Sign Up

Privacy Policy

Our privacy policy and how we use your data

AnonInsights - Privacy Policy

Last Updated: April 5, 2025

1. Introduction

Welcome to AnonInsights! (“AnonInsights,” “We,” “Us,” or “Our”) is committed to protecting the privacy and security of your information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our anonymous employee feedback platform and related services (the “Service”).

This policy applies to all users of the Service, including:

  • Employees: Individuals invited by their employer to provide feedback through the Service.
  • Admins/Managers: Individuals authorized by their organization (our “Customer”) to administer the Service, view reports, and manage feedback.

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access or use the Service.

2. Information We Collect

We collect different types of information depending on your role and how you interact with the Service:

Information Provided by Employees:

  • Contact Information (for Distribution & Authentication): When invited or responding via certain methods (like email link), we process your email address or potentially phone number (if SMS is used). This information is primarily used to send you survey links and authenticate your access to secure features like the anonymous chat portal. This contact information is stored separately from your survey responses and is NOT displayed alongside your feedback to your employer by default.
  • Survey Responses: The answers you provide to survey questions, including ratings, multiple-choice selections, and open-text comments. Your responses are treated as anonymous within the Service’s reporting features viewed by your employer. Your identity is not linked to specific responses in the employer-facing interface unless you provide explicit consent through the “Identity Reveal” workflow within the Two-Way Anonymous Chat feature.
  • Chat Messages: Messages you send within the secure Two-Way Anonymous Chat feature. These are initially anonymous and only linked to your identity for your employer if you grant explicit consent.
  • (Optional) Profile Information: If you create an account directly, limited profile information might be collected as described below for Admins/Managers.

Information Provided by Admins/Managers (Our Customers’ Representatives):

  • Account Information: Name, email address, password (stored securely hashed), job title, organization name, phone number.
  • Billing Information: If you purchase a paid subscription, we (or our third-party payment processor, e.g., Stripe) collect payment details like credit card information and billing address.
  • Configuration Data: Settings related to surveys, organization structure (departments/teams if configured), branding, and other platform customizations.
  • Employee Roster Information: Admins provide contact information (primarily email, potentially name, department) for employees they wish to invite to use the Service for survey distribution and backend analysis purposes.

Information Collected Automatically:

  • Usage Data: Information about how you interact with the Service, such as features accessed, pages visited, time spent, clicks, survey completion rates (aggregated), report generation activity.
  • Log Data: Standard server logs may include your IP address, browser type, operating system, referring URLs, access times, and error logs. This is used for security, monitoring, and troubleshooting. We aim to minimize the retention and use of IP addresses where possible.
  • Cookies and Similar Technologies: We may use cookies (small text files stored on your device) and similar technologies to operate and personalize the Service, manage sessions, analyze usage, and potentially for marketing purposes on our public website (not within the employee survey-taking experience). You can control cookie settings through your browser.

3. How We Use Your Information

We use the information we collect for various purposes:

  • To Provide and Maintain the Service: Operate the platform, authenticate users, distribute surveys, process responses, facilitate anonymous chat, generate reports, manage accounts.
  • To Maintain Anonymity (Employees): To ensure survey responses and initial chat messages are presented anonymously to employers by default, and to manage the consent-based identity reveal workflow securely.
  • To Improve the Service: Analyze usage patterns (often using aggregated/anonymized data) to understand user needs, troubleshoot issues, enhance existing features, and develop new ones.
  • To Communicate with You:
    • (Employees): Send survey invitations, notifications related to anonymous chat requests, and potentially system updates related to feedback actions (if configured by employer).
    • (Admins/Managers): Send account information, billing reminders, service updates, support responses, and marketing communications (you can opt-out of marketing emails).
  • To Provide Support: Respond to inquiries and troubleshoot problems.
  • For Security and Fraud Prevention: Monitor for suspicious activity, enforce our terms, protect against malicious actors.
  • For Billing and Account Management: Process payments and manage subscriptions.
  • To Comply with Legal Obligations: Fulfill legal requirements or respond to lawful requests from authorities.
  • AI-Powered Analysis: We use third-party AI tools (e.g., for sentiment analysis) to process anonymized or pseudo-anonymized survey response text to generate insights (like overall sentiment scores, topic extraction) for employers. We take steps to ensure employee PII is not processed for this purpose where not required, and our AI partners are chosen based on their security and privacy practices.

4. How We Share Your Information

We do not sell your personal information. We may share information under the following circumstances:

  • With Your Employer (Our Customer):
    • Aggregated & Anonymized Data: Employers (Admins/Managers) access reports and dashboards showing aggregated sentiment scores, response rates, and anonymized feedback themes derived from employee responses. Minimum thresholds are applied to prevent identification through small group analysis.
    • Anonymized Chat: Initial chat messages are anonymous.
    • Revealed Identity (With Consent): If an Employee explicitly consents via the “Identity Reveal” workflow, their identity (e.g., name associated with the feedback/chat) will be shared with the specific Admin/Manager who requested it within the platform.
    • Admin/Manager Information: Employer representatives’ account information is visible to other authorized administrators within the same organization.
  • With Service Providers: We share information with third-party vendors who perform services on our behalf, such as:
    • Cloud Hosting (e.g., Vercel, Supabase)
    • Database Providers (e.g., Supabase)
    • Email Delivery Services (e.g., SendGrid, Resend)
    • SMS Providers (e.g., Twilio - if SMS features are used)
    • Payment Processors (e.g., Stripe)
    • AI Service Providers (for sentiment analysis, etc.)
    • Analytics Providers
    • Customer Support Tools These providers are only given access to the information necessary to perform their services and are typically contractually obligated to protect the data.
  • For Legal Reasons: We may disclose information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: If AnonInsights is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
  • Aggregated/Anonymized Data: We may share aggregated or anonymized data (which does not identify you) for research, marketing, analytics, or other purposes, such as industry benchmarking reports.

5. Data Security

We implement technical and organizational measures designed to protect the security of your information and maintain employee anonymity within the platform. These include:

  • Using HTTPS/TLS encryption for data transmission.
  • Encryption of data at rest where provided by our infrastructure partners (Supabase).
  • Implementing Row Level Security and Role-Based Access Controls within our database.
  • Storing sensitive information like passwords securely hashed.
  • Separating identifying information from anonymized response data where feasible.
  • Regularly reviewing our security practices and infrastructure provider’s security measures.
  • Requiring explicit consent for identity reveal in the chat feature.

However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, provide the Service to our Customers, comply with our legal obligations, resolve disputes, and enforce our agreements.

  • Employee Feedback Data: Anonymized/aggregated feedback data may be retained longer for trend analysis by the Customer. Specific retention periods may be subject to the agreement with the Customer (Employer). Raw response data linked to employee ID (backend only) is retained as long as necessary to facilitate the two-way chat and longitudinal analysis, or as required by law/customer agreement.
  • Account Information (Admins/Managers): Retained for the duration of the customer relationship and for a reasonable period afterward for billing, audit, and legal purposes.

You may have rights to request deletion of your data, as described below.

7. Your Privacy Rights

Depending on your location (e.g., EU/EEA, California), you may have certain rights regarding your personal information:

  • Right to Access: Request access to the personal information we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete information.
  • Right to Deletion: Request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, ongoing service provision).
  • Right to Restrict Processing: Request restriction of how we process your information in certain circumstances.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Data Portability: Request a copy of your information in a machine-readable format (where applicable).

To exercise these rights, please contact us using the details below. If you are an Employee user, we recommend contacting your employer (the Data Controller) first, as they manage your participation in the Service. However, we will assist where possible and legally required. We may need to verify your identity before processing your request.

8. Children’s Privacy

The Service is not intended for use by individuals under the age of 16 (or the relevant age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without verification of parental consent, we will take steps to remove that information.

9. International Data Transfers

Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. Our primary infrastructure providers (Supabase, Vercel) operate globally, including in the United States. We rely on their standard contractual clauses or other approved mechanisms for international data transfers where required. By using the Service, you consent to such transfers.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on our website and/or by sending you an email or in-app notification. We encourage you to review this Privacy Policy periodically for any changes. Changes are effective when they are posted on this page.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

AnonInsightsprivacy@anoninsights.com