Web application access
All access to the Userfeed website is restricted to HTTPS encrypted connections. User passwords are encrypted via the
bcrypt password hashing algorithm. Passwords are never stored in the database in plaintext and are therefore not accessible by staff.
Application data is stored in Amazon Web Services (“AWS”) infrastructure and is protected by Amazon’s security and environmental controls. Additional details about Amazon's security measures can be found here and here.
Payment processing and storage
We do not store or process any payment data. All payments made to Userfeed go through our payment partner, Stripe. Details about their security setup and PCI compliance can be found at their security page.
Intercom data access
All Intercom data is retrieved via Intercom's API using a secure connection and a unique access token, which Intercom provides when you authorize our application. The unique access token is encrypted at rest. All data sent to Intercom is encrypted in transit.
When you authorize Userfeed to connect to your Intercom account, you give us access to the following entities: admins (teammates), conversations, companies, counts (number of users and companies for each segment/tag), leads, tags, and users
Within those entities, we store the following data:
ID, name, email, avatar
ID, name, monthly spend
admin ID, user ID, message (only the specific part of the conversation that was tagged), timestamp
Users & Leads
ID, email, name, pseudonym (for anonymous visitors), company ID(s), avatar
Note that the data we actually store is a subset of that which we have to access in order to deliver our product. When retrieving data from Intercom's API or receiving it via Intercom webhook notifications, any data provided by Intercom that is not explicitly listed above is ignored and discarded.
Have a question or concern? Please email us at firstname.lastname@example.org