Audit the code yourself, run your own security analysis, or self-host for full control.
View on GitHubExport all your feedback, votes, and changelog entries as CSV or JSON. Your data is yours, always.
Public keys for read operations, secret keys for write operations. Keys are scoped per organization.
Built-in rate limiting on all API endpoints protects against abuse and ensures fair usage.
All inputs validated with Zod schemas. XSS protection, SQL injection prevention (Convex's document model), and Content Security Policy headers.
We're happy to discuss our security practices in detail.
Contact our team