RGPD y Privacidad de Datos
The GDPR page (/gdpr) provides tools to help you comply with the General Data Protection Regulation.
Data Export
Export all personal data associated with a specific email address:
- Enter the customer's email address
- Click Export Data
- A CSV file is generated containing all feedback submissions from that email
- Download the file
The export includes: name, email, feedback text, ratings, timestamps, and any custom survey responses.
Rate limit: 10 exports per hour per tenant.
CSV Injection Prevention
The export sanitizes data to prevent CSV injection attacks. Formula-like content (starting with =, +, -, @) is prefixed with a single quote.
Data Deletion
Delete or anonymize all personal data for a specific email:
- Enter the customer's email address
- Choose: Delete (hard delete) or Anonymize (replace personal data with "[Deleted]")
- Confirm the action
- A deletion request is created and tracked
What Gets Deleted/Anonymized
| Data | Delete | Anonymize |
|---|---|---|
| Customer name | Removed | Replaced with "[Deleted]" |
| Customer email | Removed | Replaced with "[Deleted]" |
| Feedback text | Removed | Preserved |
| Photos/media | Deleted from storage | Deleted from storage |
| IP address | Removed | Removed |
| Ratings/NPS | Removed | Preserved |
Rate limit: 5 deletion requests per hour per tenant.
Automatic Data Retention
If your plan includes retencion de datos limits (e.g., 90 days, 365 days):
- Envios older than the retention period are automatically deleted or anonymized
- This runs daily via the
data:enforce-retentionscheduled command - The retention period is set per plan by the superadmin
Deletion Request Log
All deletion requests are logged with:
- Requester email and name
- Request date
- Status (pending/completed)
- Completion date