Contact us

FeedbackPro: Trust & Compliance

Here you will find documentation for the Spotler product FeedbackPro.
The FeedbackPro software is supplied by Spotler subsidiary Insocial B.V.

For any questions please contact us at support.feedbackpro@spotler.com.

HomeFeedbackPro: Trust & Compliance

Table of contents

Security
Certification
Authentication & authorization
Data encryption
Data backup & recovery
Data minimisation
Risk & incident management
Continuous improvement
Employees
Privacy
GDPR
Subprocessors
Cookies
Sustainability
People
Management
Climate

Security

Certification

FeedbackPro (previously known as Insocial) is ISO/IEC 27001:2022 certified.

Contact us via support.feedbackpro@spotler.com if you want to receive a copy of the certificate or the Statement of Applicability.

You may also download copy of the ISO certificate.

Authentication & authorization

  • Support for both Multi-Factor Authentication (MFA) and Single Sign-On (SSO)
  • Detailed permission management for fine-grained access control

Data encryption

  • In transit: All data is encrypted using TLS (HTTPS)
  • At rest: All data is encrypted using AES-256 encryption

Data backup & recovery

  • Backups are stored:
    • On-site: AWS data centers in Frankfurt (EU)
    • Off-site: AWS data centers in Ireland (EU)
  • Backups are regularly tested for:
    • Availability
    • Usability
    • Data integrity
  • Recovery Time Objective (RTO): 4 hours
  • Recovery Point Objective (RPO): 8 hours

Data minimisation

  • Only response data that is explicitly whitelisted will be stored
  • Detailed data retention configurations are available for fine-grained control
  • Strict data retention configurations are applied to underlying systems

Risk & incident management

  • Proactive risk assessments and evaluations are conducted regularly
  • Incident response processes are documented and tested frequently
  • All suppliers undergo rigorous assessment. Most suppliers hold ISO 27001 certification and/or SOC 2 Type II compliance

Continuous improvement

  • Annual penetration tests are performed
  • Annual ISO 27001 audits are conducted
  • A responsible disclosure policy is in place
  • Active threat monitoring is implemented

Employees

  • All employees undergo Information Security Awareness training
  • All employees agree to and follow the company’s Code of Conduct
  • All employees have signed a confidentiality agreement

Privacy

GDPR

  • FeedbackPro is GDPR compliant.
  • Our Privacy Statement is available online.
  • A registered Data Protection Officer (DPO) has been appointed.
  • FeedbackPro offers a Data Retention Manager to easily automate data anonymization and removal.
  • Processing of special categories (Sensitive PII) of personal data or data regarding criminal convictions and offences or personal numbers issued by the government is not taken into account for our products/services.

Subprocessors

Sub-processor Location Description Protection & Certification
Amazon Web Services EU (Frankfurt) & EU (Ireland) for off-site backup Hosting of FeedbackPro Infra, including (but not limited to) applications, apis, databases, and email services.
Bird EU SMS and Whatsapp gateway service for survey invites (if applicable)
Cloudflare Global CDN, HQ based in US Hosting of Whitelabelled domain surveys (if applicable)
n.b. PII limited to IP address
Microsoft | Azure EU (West) Translates responses into the desired languages (if applicable)
OpenAI US Assistant for each function-usage-approved customer with their data and is used for grouping labels for text analyses services. (if applicable)
Spotler B.V. | our parent company EU SpotlerId: Authentication service for user login
Spotler B.V. | our parent company EU SpotlerMessage: SMS gateway service for survey invites (if applicable)

Cookies

The FeedbackPro survey does not have first- or third party tracking, analytical or marketing cookies.

Sustainability

People

  • We believe in equal treatment and do not tolerate discrimination, physical and/or verbal aggression, intimidation, or threats.
  • Child labour must not violate any applicable norms, laws, or regulations.
  • Slavery is not tolerated. All employees must be treated fairly. Resignations must be handled in accordance with legal requirements.
  • Work must be fair and comply with at least the applicable minimum wage standards. Salaries shall be paid on time and may not be withheld for disciplinary reasons unless there is a valid legal basis. All relevant laws and regulations must be observed.
  • Safety is a top priority. Employees must be protected from physical and/or psychological harm in accordance with applicable laws and regulations.
  • Employees shall have the option to report (anonymously if desired) any misconduct to an external party (whistleblower).

Management

  • Corruption and bribery are strictly prohibited.
  • Tax evasion and money laundering are not tolerated.
  • All (inter)national sanctions must be fully complied with.
  • Confidentiality is essential. Non-disclosure agreements are standard for employees, partners, suppliers, and customers.

Climate

  • We care about the environment and strive to minimize our energy consumption and emissions.
  • Our cloud infra supplier AWS aims to reach net-zero by 2040
  • Waste must be properly separated to allow for recycling and/or safe disposal of hazardous materials.
Go to top