Back to home

Security

How we protect your data and your end users' feedback.

Security is built into Feedforward at every layer, from the embeddable widget on untrusted host sites to the multi-tenant dashboard and AI pipeline. This page summarizes our practices and commitments. We treat security as an ongoing program, not a checkbox.

Data encryption

  • In transit. All connections to the dashboard, API, and widget endpoints use TLS. Traffic between our services and managed data stores is encrypted.
  • At rest. Customer Data stored in our managed Postgres and Redis is encrypted at rest by the underlying cloud providers.
  • Sensitive fields. IP addresses are never stored raw; we persist only a salted SHA-256 hash (ipHash). Payment-card data is handled solely by our PCI- compliant payment processor and never touches our servers.

Tenant isolation

  • Every record is scoped to an organization, and the organization identity is always derived from the authenticated token, never from request input, preventing cross-tenant access.
  • The widget runs on untrusted third-party sites, so the server trusts nothing it sends. Widget requests authenticate with short-lived, HMAC-signed embed tokens carrying a per-token nonce for replay protection; signatures are verified using constant-time comparison.
  • Dashboard access uses bearer-token authentication with strict origin controls, keeping it distinct from the widget trust domain.
  • Real-time event streams are partitioned per organization so an org only ever receives its own events.

Infrastructure

Feedforward runs on reputable managed cloud infrastructure, including Neon Postgres and managed Redis, operated in hardened environments with provider-level network controls, automated backups, and monitoring. We separate the public API process from background AI workers to limit blast radius and apply security headers and rate limiting at the edge.

Access controls

  • Least-privilege access to production systems, granted only as needed.
  • Authentication for internal access is managed through our identity provider.
  • State-changing actions are recorded in an immutable audit log.
  • Secrets are stored in managed secret stores, never in source control.

Responsible disclosure

We welcome reports from security researchers. If you believe you have found a vulnerability, please email security@getfeedforward.com with details and reproduction steps. Please give us a reasonable opportunity to investigate and remediate before public disclosure, and avoid accessing or modifying data that is not yours. We will not pursue legal action against good-faith research conducted under this policy.

Compliance commitments

We align our practices with GDPR and CCPA requirements and offer a Data Processing Addendum for customers acting as data controllers. A SOC 2 program is in progress. These are commitments to ongoing diligence rather than claims of certifications we do not yet hold.