Data Usage Policy

Last Updated: February 2026

This document explains how CueBoard processes Customer Data — the feedback, conversations, and insights you share with us to power your product intelligence.

About CueBoard

CueBoard is a product intelligence platform that helps companies turn scattered customer feedback into prioritized product decisions. We aggregate feedback from multiple sources, analyze it using AI, and surface actionable insights ranked by business impact.

Our Role as a Data Processor

CueBoard primarily acts as a data processor — we collect and process data on your behalf and at your direction. You, as our customer, act as the data controller for the Customer Data you share with us.

How Data Flows to CueBoard

CueBoard integrates with your existing tools to aggregate customer feedback:

  • Support platforms: Zendesk, Intercom, Freshdesk, Help Scout
  • Communication tools: Slack, Microsoft Teams
  • CRM systems: Salesforce, HubSpot
  • Review sites: G2, Capterra, App Store, Google Play
  • Survey tools: Typeform, SurveyMonkey
  • Custom sources: CSV upload, API, webhooks

You control which data sources are connected during onboarding. All ingested data is processed and scanned for personally identifiable information (PII), which can be automatically removed or masked based on your preferences.

Data Protection Practices

1. PII Handling

  • Automatic PII detection: Our system identifies and flags common PII patterns (emails, phone numbers, names)
  • Configurable scrubbing: Choose to mask, redact, or remove PII before analysis
  • Custom rules: Define your own scrubbing rules for industry-specific data
  • No raw PII storage: PII is processed in memory and not persisted unless explicitly configured

2. Data Isolation

  • Multi-tenant architecture with strict logical separation
  • Each customer's data is isolated and inaccessible to other customers
  • Access controls limit internal access to customer data

3. No Selling or Sharing

We do not sell, rent, share, or disclose Customer Data to third parties for their own purposes. Your data is used solely to provide the CueBoard service to you.

AI Processing

CueBoard uses large language models (LLMs) to analyze feedback and generate insights. Key points about our AI processing:

  • Isolated processing: Your data is processed in isolated environments
  • No model training: We do not use your data to train AI models
  • Provider relationships: We work with enterprise AI providers (OpenAI, Anthropic) under strict data processing agreements
  • Accuracy limitations: AI may occasionally produce inaccurate results — review outputs before making decisions

International Data Transfers

CueBoard is hosted on cloud infrastructure in India. For customers outside India, we provide:

  • Data Processing Agreements (DPA) incorporating Standard Contractual Clauses
  • GDPR-compliant data handling procedures
  • Options for data residency requirements upon request

Data Retention & Deletion

  • Active accounts: Data retained while your account is active
  • Upon termination: Customer Data deleted within 30 days of account closure
  • Backup purge: Backups containing your data purged within 90 days
  • On-demand deletion: Request deletion of specific data at any time

Data Subject Rights

As the data controller, you are responsible for responding to data subject requests from your end users. CueBoard will assist you by:

  • Providing tools to search and export data
  • Processing deletion requests you submit
  • Referring any direct inquiries from data subjects to you

Security Measures

We protect your data with enterprise-grade security:

  • Encryption: TLS 1.2+ in transit, AES-256 at rest
  • Access controls: Role-based access, MFA, audit logging
  • Monitoring: 24/7 threat detection and incident response
  • Compliance: SOC 2 Type II certification (in progress)

For more details, see our Security page.

Contact Us

For questions about data usage or to request a Data Processing Agreement: