Privacy Policy

Last updated: May 2026

This Privacy Policy describes how LetsFeedback Inc. collects, uses and protects the personal information of website visitors and platform users. It complements our Terms and Conditions.

1. Data Controller

LetsFeedback Inc.
Republic of Argentina
Contact email: ventas@letsfeedback.com.ar

For privacy and data protection inquiries, please write to us with the subject line "Privacy / DPA".

2. Data We Collect

2.1 Website visitors

When browsing letsfeedback.com.ar, we automatically collect:

  • IP address and approximate geolocation data (country, city)
  • Browser type, operating system and screen resolution
  • Pages visited, session duration and navigation paths
  • Traffic source (organic search, referrals, direct)

This information is processed by Google Analytics 4 (see Sub-processors section) for statistical and site improvement purposes.

2.2 Platform users (app.letsfeedback.com.ar)

When you register and use the platform, we process:

  • Account data: first name, last name, corporate email, profile photo (optional), role in the organization
  • Organizational data: company name, team structure, hierarchies
  • Feedback content: feedback texts written by users, processed by AI to improve clarity
  • Goals and OKRs: objectives defined by the user or their team
  • Usage data: feedback frequency, participation metrics, generated reports

2.3 Data we do NOT collect

We do not collect or store credit card numbers, identity documents, medical information, or any special category data under LGPD or GDPR.

3. Purpose and Legal Basis

Purpose Legal basis (LGPD / GDPR)
Providing the platform serviceContract performance (Art. 7 LGPD / Art. 6.1.b GDPR)
AI analysis and enrichment of feedbackContract performance — core service feature
Website analytics (GA4)Legitimate interest (Art. 10 LGPD / Art. 6.1.f GDPR)
Transactional communications (service emails)Contract performance
Marketing communications (newsletter)Consent (Art. 8 LGPD / Art. 6.1.a GDPR)
Compliance with legal obligationsLegal obligation (Art. 7 LGPD / Art. 6.1.c GDPR)

4. Sub-processors and Third Parties

LetsFeedback uses the following service providers to operate the platform. Each has their own privacy policies and data processing agreements (DPA):

Provider Role Data transferred Country DPA / Safeguards
NetlifyWebsite hosting & CDNAccess logs, visitor IPsUSADPA available
AnthropicAI processing of feedbacksFeedback text (no mandatory PII)USAPrivacy policy
Google Analytics 4Website analyticsBrowsing behavior, IPsGlobalGoogle DPA
Google FontsFont delivery via CDNVisitor IP (font request)GlobalGoogle Privacy

Important about Anthropic: Texts sent to the Anthropic API to enrich feedback are not used to train public AI models. Anthropic applies this policy by default to all API customers.

5. International Data Transfers

Some sub-processors (Netlify, Anthropic, Google) operate from the United States. For users in Brazil, these transfers are made under the conditions of Art. 33 of the LGPD. For users in the European Union, EU Standard Contractual Clauses (SCCs) apply. Argentina holds an adequacy decision from the European Commission.

6. Your Rights

Depending on your country, you have the following rights over your personal data:

  • Access: Request a copy of the data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten"): Request deletion of your data when no longer necessary.
  • Portability: Receive your data in a structured, machine-readable format (CSV/JSON).
  • Objection: Object to processing based on legitimate interest.
  • Restriction: Request that we restrict the use of your data under certain circumstances.
  • Withdrawal of consent: Withdraw consent at any time for consent-based processing.

To exercise any of these rights, email us at ventas@letsfeedback.com.ar with the subject "Rights request LGPD/GDPR". We respond within 15 business days.

7. Data Retention

  • Account data and platform content: deleted 30 days after account cancellation
  • Feedback content: exportable by user, deleted 30 days after cancellation
  • Audit logs: retained 12 months for security compliance
  • Billing data: retained as required by applicable tax law
  • Web analytics (GA4): retained per Google Analytics settings (max 14 months)

8. Security

  • TLS 1.2+ encryption in transit for all communications
  • Encryption at rest for stored data
  • Role-based access with least-privilege principle
  • Google SSO / Email-Password authentication with secure hashing
  • Security monitoring and access logging (audit log)

In the event of a data breach affecting your personal data, we will notify you within 72 hours of becoming aware, in accordance with LGPD and GDPR requirements.

9. Cookies

Cookie Type Purpose Duration
_ga, _ga_*AnalyticsGoogle Analytics 4 — session identification2 years
preferred_langFunctionalRemember selected languagelocalStorage (no expiry)

10. Changes to This Policy

We may update this Privacy Policy when necessary. For material changes, we will notify you by email (if you are a registered user) or via a prominent notice on the website at least 30 days before changes take effect.

For privacy inquiries, email us at ventas@letsfeedback.com.ar with subject "Privacy / DPA".