All access to the Userfeed website is restricted to HTTPS encrypted connections. User passwords are encrypted via the bcrypt password hashing algorithm. Passwords are never stored in the database in plaintext and are therefore not accessible by staff.

Application data is stored in Amazon Web Services (“AWS”) infrastructure and is protected by Amazon’s security and environmental controls. Additional details about Amazon's security measures can be found here and here.

We do not store or process any payment data. All payments made to Userfeed go through our payment partner, Stripe. Details about their security setup and PCI compliance can be found at their security page.

All Intercom data is retrieved via Intercom's API using a secure connection and a unique access token, which Intercom provides when you authorize our application. The unique access token is encrypted at rest. All data sent to Intercom is encrypted in transit.
​
When you authorize Userfeed to connect to your Intercom account, you give us access to the following entities: admins (teammates), conversations, companies, counts (number of users and companies for each segment/tag), leads, tags, and users

Within those entities, we store the following data:
​
​Admins
​ID, name, email, avatar

Companies
​ID, name, monthly spend

Conversations
​admin ID, user ID, message (only the specific part of the conversation that was tagged), timestamp

Users & Leads
​ID, email, name, pseudonym (for anonymous visitors), company ID(s), avatar

Note that the data we actually store is a subset of that which we have to access in order to deliver our product. When retrieving data from Intercom's API or receiving it via Intercom webhook notifications, any data provided by Intercom that is not explicitly listed above is ignored and discarded.

Have a question or concern? Please email us at support@userfeed.io