Skip to content

Privacy Policy

Effective date: March 5, 2026 | Last updated: March 18, 2026

1. Introduction

FeatureBoard ("we", "us", or "our") operates the featureboard.io website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. By using FeatureBoard, you consent to the data practices described in this policy. This Privacy Policy should be read alongside our Terms of Service.

2. Information We Collect

Information You Provide

  • Email address — collected when you join our waitlist or sign up for early access.
  • Account information — name, email, and organization details provided during registration via Clerk.
  • Billing information — payment details are collected and processed directly by Paddle (our Merchant of Record). We do not store credit card numbers on our servers.
  • Cookie consent preference — your choice to accept or reject non-essential cookies is stored locally on your device.

Information Collected Automatically

  • Analytics data — when you accept cookies, Google Analytics 4 (GA4) collects anonymized usage data such as page views, session duration, device type, and approximate geographic location.
  • UTM parameters — we capture UTM query parameters (utm_source, utm_medium, utm_campaign, utm_term, utm_content) from ad campaigns for attribution analysis. This data is anonymized and not linked to your personal identity.

3. How We Use Cookies

We use cookies to improve your experience and understand how our site is used. Our cookies fall into two categories:

  • Essential cookies — required for the website to function correctly (e.g., cookie consent preference, Clerk authentication session). These are always active.
  • Analytics cookies — Google Analytics 4 cookies are loaded only after you provide consent. These help us understand traffic patterns and improve our website.
  • Advertising cookies — Meta Pixel (Facebook) is loaded only after you provide consent. It helps us measure the effectiveness of our advertising campaigns and understand which channels bring visitors to FeatureBoard. No personal data is shared with Meta beyond anonymized event signals.

You can manage your cookie preferences at any time using the "Manage cookies" link in the website footer. Analytics and advertising cookies are never loaded without your explicit consent.

4. Email Communications

When you join our waitlist, we use your email address to send you:

  • A welcome email confirming your waitlist position.
  • Product updates and launch announcements relevant to your interest in FeatureBoard.

We use Resend as our email delivery provider. Every email includes an unsubscribe link, and you may opt out of communications at any time. We will never sell or share your email address with third parties for marketing purposes.

5. UTM Tracking and Ad Attribution

When you arrive at our site from a paid advertisement or campaign, we capture UTM parameters from the URL to measure campaign effectiveness. This data is used in aggregate to understand which channels bring visitors to FeatureBoard. UTM data is anonymized and not used to build individual user profiles.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service providers — trusted third parties that help us operate our business. See Section 7 (Third-Party Services) for a complete list including Paddle, Stripe, Clerk, Neon, Resend, Sentry, Inngest, Vercel, Meta, and Google Analytics.
  • Legal requirements — when required by law, regulation, or legal process.

7. Third-Party Services

We use the following third-party services to operate FeatureBoard. Each service processes data as described below and is governed by its own privacy policy:

  • Paddle — payment processing (Merchant of Record). Paddle handles payment processing, invoicing, sales tax compliance, and subscription management. Payment credentials are processed entirely by Paddle and never touch our servers.
  • Stripe — legacy payment processing. Stripe may process billing information for existing subscriptions during the transition to Paddle.
  • Clerk — authentication and user management. Clerk handles sign-in, sign-up, and session management. It may set session cookies on your device to maintain your login state.
  • Neon — database hosting. Your product and feature data is stored in a PostgreSQL database hosted by Neon with encryption at rest.
  • Resend — email delivery. Used to send transactional and marketing emails (waitlist confirmations, product updates).
  • Sentry — error monitoring. Sentry captures application errors and performance data to help us diagnose and fix issues. Error reports may include technical context such as browser type and page URL, but do not intentionally include personal data.
  • Inngest — background job processing. Inngest runs scheduled and event-driven tasks (e.g., data syncs, notifications). It processes task metadata but does not store user-facing personal data.
  • Vercel — hosting and deployment. Our website and application are hosted on Vercel's infrastructure.
  • Meta (Facebook) — advertising measurement. When you consent to cookies, Meta Pixel tracks anonymized page view events to measure ad campaign performance. Meta processes this data under its own privacy policy.
  • Google Analytics — website analytics. When you consent to cookies, GA4 collects anonymized usage data to help us understand traffic patterns and improve our website.
  • OpenAI — vector embeddings for natural language search. Feature text content is sent to OpenAI for embedding generation. Data is used solely for processing your request and is not used to train models.
  • Anthropic — AI feature summaries and intent classification. Feature text content is sent to Anthropic Claude for summary generation. Data is used solely for processing your request and is not used to train models.
  • Nango — integration proxy. Nango manages connections to third-party services (e.g., GitHub, Linear) on your behalf. Integration credentials are stored by Nango and never pass through our database.

8. Data Retention

Waitlist data (email address and signup date) is retained until your account is converted to a full FeatureBoard account or until you request deletion. Analytics data is retained in accordance with Google Analytics' standard retention policies (14 months). Webhook delivery logs are automatically pruned after 30 days. You may request deletion of your data at any time by contacting us or using the data deletion feature in your account settings.

For organizations that require a formal data processing agreement, our Data Processing Agreement (DPA) is available on our Trust Center.

9. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate personal data.
  • Right to erasure — request deletion of your personal data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to restrict processing — request limitation of how we process your data.
  • Right to object — object to processing of your personal data for certain purposes.

To exercise any of these rights, contact us at privacy@featureboard.io. We will respond within 30 days.

10. Your Rights Under CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:

  • Right to know — request disclosure of the categories and specific pieces of personal information collected about you.
  • Right to delete — request deletion of your personal information.
  • Right to opt-out — opt out of the sale of your personal information. Note: we do not sell personal information.
  • Right to non-discrimination — exercise your privacy rights without receiving discriminatory treatment.

To exercise any CCPA rights, contact us at privacy@featureboard.io.

11. Data Deletion

Company administrators can request full deletion of their organization's data through the application settings. The deletion process works as follows:

  • Grace period — After a deletion request, there is a 30-day grace period during which the request can be cancelled.
  • Scope — Deletion includes all company data, user associations, feature data, and integration connections.
  • Third-party cleanup — Data is also removed from third-party services including authentication (Clerk), billing (Paddle/Stripe), and integration connections (Nango).
  • Confirmation — All company administrators are notified by email when a deletion request is submitted and when it is executed.

You may also request data deletion by contacting privacy@featureboard.io.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption in transit (TLS 1.2+), AES-256-GCM encryption for secrets at rest, SHA-256 hashing for API keys, secure hosting infrastructure (SOC 2 Type II compliant providers), and organization-scoped access controls. For full details, see our Trust Center.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. For significant changes, we will provide notice via email or a prominent notice on our website. Your continued use of FeatureBoard after changes are posted constitutes acceptance of the updated policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

privacy@featureboard.io