This page is for FeedBlox customers who install the widget on their own websites. It supplements our Privacy Policy, which describes how FeedBlox processes information as a service provider. It is not legal advice.
Roles Under GDPR
When a visitor submits feedback on your site, you are typically the data controller (you decide what to collect and why). FeedBlox is the data processor: we store and display submissions on your instructions and under our Terms and Privacy Policy. You remain responsible for informing visitors and having a lawful basis for processing.
What the Widget Captures
On each report, the embed may send:
- Sentiment or numeric rating, optional comment, and optional extra field answer you configure
- Page URL at submit time, user-agent string, and submitter IP address (for abuse prevention)
- Viewport size on each element-trail event
- Structural element trail (hashed fingerprints of recent clicks, focus, and submits; no DOM text or attribute values)
- Bounded client debug: recent console log, warn, and error lines; failed fetch and XHR (4xx, 5xx, or network error); uncaught JS errors; optional metadata you set with FeedBlox.setMetadata
- Screenshots or recordings only when the visitor explicitly captures and attaches them (Pro and Max)
Client debug starts when the embed script loads and stops at submit. Only the last bounded buffer is sent. Network entries are limited to failed requests; successful calls are not stored.
What the Widget Does Not Capture
- Tracking cookies or cross-site identifiers on visitors
- Full-page session replay or keystroke logging outside the widget panel
- Request or response bodies for network calls
- Query strings on captured network URLs (stripped before storage)
- Biometric scans (face, voice, fingerprint, and similar)
Host App Metadata
Your developers may call FeedBlox.setMetadata({ ... }) to attach
context such as an internal user id, plan tier, or app version. You choose the keys and values. If
those values identify a person, they are personal data and must be covered in your visitor-facing
privacy notice. Prefer opaque identifiers over email or name unless you have disclosed that practice.
Your Checklist
- Tell visitors what you collect and why (privacy notice, cookie banner, or in-product disclosure as required in your jurisdiction)
- Have a lawful basis for processing visitor feedback and debug data (often legitimate interests for bug reports, or consent where you require it)
- Use FeedBlox.setMetadata only for fields you are allowed to share (prefer opaque internal IDs, not email addresses or legal names, unless disclosed)
- Avoid logging passwords, tokens, or other secrets to the browser console on pages where the widget runs
- Honor data subject requests for submissions you control; FeedBlox assists as your processor when you contact privacy@feedblox.net
Element Trail Privacy Design
The element trail uses structural fingerprints (tag, role, hashed path, and similar signals). It does not store visible text, passwords typed into your forms, or arbitrary attribute values. Interactions inside the FeedBlox panel itself are excluded so comment text is not captured in the trail.
Questions and Requests
For processor assistance, subprocessors, retention, or data subject requests involving FeedBlox systems, email privacy@feedblox.net. For product questions, email hello@feedblox.net.