Data Security Statement 2019-08-09T10:46:38+00:00

Protecting Your Data Is Our Core Priority

We take data security very seriously and protecting your data is our core priority. Your data belongs to you, not to us, and we will treat it that way.

How Our Team Handles Data Security

Each team member has an extensive background check and undergoes comprehensive training on data security protocols. Only a limited number of staff members can access customer data.

Our support staff will not look at your data unless you request assistance. All information, data and documents exchanged with our support staff is treated confidential and will not be disclosed.

Your Data Belongs To You

FeedbackPanda will not use your data in any other way. We don’t resell or re-use data from our users.

FeedbackPanda has no interest in storing your data longer than needed.

For further information, please read our Privacy Policy and Terms of Service.

Infrastructure

  • All of our services run in the Amazon Web Services (AWS) cloud. FeedbackPanda does not run our own routers, load balancers, DNS servers, or physical servers.
  • All of our infrastructure is spread across at least two AWS data centers (availability zones) and will continue to work should any of the data centers fail unexpectedly.
  • All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACL’s) that prevent unauthorized requests getting to our internal network.
  • All servers are updated on a regular basis to ensure we have the latest security patches installed.
    FeedbackPanda uses the hosted Aurora AWS RDS database which has built in failover and backup mechanisms.

Data Encryption

We use bank level encryption from A – Z. Whenever you send or retrieve data from the app, the communication is always secured through HTTPS encryption.
Next to encrypting data in transit, we also encrypt all data at rest. Our databases as well as all stored data is encrypted, from the moment we receive your data until we delete it.

Your login details are one-way hashed using a strong hashing algorithm. Not even our staff can see or access your password.

Is FeedbackPanda GDPR Compliant And Can Be Used By EU Companies?

Historically, FeedbackPanda has always been compliant with EU data protection law (Safe Harbour Agreement and EU-US Privacy Shield) and we have taken necessary steps to be within the compliance standards of the European Union’s General Data Protection Regulation (GDPR). FeedbackPanda acts as a “data controller” for your personal data and as a “data processor” for your business data. Our Privacy Policy describes in detail what information we collect, what we do with it and your rights as a customer of FeedbackPanda in relation to GDPR.

Service Levels

We have uptime of 99.9% or higher. You can check our past month stats on our Status Dashboard.

Health Insurance Portability and Accountability Act (HIPAA)

FeedbackPanda is not a HIPAA certified service and we don’t support health data related use-cases. While we take data security and data privacy very seriously, we did not undergo an official HIPAA certification process.

PCI Obligations

FeedbackPanda is not subject to PCI obligations. All payment instrument processing is outsourced to Stripe.

Security Audits & Bug Bounty Program

FeedbackPanda is tested for security issues on a regular basis by independent security researchers. In pursuit of the best possible security for our service, we welcome responsible disclosure of any vulnerability found in FeedbackPanda.