Privacy Policy

When you create an account, we collect your email address, name, and organization details. This information is necessary to provide and manage your Hedgehog account.

When you use our platform, we collect comments, feedback, and metadata associated with your interactions. This data belongs to your organization and is stored in your isolated database schema.

We automatically collect usage data such as page views, feature usage, and performance metrics to improve our service. This data is anonymized and aggregated.

We use your account information to authenticate you, manage your subscription, and communicate important service updates.

Your organization data (comments, feedback, team information) is used solely to provide the Hedgehog service. We do not use your content data for advertising, training models, or any purpose outside of delivering the service you signed up for.

Aggregated, anonymized usage data helps us understand how teams use Hedgehog so we can improve performance, fix bugs, and build better features.

All data is encrypted in transit using TLS 1.3. Database connections use encrypted channels.

Each organization receives its own isolated database schema, ensuring complete separation of data between customers. No organization can access another organization's data.

We perform regular security audits and maintain strict access controls. Database backups are encrypted and retained according to your plan's retention policy.

Your data is retained for as long as your account is active. Comment history retention varies by plan: 7 days on Free, unlimited on Pro and Enterprise.

When you delete your account, we permanently remove all associated data within 30 days. Organization data is purged by dropping the entire tenant schema.

You have the right to access, export, and delete your personal data at any time through your dashboard settings.

Organization administrators can export all organization data, including comments, members, and configuration, via the API.

If you are located in the EU, you have additional rights under GDPR including the right to data portability, the right to restrict processing, and the right to object to processing.

We use a limited number of third-party services to operate Hedgehog, including payment processing (Authorize.net), email delivery, and infrastructure hosting.

We do not sell your data to third parties. Third-party service providers are contractually obligated to protect your data and may only use it to provide services to us.

If you have questions about this privacy policy or how we handle your data, please contact us at [email protected].

This privacy policy was last updated on January 1, 2026. We will notify you of material changes via email or an in-app notification.