Security & Compliance

Built to protect honesty,
not just promise it.

Senseeing protects every response with structural anonymization. Your words are rewritten into neutral language, stripped of identifying details, and combined with others. Your responses are de-linked from your identity, device, and IP address before they are processed. Your raw responses are deleted 48 hours after the conversation finishes.

How We Protect Your Data

Senseeing is built on a privacy-first architecture where anonymity is not a feature. It is the foundation.

Privacy-First Anonymity

We structurally cannot identify who said what. Not a promise not to look. The system is designed so identification is not possible.

  • All responses are rewritten into neutral language before anyone sees them.
  • Raw conversation content is deleted when the team report is generated.
  • Participants can withdraw their full submission before the report is generated.
  • Participants review their extracted themes and can remove any before they are included.

Data Minimization

We collect only what is necessary to run the session. Nothing else.

  • No personal data stored in the feedback layer.
  • Pseudonyms rotate with every session. They cannot be linked across conversations.
  • Participant access uses one-time tokens, not accounts. No link between identity and responses.
  • Your responses are de-linked from your token, IP address, and device before synthesis.

Infrastructure Security

Enterprise-grade cloud infrastructure with encryption at every layer.

  • Encrypted at rest (AES-256) and in transit (TLS 1.3)
  • EU-hosted database (Neon PostgreSQL)
  • Vercel edge network with DDoS protection
  • Security-first development practices

Security Oversight

Our engineering team reviews security practices and monitors for issues.

  • Regular security reviews of access and data handling
  • Incident response procedures in place
  • Contact hello@senseeing.com for security inquiries

What We DON'T Collect

Unlike "anonymous" survey tools that still track IP addresses, device fingerprints, and metadata:

No IP address logging
No device fingerprinting
No location tracking
No browser metadata
No timing correlation analysis
No keystroke patterns
No cookie tracking
No analytics or tracking scripts on participant-facing pages

Privacy-First Architecture

Most "anonymous feedback tools" rely on organizational policy. We rely on structural design.

The Problem With Traditional Surveys

Traditional anonymous surveys store responses with metadata that makes re-identification possible:

  • Timestamps (who was online at 3:47 AM?)
  • IP addresses (traced to office locations)
  • Browser fingerprints (unique to each device)
  • Writing style (linguistic fingerprinting)

Our Solution: Structural Anonymization

Built-In Anonymity

Responses are rewritten into neutral language and combined before anyone sees them. Pseudonyms rotate with every session so they cannot be linked across conversations. Raw responses are deleted 48 hours after the conversation finishes.

Team Size Thresholds

Themes only surface when enough people share them. Teams under 20 people require at least 3 voices. Teams of 20 to 99 require at least 8. Teams over 100 require at least 15. Participant counts are shown as ranges, not exact numbers.

Identifying Detail Removal

AI scans all responses for self-identifying information before themes are shared. Names, specific project references, and unique details are stripped or rewritten.

Compliance & Certifications

Enterprise-grade compliance for organizations that take security seriously.

GDPR Compliant
By Design
End-to-End Encryption
Standard

GDPR Compliance

Data minimization by design
Purpose limitation enforced
Right to erasure (Article 17)
Data portability (Article 20)
Processing without identification (Article 11)
EU data residency options

Data Protection

How we protect your data at every layer of the stack.

Encryption at Rest

All data encrypted with AES-256. Database-level encryption with key rotation. Backup encryption with separate keys.

Encryption in Transit

TLS 1.3 for all connections. HSTS and secure headers enforced. Perfect forward secrecy enabled.

Infrastructure

EU-hosted PostgreSQL database (Neon). Vercel edge hosting. Automated security updates. DDoS protection.

Access Control

Magic link authentication. No passwords stored. Session management with secure cookies. Access logging.

Still have security questions?

Have security questions? We are happy to walk you through our architecture and privacy model in detail. Contact hello@senseeing.com

Try the interactive demo

Related Documentation

Data Subprocessors

The following third-party providers process data on our behalf:

Anthropic/AI conversation processing(US with EU standard contractual clauses)
Neon/PostgreSQL database hosting(EU region)
Vercel/Application hosting and CDN
Brevo/Transactional email delivery(EU)