InviziPoll

Privacy Policy

Last updated: April 2026

Version 2.1 — added Anthropic as AI poll authoring subprocessor (Phase 51).

Introduction

InviziPoll is the legal entity that operates workplace polling software. In this Privacy Policy, "InviziPoll," "we," "us," and "our" refer to that entity. This policy explains how we collect, use, share, and protect personal information when you use our websites, applications, and related services (collectively, the "Service").

What we never do with poll answers: Poll responses are end-to-end encrypted in the respondent's browser. Our servers receive and store ciphertext only. We do not decrypt response bodies and we never see poll answer plaintext.

Information we collect

We collect the minimum personal information needed to run the Service. The categories below are described in plain language; not every item applies to every user.

  • Account and authentication data. For example: email address, name, password hash, and session or security identifiers used to keep you signed in and protect your account.
  • Workspace and organization metadata. For example: organization or workspace name, slug, branding preferences, team and role information, poll titles and settings, and other operational data needed to run workspaces. This does not include readable poll answer content on our servers.
  • Billing and subscription data. Payment processing is handled by Stripe. We receive billing-related information needed to manage subscriptions (for example plan, status, and payment identifiers), while Stripe processes payment card and transaction details according to its own policies.
  • Support and communications. Information you send us by email or through support channels, including your contact details and the content of your messages.
  • Marketing page-view analytics (marketing site only). On public marketing pages, we collect first-party analytics sent to our own API (for example page path, query parameters such as UTMs, hostname, and HTTP referrer). This helps us understand traffic sources and improve our marketing. It does not run on respondent poll pages.
  • Security and operations data. Limited technical data needed to secure the Service and troubleshoot issues (for example server logs, IP addresses in security contexts, and similar records). We use this to detect abuse, protect accounts, and operate reliable infrastructure.

Legal bases for processing (GDPR)

If the GDPR applies, we rely on one or more of the following legal bases:

  • Contract. Processing necessary to provide the Service you request—for example account creation, authentication, workspaces, and billing.
  • Legitimate interests. Where balanced against your rights, for example securing the Service, preventing fraud and abuse, improving reliability, and understanding use of our marketing pages through first-party analytics.
  • Consent. Where we ask for consent (for example certain optional communications or cookies that require consent in your jurisdiction), you may withdraw consent at any time without affecting processing that does not rely on consent.
  • Legal obligation. Processing necessary to comply with applicable law—for example tax or financial record-keeping tied to billing.

How we use your information

We use personal information to operate, secure, and improve the Service; communicate with you about your account and transactions; comply with law; and enforce our terms. We do not sell your personal information and we do not use it for third-party behavioral advertising.

End-to-end encrypted poll responses

Poll responses are encrypted in the respondent's browser before they are sent to us. Our servers store only ciphertext. We do not perform server-side decryption of response bodies, and respondent answer content is not visible to us in plaintext.

Authorized workspace members decrypt results in supported client environments. Separately, admin sign-in and optional server-assisted workspace key recovery exist to help legitimate administrators access their workspace keys. Those flows support account and key access—they are not used to read individual respondent answers in plaintext on our servers.

Cookies, analytics, and similar technologies

Respondent and poll pages

Respondent poll pages are designed to avoid tracking and fingerprinting. We do not use third-party analytics, tracking cookies, or fingerprinting on those pages in the way many marketing sites do. This aligns with our zero-telemetry commitment for respondents.

Marketing site

On public marketing pages, we use first-party analytics only: page path (including query parameters such as UTMs), hostname, and referrer, sent to our own API endpoint. We do not use third-party ad pixels for cross-site behavioral advertising on the marketing site. Session cookies or similar technologies may be used where needed for basic site and security functions.

Sharing and subprocessors

We share personal information only as needed to operate the Service, with service providers who are bound by contractual obligations. We do not sell personal information and we do not share it for cross-context behavioral advertising.

Our material subprocessors and categories of processing include:

  • Stripe — payment processing and subscription management.
  • Amazon SES — delivery of transactional email (for example verification, password reset, invitations).
  • Railway — hosting and infrastructure for our applications and data.
  • Cloudflare — content delivery, DNS, and related network and security services in front of our sites and APIs.
  • Anthropic, PBC — AI poll authoring assistance — generates and refines poll questions and options at the admin's request. Data shared: prompt text and poll definitions (titles, questions, options) you submit to AI features. We never transmit respondent answers or any encrypted response content to Anthropic under any circumstance. Retention: Prompt content you send to Anthropic may be retained for up to 7 days for abuse review under Anthropic's standard API data-handling policy (reduced from 30 days on 2025-09-14). API traffic is not used to train public foundation models. We do not transmit respondent answers to Anthropic under any circumstance. Region: United States. Effective: April 2026.

We may also disclose information if required by law, to protect rights and safety, or in connection with a merger, acquisition, or asset sale, subject to applicable law.

Data retention

  • Account and workspace data. Retained while your account or workspace is active and for a reasonable period afterward if needed for backups, legal compliance, or dispute resolution.
  • Poll responses (ciphertext). Retained according to each poll's settings and retention rules, including automatic purge after closure where applicable.
  • Marketing page-view records. Stored to support marketing analytics and may be deleted or aggregated over time as part of normal operations; we do not need to keep every raw record forever.
  • Billing records. Retained as required for accounting, tax, and legal obligations (often several years), even if you close your account.
  • Security logs. Retained for a limited period appropriate for security monitoring, incident response, and abuse prevention.

Deleting a workspace permanently removes associated workspace data from our active systems, subject to backup rotation and legal retention described above.

Your privacy rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal information; to object to or restrict certain processing; to withdraw consent where processing is based on consent; and to lodge a complaint with a data protection authority in the EEA, UK, or Switzerland (as applicable).

To exercise these rights, contact us at . We will respond within the timeframes required by applicable law. We may need to verify your request before we act on it.

California privacy rights (CCPA/CPRA)

If you are a California resident, this section applies to you in addition to the rest of this policy.

Categories of personal information. We collect the categories described under "Information we collect," which may include identifiers (such as name and email), commercial information (such as subscription records), internet or network activity (such as first-party marketing page analytics), and other categories inferred from the above.

Business and commercial purposes. We use each category for the operational and security purposes described in this policy.

Sale and sharing. We do not "sell" personal information as defined by the CCPA/CPRA, and we do not "share" personal information for cross-context behavioral advertising.

Your rights. You may have the right to know what personal information we collect, use, and disclose; to request deletion or correction; to opt out of sale/sharing (not applicable here, but you may still contact us with questions); and to limit use of sensitive personal information where the law applies. We will not discriminate against you for exercising these rights.

Authorized agents. You may designate an authorized agent to submit a request on your behalf. We may require proof of authorization and verify your identity.

How to submit requests. Email with the subject line "California Privacy Request" and describe what you need. We will confirm receipt and respond as required by law.

Security

We use modern cryptography (including post-quantum protections in line with our product design), client-side encryption for poll responses, encryption at rest where appropriate, and access controls to protect personal information. No method of transmission or storage is 100% secure; we work to safeguard your data and review our security practices over time.

Data breach notification

If we become aware of a breach that affects personal information under our control, we will notify affected users and regulators as required by applicable law. Specific timelines and content of notices vary by jurisdiction and the nature of the incident.

Email communications (including CAN-SPAM)

We send transactional and service-related emails as part of operating your account (for example security notices, billing, and messages you trigger through the product). You may not be able to opt out of these while you use the Service, because they are part of providing the Service.

If we send optional marketing emails, we will include a clear way to unsubscribe, and we will honor opt-out requests promptly as required by law.

AI and automated decision-making

We do not use AI to make solely automated decisions with legal or similarly significant effects. We do not train AI models on customer poll content.

International data transfers

We are based in the United States and use infrastructure and subprocessors that may process data in the United States and other countries. If we transfer personal information from the EEA, UK, or Switzerland to countries that have not received an adequacy decision, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms, supplemented as needed.

Children's privacy

The Service is intended for business users and is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us at and we will take appropriate steps.

Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice as required by law—for example by email or a prominent notice in the Service. Your continued use of the Service after the effective date of an update means you accept the revised policy, except where your consent is required by law.

Contact us

For privacy-related questions or requests, contact InviziPoll at .