5str.io← Back to Home

Privacy Policy

Effective Date: March 31, 2026  ·  Last Updated: March 31, 2026

1. Who We Are

5str.io ("we," "us," or "our") is an online platform that helps business owners create custom customer feedback landing pages. We are operated as an unincorporated business doing business as 5str.io, based in Washington State, United States.

If you have questions about this Privacy Policy, contact us at: [YOUR EMAIL]

2. Scope of This Policy

This policy covers information we collect from two distinct groups:

  • Business Owners — individuals who create accounts and use 5str.io to manage their landing pages.
  • End Customers — individuals who visit a business's landing page via a link shared by that business owner. These visitors do not have a 5str.io account.

Important: When an end customer submits feedback or a rating on a business's landing page, that business owner is the data controller for that customer's information. 5str.io acts as a data processor on their behalf. We store and display that data solely to enable the business owner's use of the platform.

3. Information We Collect

3a. Business Owners

  • Account information: Email address, password (managed via Supabase Auth — we never store plaintext passwords).
  • Business profile: Business name, phone number (optional), business logo (uploaded image file).
  • Landing page content: Page nicknames, URL slugs, custom messages, rating style preferences, and linked review service URLs.
  • Billing information: When payment processing is enabled, payment details are handled directly by Stripe and are never stored on our servers.

3b. End Customers (Landing Page Visitors)

  • Voluntarily submitted: Name (optional), email address (optional), feedback message, star or emoji rating.
  • Email address storage: Customer email addresses are hashed before being stored in our database when used for review solicitation purposes. We do not store plaintext customer email addresses in our database.
  • Automatically collected: Anonymous page view events (no IP address or personal identifier stored), review platform link click events (no personal identifier stored).
  • Cookies: We set a single browser cookie per landing page to prevent duplicate feedback submissions. This cookie contains no personally identifiable information and expires after 30 days.

4. How We Use Your Information

  • To provide the service: Authentication, displaying your dashboard, storing and routing feedback to the appropriate business owner.
  • To send transactional emails: Account-related emails (password reset, etc.) and, when enabled, customer reply emails initiated by the business owner.
  • To display analytics: Aggregated page views, ratings, and click data shown to the business owner who owns that landing page.
  • To process payments: When billing is enabled, we share minimal required information with Stripe to process subscriptions.
  • We do not sell your data to any third party, ever.

5. Third-Party Services

We use the following third-party services to operate 5str.io. Each has its own privacy policy.

  • Supabase — database, authentication, and file storage (supabase.com)
  • Vercel — web hosting and deployment (vercel.com)
  • Resend — transactional email delivery (resend.com)
  • Stripe — payment processing, when enabled (stripe.com)

These services may process data in the United States or other jurisdictions. By using 5str.io you acknowledge this.

6. Data Retention

  • Business owner account data is retained until the account is deleted.
  • Customer feedback and analytics data associated with your landing pages is retained until you delete it or close your account.
  • Upon account deletion, we delete all associated data from our database within 30 days, except where we are required by law to retain certain records.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access and portability: Request a copy of the data we hold about you.
  • Correction: Request that we correct inaccurate information.
  • Deletion: Request deletion of your account and associated data. Business owners can delete their account directly from their account settings page.
  • Opt-out of marketing: We do not send marketing emails without your consent. Transactional emails (e.g. password reset) cannot be opted out of as they are required for account function.

To exercise any of these rights, contact us at [YOUR EMAIL].

8. Children's Privacy

5str.io is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

9. Security

We take reasonable technical and organizational measures to protect your information, including encrypted connections (HTTPS), hashed storage of sensitive identifiers, and access controls. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last Updated" date at the top of this page. Continued use of 5str.io after changes are posted constitutes acceptance of the updated policy.

11. Governing Law

This Privacy Policy is governed by the laws of the State of Washington, United States, without regard to its conflict of law provisions.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact:

5str.io

[YOUR ADDRESS]

Email: [YOUR EMAIL]

Terms of Service·Privacy Policy·Refund Policy