Skip to main content
Sleekplan is headquartered in Munich and operates under German and European data protection law. We are fully committed to upholding compliance with the General Data Protection Regulation (GDPR) at all times. This article explains how GDPR applies to Sleekplan, what data we handle on your behalf, and how our setup helps you stay compliant when you collect feedback from your own users.
This is a reference article for workspace owners and admins who need to understand Sleekplan’s data handling. It is not legal advice. For your own compliance, always confirm your obligations with your legal team.

What GDPR is

The General Data Protection Regulation is the main framework of Europe’s digital privacy legislation. It took effect on May 25, 2018. Although it was created by the European Union, it applies globally: any company, website, or organization worldwide that processes the personal data of EU residents falls under GDPR.

Sleekplan’s role

Under GDPR, Sleekplan acts in two roles at the same time:
  • Data controller for our own operations. This covers our website, the admin dashboard, our customer database, and our marketing, where we decide how and why data is processed.
  • Data processor when we handle your end users’ data. Here we process personal data only on your instructions, so that your feedback board, roadmap, changelog, and surveys work. You remain the controller for the data your users submit.

What data we process

We keep two categories of personal data separate, matching the two account types in the platform. Your data as a Sleekplan customer:
  • Names, email addresses, and profile pictures
  • Payment and invoicing information
Your end users’ data:
  • Usernames, email addresses, and activity timestamps
  • Profile pictures and profile information
  • Anonymized, IP-derived location data
  • Operating system and browser versions
Your end users never create an account “at Sleekplan.” They exist only inside your own workspace, which is why the data above belongs to you as the controller. See How Sleekplan handles end-user accounts for the full explanation.

Where your data is stored and secured

Data is hosted in Amazon Web Services (AWS) facilities in the eu-west-1 region in Ireland, inside the European Union. AWS provides a GDPR-compliant Data Processing Addendum (DPA) that incorporates Standard Contractual Clauses (SCCs) for any international data transfers, so cross-border processing stays covered by an approved legal mechanism.

Our sub-processors

To run the service we rely on a set of third-party sub-processors. Each one has verified GDPR compliance, with a Data Processing Agreement or Standard Contractual Clauses in place. You can see the current, always up-to-date list on our Trust Center.

Our commitment to your data

Sleekplan does not share or resell your data, or your end users’ data. We never use it for advertising or for third-party analytics purposes. Data is processed solely to provide the service you signed up for.

How Sleekplan helps you stay compliant

Being GDPR-ready is a shared responsibility. Sleekplan gives you the controls to meet your own obligations:
  • Show your legal terms and collect consent. Display your Terms and Privacy Policy on the sign-up form, and optionally require an “I Agree” checkbox before a visitor identifies themselves. See Show your Terms and Privacy Policy.
  • Control who can access your board and how they sign in. Keep your portal open, or gate it behind a password, allowed email domains, or your own single sign-on. See Control who can access your board.
  • Export your data on request. Download a full CSV snapshot of your feedback, comments, votes, changelog, user accounts, and survey responses, which helps you answer data-access requests. See Export your workspace data.

Show your Terms and Privacy Policy

Add your legal links and consent checkbox to the sign-up form.

Control who can access your board

Gate your portal with a password, email domains, or single sign-on.

How Sleekplan handles end-user accounts

Understand where your end users’ data lives and who controls it.

Export your workspace data

Download a CSV snapshot of everything in your workspace.