FFeedico

← Back to home

Privacy Policy

Last updated: April 19, 2026

1. Introduction and scope

This Privacy Policy explains how Feedico (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you visit feedico.io, create an account, join a waitlist, use our APIs or dashboard, or otherwise interact with our business-to-business affiliate data services (collectively, the “Services”). It applies to visitors, registered users, and representatives of our business customers.

If you do not agree with this policy, please do not use the Services. Where we process personal data on behalf of a customer (for example as a processor), their instructions and our data processing agreement also apply.

2. Data controller

The controller of personal data collected through this website and direct sign-up flows is Feedico. For enterprise agreements, the contracting entity named in your order form or contract may act as controller for certain processing. Contact details are provided in the Contact section below.

3. Categories of data we collect

  • Identity and contact: name, work email, company name, job function when you provide them (for example on sign-up, waitlist, or support requests).
  • Account data: username or user ID, authentication metadata, preferences, and organization identifiers when you use an account.
  • Technical and usage: IP address, device and browser type, approximate location derived from IP, timestamps, pages viewed, API request metadata, error logs, and similar diagnostics needed to operate and secure the Services.
  • Credentials you provide for integrations: API keys, publisher IDs, tokens, or other secrets needed to connect affiliate networks you authorize. These are stored encrypted and used only to perform the integrations you configure.
  • Communications: content of emails or in-app messages you send us, and records of support interactions.
  • Security and abuse prevention: data from CAPTCHA providers (such as Cloudflare Turnstile), rate-limit counters, and fraud signals.

4. Purposes and legal bases (GDPR / UK GDPR)

We process personal data for: providing and improving the Services; authenticating users; communicating about onboarding, billing, and support; security, debugging, and abuse prevention; complying with law; and enforcing our terms. Depending on context, we rely on: performance of a contract (delivering the Services you request); legitimate interests (securing our platform, understanding product usage in aggregate, direct B2B marketing to existing customers where permitted); consent where required (for example certain cookies or marketing); and legal obligation where applicable.

5. Cookies and similar technologies

We use cookies and similar technologies for session management, preferences, analytics (where configured), and security. Essential cookies are needed for the site to function. Where non-essential cookies or analytics require consent under local law, we will obtain consent before setting them. You can control cookies through your browser settings; blocking some cookies may limit functionality.

6. Sharing and subprocessors

We share personal data with service providers who assist us (for example hosting, email delivery, error monitoring, security and CAPTCHA providers, payment processors if applicable). They may only process data on our instructions and subject to appropriate safeguards. We may disclose information if required by law or to protect rights, safety, or the integrity of the Services. A list of key subprocessors is available on request for enterprise customers or as published on our site.

7. International transfers

We may process data in the country where you are located and in other countries where we or our providers operate. If we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate, we use appropriate safeguards such as Standard Contractual Clauses or other mechanisms permitted by law.

8. Retention

We retain personal data only as long as necessary for the purposes described, including legal, tax, and dispute resolution needs. Account data is kept while your account is active and for a reasonable period afterward. Technical logs may be retained for a shorter rolling window unless longer retention is needed for security investigations.

9. Security

We implement technical and organizational measures appropriate to the risk, including encryption in transit (TLS), encryption of sensitive credentials at rest, access controls, and least-privilege principles. No method of transmission or storage is 100% secure; you should use a strong, unique password and protect your account credentials.

10. Your rights

Depending on your jurisdiction, you may have the right to access, rectify, erase, restrict, or object to processing of your personal data, to data portability, and to withdraw consent where processing is consent-based. You may lodge a complaint with a supervisory authority. To exercise rights, contact us using the details below. We will respond within the timeframes required by applicable law.

11. Children

The Services are not directed at children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal data from children for consumer purposes.

12. Automated decision-making

We do not use fully automated decision-making that produces legal or similarly significant effects solely by automated means for account holders in the sense of GDPR Article 22. Security systems may use automated signals to block abuse.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. Material changes may be communicated by email or in-product notice where appropriate.

14. Contact

Questions or requests regarding this policy or your personal data: use the contact form on our homepage. For data protection inquiries, please mark your message “Privacy” and include enough detail for us to verify your request.