Privacy Policy

This Privacy Policy explains how Tembrio (“Tembrio,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards personal data when you use our website at tembrio.com and our customer-feedback platform, including public feedback boards, the roadmap, the changelog, the embeddable widget, and the owner dashboard (collectively, the “Service”).

Tembrio serves two groups of people, and our role differs for each:

• Site owners and their team members who create an account to run a feedback site. For their account data, Tembrio acts as a data controller.
• End users(visitors, voters, and commenters) who interact with a site owner's public board or widget. For that content, the site owner is the controller and Tembrio acts as a data processoron the owner's behalf.

If you submitted feedback to a board operated by one of our customers and want to access or delete it, please contact that site owner first, as they control that data. We will support them in honoring your request.

We collect the following categories of personal data:

• Account data: name, email address, password credentials (stored as salted hashes by our authentication provider), and workspace or site settings.
• Feedback content: posts, votes, comments, reactions, tags, and any information a user chooses to include when submitting feedback.
• Billing data:handled by our payment processor (see Section 6). We receive limited records such as plan, status, and the last four digits of a card — never full card numbers.
• Usage and device data: IP address, browser type, pages viewed, referring URLs, and similar log data collected automatically to operate and secure the Service.
• Communications: messages you send to support, sales, or careers, and email subscription preferences.

We do not intentionally collect special categories of personal data (such as health, biometric, or government-ID data) and ask that you do not submit it through feedback.

We use personal data to:

• provide, maintain, and improve the Service;
• authenticate users, secure accounts, and prevent fraud and abuse;
• process payments, manage subscriptions, and send service and transactional emails (including changelog and status-change notifications a user opted into);
• respond to support requests and communicate about the Service; and
• comply with legal obligations and enforce our Terms of Service.

Where required by law, our legal bases are: performance of a contract, our legitimate interests in operating and securing the Service, your consent (which you may withdraw at any time), and compliance with legal obligations.

Some features use AI to assist site owners — for example, semantic duplicate detection and discussion summaries. These features are assistive and review-first: they generate suggestions for the owner and never auto-reply, auto-merge, publish, or modify customer-facing content without a person's review.

• We do not sell personal data, and we do not train shared or third-party AI models on your feedback data.
• When an AI feature is used, the relevant text may be sent to a model provider solely to return a result for that request. Providers are contractually bound not to use submitted content to train their models.
• AI features are gated behind a configuration flag and can be disabled for a site.

We do not sell personal data. We share it only in these cases:

• Subprocessorswho process data on our instructions to run the Service (see Section 6).
• Public by design: content posted to a public board, roadmap, or changelog is visible to anyone with the link. Do not post anything you wish to keep private.
• Legal and safety: when required by law, subpoena, or to protect the rights, safety, and property of Tembrio, our users, or the public.
• Business transfers: in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We rely on the following categories of subprocessors. Each is bound by data-protection terms consistent with this Policy.

• Hosting & database: Supabase (Postgres, auth, storage) and Vercel (application hosting and edge delivery).
• Payments: Dodo Payments, which acts as our Merchant of Record and processes all card data, taxes, invoicing, and refunds.
• Email: Resend, for transactional and notification email delivery.
• AI providers: the model providers used by optional AI features, which process submitted text only to return a result and do not train on it.

An up-to-date list is available on request at privacy@tembrio.com.

We retain personal data for as long as your account is active or as needed to provide the Service. After account closure, we delete or anonymize personal data within a reasonable period, except where we must retain it to comply with legal, tax, accounting, or security obligations (for example, billing records held by our Merchant of Record). Backups are purged on a rolling schedule.

Depending on where you live, you may have rights under the GDPR, UK GDPR, the CCPA/CPRA, and similar laws, including the right to access, correct, delete, port, or restrict processing of your personal data, and to object to certain processing. You also have the right to withdraw consent and to lodge a complaint with your local supervisory authority.

To exercise these rights for data we control, email privacy@tembrio.com. We will verify your identity and respond within the timeframe required by law. We do not discriminate against you for exercising any right. For feedback submitted to a customer's board, contact that site owner, who acts as the controller of that content.

Tembrio is offered globally and data may be processed in the United States, the European Union, or other regions where our subprocessors operate. Where we transfer personal data across borders, we rely on appropriate safeguards such as the EU Standard Contractual Clauses.

We protect data with encryption in transit, row-level security scoped to each site, server-side authentication checks, and access controls that keep secrets out of browser code. No method of transmission or storage is perfectly secure, but we work to protect your data and to notify affected users of qualifying incidents as required by law. See our Security page for more.

The Service is not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.

We may update this Policy from time to time. Material changes will be posted here with a new “Last updated” date, and where required we will notify you. Your continued use of the Service after an update means you accept the revised Policy.

Questions or requests? Email privacy@tembrio.com.