Feedstick
Start Free Trial
← Back to Feedstick

Privacy Policy

Last updated June 29, 2026

This Privacy Policy explains how Colorblend LLC ("Colorblend", "we", "us") collects, uses, and protects information in connection with Feedstick (the "Service") — a hosted product-feedback platform with a public feedback board and a developer feedback-ingest API.

Controller and processor roles

For information about the people who create Feedstick accounts (our customers), Colorblend acts as the data controller. For end-user feedback that a customer collects through their own application and sends to Feedstick, the customer is the controller and Colorblend acts as a processor, handling that feedback on the customer's behalf and on their instructions.

Information we collect

  • Account data. When you sign in, we collect your email address and issue session tokens. Feedstick uses passwordless, one-time-code (OTP) sign-in, so we do not store account passwords.
  • Feedback submitted through the API. Customer applications send feedback to our ingest endpoint (POST /feedback). A submission may include the feedback content, optional structured context (arbitrary JSON the customer chooses to attach), an app_name label, a feedback type, and an optional submitter_email. Feedback content is controlled by the customer and their end users and may contain personal data.
  • Ingest keys. Each app is issued a public, write-only ingest key (Sentry-DSN style) used to authenticate submissions. Keys are rotatable and revocable.
  • Operational data. We collect request metadata (such as timestamps and limited technical details) used to rate-limit, secure, and operate the Service, and standard server logs.

How we use information

  • Provide and operate the hosted feedback board and ingest API.
  • Authenticate sign-in and send transactional email (such as one-time codes).
  • Organize, group ("stack"), and classify feedback so teams can triage it.
  • Rate-limit, secure, debug, and improve the Service.
  • Communicate with account holders about the Service.

We do not sell personal information, and we do not use feedback content for advertising.

AI processing

AI is a core part of how Feedstick works. The text content of a feedback submission is sent to our AI provider to generate an embedding and to classify and group ("stack") related feedback, so teams see organized signal instead of a raw queue. Only feedback content is processed for this purpose; it is used to provide the Service, not to train third-party models.

Service providers

We rely on a small set of infrastructure providers that process data on our behalf under their own security and privacy commitments:

  • Convex — application database, backend runtime, and vector search.
  • Cloudflare — hosting, content delivery, and network security.
  • Resend — delivery of transactional email (such as sign-in codes).
  • OpenAI — embeddings, classification, and feedback grouping.

Feedback and account data leave our infrastructure only through these providers, and only as needed to operate the Service.

Cookies

The Service uses only essential cookies required to keep you signed in and to secure your session. We do not use third-party advertising or cross-site tracking cookies on this site.

Data retention

We retain account and feedback data for as long as the related account is active or as needed to provide the Service. Customers can delete feedback items and may request deletion of their account data; we will delete or de-identify data within a reasonable period, subject to legal and operational requirements.

Security

We use industry-standard measures to protect data, including encryption in transit and write-only, rotatable ingest keys that limit what an exposed key can do. No method of transmission or storage is completely secure, but we work to protect your information and to respond promptly to issues.

Your rights

Depending on your location, you may have rights to access, correct, export, or delete personal data we hold about you, and to object to or restrict certain processing. End users who submitted feedback through a customer's application should contact that customer (the controller) first; we will support our customers in honoring such requests. To exercise rights with us directly, contact us using the details below.

International transfers

Our providers may process data in the United States and other countries. Where required, we rely on appropriate safeguards for cross-border transfers.

Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from them.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, provide additional notice.

Contact

Questions about this policy or your data? Contact Colorblend LLC at support@clrblnd.co.

This document describes Feedstick as operated by Colorblend LLC. It is provided for transparency and is not legal advice; review it with counsel before relying on it for your own compliance needs.