Features

Solutions

Pricing

Resources

Free HR Tools

Help Center

Support

Log In

Security

Last updated 5 March 2026

Committed to Safeguarding Your Data

At FeedbackPulse, we prioritize data security, ensuring your data is managed with the highest standards of protection. Our infrastructure is built on trusted providers with strong security track records and compliance certifications.

Cloud Security and Data Management

Data Hosting: Our application is hosted on Hetzner infrastructure in Ashburn, Virginia, USA. European and other data residency options are available on request for organizations that require it.

CDN and DDoS Protection: Cloudflare provides content delivery, DDoS protection, and web application firewall capabilities across our platform.

Data Backups: Automated database backups are conducted regularly and stored on Cloudflare R2 with AES-256 encryption, ensuring the confidentiality and integrity of your data. Backups support both incident management and disaster recovery.

Data Residency

Default: United States (Ashburn, VA).

European Residency: Available on request for organizations that need data stored within the EU. Contact us to discuss your requirements.

Compliance and Certifications

Our infrastructure providers maintain the following certifications:

  • Hetzner: ISO 27001 certified (German data centers), compliant with EU data protection regulations.
  • Cloudflare: SOC 2 Type II, ISO 27001, and additional security certifications.
  • Stripe: PCI DSS Level 1 for payment processing.

We only claim certifications held by our infrastructure providers. FeedbackPulse continuously works to align its own practices with industry security standards.

Encryption and Security Measures

Encryption at Rest and In Transit: All stored data is protected using AES-256 encryption. Data transmitted over the network is secured using TLS protocols, preventing unauthorized access and data breaches.

Backup Encryption: All backups stored on Cloudflare R2 are encrypted with AES-256.

Ongoing Security Assessments: We regularly perform security assessments and vulnerability scans to identify and mitigate potential security risks.

Transparency and Trust

Open Communication: We maintain transparent communication about our security practices. You are always welcome to inquire about how we protect your data.

Continuous Improvement: Our security protocols are continually reviewed and enhanced to adapt to new challenges and ensure adherence to the latest security standards.

Breach Notification

In the event of a personal data breach, FeedbackPulse will notify affected customers within 72 hours in accordance with GDPR Article 33. Notifications will include the nature of the breach, the data affected, and the measures taken to address it.

Authentication

Single Sign-On: Authentication to the platform is conducted through an encrypted connection to the user's Google account via Google SSO. Additional SSO providers are planned.

Additional Authentication: Enhanced authentication methods including multi-factor authentication (MFA) are on our roadmap.

User Access Control

All customers need to receive and accept an invitation to join a FeedbackPulse account before they can access any account data. The chosen authentication provider is registered for the user, and subsequent login attempts must use the same provider. Users are restricted from accessing data outside their account.

Access Permissions

The web application enables customers to manage user access within their account. Admin users are responsible for managing access, ensuring that users with different roles have appropriate access levels.

Administrative Data

Access to production databases is tightly regulated, and only authorized personnel who need access for customer support or issue resolution are granted access. Upon request, FeedbackPulse will securely delete a customer's data.

Payment

Payments are processed securely through Stripe; we do not handle any payment details directly. This ensures that all financial transactions are safe and protected. Your payment information remains confidential and secure with Stripe, a PCI DSS Level 1 certified provider.

System Patching

Security practices require evaluating and implementing available software patches and updates to ensure systems remain secure and up-to-date. Performing system patching and updates minimizes the risk of vulnerabilities. FeedbackPulse uses the latest updated versions of software.