SparkIntell Inc, doing business as FeedMarch (“FeedMarch”, “we”, “us”, “our”) takes your privacy seriously. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding it. It applies globally, including to users in the European Union (GDPR), California (CCPA/CPRA), and all other jurisdictions.
1Who This Policy Covers
This policy covers three categories of people who interact with FeedMarch:
- —Visitors: people who browse www.feedmarch.com without creating an account
- —Users: registered individuals who post wishes, add their voice, and comment
- —Company Administrators: individuals who enroll and manage a company account
2Personal Data We Collect
2.1 Data You Provide Directly
When you create a user account:
- —Username, email address, and password (hashed)
- —Profile information you choose to add
- —Content you submit: wishes, comments, voices, attachments
- —Anonymous display preference (toggle setting)
When you enroll a company account:
- —Company name, website, and category
- —Contact name and business email of the enrolling administrator
- —Billing information (processed by our payment processor; we do not store raw payment card data)
- —Official responses and status updates you post
2.2 Data We Collect Automatically
When you use FeedMarch, we automatically collect:
- —IP address and approximate geolocation (country/region level)
- —Browser type, operating system, and device information
- —Pages visited, features used, and time spent on the platform
- —Referral URLs (how you arrived at FeedMarch)
- —Cloudflare Turnstile bot-detection signals (browser telemetry for humanity verification)
- —Voting patterns and engagement activity
2.3 Data From Third-Party Sources
If you sign in via magic link or any future SSO option, we receive authentication confirmation from the relevant identity provider. We do not receive your password from third-party providers.
3How We Use Your Personal Data
We process personal data for the following purposes and legal bases:
| Purpose | Examples | Legal Basis |
|---|---|---|
| Platform Operation | Account creation, wish display, voting, comments | Contract performance |
| AI Processing | Duplicate detection, content moderation, insight summaries | Legitimate interest |
| Trust & Safety | Bot detection, shadow banning, moderation | Legitimate interest |
| Analytics (Aggregated) | Company dashboards, trend reports (anonymized) | Legitimate interest |
| Legal Compliance | Responding to court orders, DMCA, fraud prevention | Legal obligation |
| Platform Improvement | Product development, bug fixing, feature testing | Legitimate interest |
| Communications | Account notifications, material ToS changes | Contract / Legal obligation |
AI Processing Disclosure: FeedMarch uses AI embedding models and moderation APIs (including the OpenAI Moderation API) to process submitted text before publication. This processing occurs automatically and is integral to platform safety. By submitting content, you consent to this automated processing.
Email Communications: FeedMarch sends two categories of email: (1) Transactional emails (account verification, security alerts, password resets, billing notifications, and legal notices) which are required for platform operation and cannot be fully opted out of while maintaining an active account; and (2) Marketing emails (product updates, newsletters, and promotional content) which you may opt out of at any time via the unsubscribe link or account settings.
4What We Do NOT Do With Your Data
Platform Data Ownership: FeedMarch retains full ownership of all aggregated, anonymized, and derived data generated from user activity on the platform, including but not limited to trending scores, demand signals, category insights, engagement patterns, and AI-processed intelligence. This Platform Data is distinct from User Content (which users own) and is a proprietary commercial asset of FeedMarch. Use of the platform constitutes acknowledgment of FeedMarch's ownership of Platform Data.
- —We do not sell your personal data to third parties
- —We do not share your personal data with advertisers for targeted advertising
- —We do not share individual user identity with companies, even when companies access insights about wishes related to their products; all company-facing analytics are aggregated and anonymized
- —We do not use your personal data to make automated decisions that produce significant legal effects on you without human review
5How We Share Personal Data
Service Providers
Trusted vendors who help us operate FeedMarch, including Supabase (database and authentication), Vercel (hosting), OpenAI (text moderation), Cloudflare (bot detection and CDN), and payment processors. These providers are contractually bound to use your data only for the services they provide to us.
Legal Authorities
Courts, law enforcement agencies, or government bodies when we are legally required to do so, or when we believe disclosure is necessary to prevent harm or protect FeedMarch's legal rights. Where possible, we will notify you before complying with such requests.
Business Transfers
In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity. We will notify you via email and a prominent platform notice before your data is subject to a different privacy policy.
6Data Retention
- —Active account data: retained for the life of your account
- —Deleted account data: personally identifiable information purged within 90 days of account deletion
- —Wish and comment content: may be retained in anonymized/aggregated form after account deletion, as it contributes to the platform's public record and analytics
- —Moderation records: retained for 2 years for trust and safety purposes
- —Legal hold data: retained as required by applicable law or ongoing legal proceedings
7Your Privacy Rights
7.1 Rights for All Users
Regardless of where you are located, you have the right to:
- —Access the personal data we hold about you
- —Correct inaccurate personal data
- —Delete your account and associated personal data (subject to retention requirements above)
- —Receive a copy of your data in a portable format
- —Withdraw consent where processing is based on consent
7.2 Rights for EU/EEA Users (GDPR)
If you are located in the EU or EEA, you additionally have the right to:
- —Object to processing based on legitimate interest
- —Restrict processing in certain circumstances
- —Lodge a complaint with your local data protection authority
Our legal bases for processing EU personal data are: contract performance (account operation), legitimate interest (safety, analytics, platform improvement), and legal obligation (compliance with law).
7.3 Rights for California Users (CCPA/CPRA)
California residents have the right to:
- —Know what categories of personal data we collect, use, and share
- —Delete personal data (subject to exceptions)
- —Correct inaccurate personal data
- —Opt out of the “sale” or “sharing” of personal data. FeedMarch does not sell or share personal data for cross-context behavioral advertising, so this right is effectively satisfied by default
- —Non-discrimination for exercising CCPA rights
To exercise any of these rights, contact us at privacy@feedmarch.com or submit a request through your account settings. We will respond within 45 days (GDPR: 30 days). We may require identity verification before processing requests.
8Data Security
We implement industry-standard technical and organizational security measures to protect your personal data, including:
- —Encrypted data storage (PostgreSQL with encryption at rest)
- —Encrypted data transmission (HTTPS/TLS)
- —Secure image quarantine workflow before public storage
- —Access controls limiting who within FeedMarch can access personal data
- —Regular security reviews
No system is 100% secure. In the event of a data breach affecting your rights, we will notify you and relevant authorities as required by applicable law.
9International Data Transfers
FeedMarch is operated from the United States. If you access FeedMarch from outside the US, your data will be transferred to and processed in the United States. For transfers from the EU/EEA, we rely on Standard Contractual Clauses (SCCs) with our service providers to ensure adequate protection of your data.
10Children's Privacy
FeedMarch is not directed to individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If we become aware that a user is under 18, we will delete their account and associated data promptly. If you believe a minor has created an account, contact us at privacy@feedmarch.com.
11Anonymous Visitors
You can browse FeedMarch's public feed without creating an account. In this case, we collect limited data automatically (IP address, browser type, pages visited) for security and analytics purposes. This data is not linked to any personal identity.
12Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email and/or a prominent notice on the platform at least 14 days before the changes take effect. The updated policy will be posted with a revised effective date.
13Contact
Privacy Team, SparkIntell Inc DBA FeedMarch
Email: privacy@feedmarch.com
Web: www.feedmarch.com
Response time: 30 business days for GDPR requests · 45 calendar days for CCPA requests