공식 배지
기업 조달에 중요한 모든 인증, 프레임워크 및 플랫폼 승인 현황.
Meta App Review Approved
FeedGuardians is an approved Meta Business Partner. Our Instagram and Facebook integrations have passed Meta's App Review process for page_read_engagement, pages_manage_engagement, instagram_manage_comments, and instagram_manage_insights scopes.
TikTok Business Partner
FeedGuardians is registered as a TikTok Business Solution Partner with approved access to the TikTok Content Posting API and Comment Moderation API.
SOC 2 Type II
FeedGuardians is currently in the SOC 2 Type II audit observation period with an external auditor. Letter of Engagement and progress documentation available on request for enterprise customers.
GDPR Compliance
FeedGuardians is GDPR compliant for EU and UK customers. We act as a data processor under Article 28, with a signed Data Processing Agreement available as part of all enterprise contracts.
CCPA Compliance
FeedGuardians complies with the California Consumer Privacy Act. Users and end-users whose comments are processed can exercise CCPA rights via our privacy portal.
DPA (Data Processing Agreement)
A signed Data Processing Agreement is available for all customers on Pro and Enterprise plans. Contact [email protected] to request the current version.
여섯 신뢰의 기둥
Encryption in transit and at rest
All data transmitted to and from FeedGuardians uses TLS 1.3. All data at rest in our primary database and backups is encrypted with AES-256. Encryption keys are managed through a Key Management Service and rotated on a 90-day schedule.
OAuth-only platform access
FeedGuardians never asks for platform passwords. Instagram, Facebook, TikTok, and Bluesky are connected via official OAuth flows, and access tokens are encrypted at rest and never exposed to any client. You can revoke access at any time from the platform side or from your FeedGuardians settings.
Principle of least privilege
FeedGuardians requests the minimum permission scopes required to moderate comments. We do not request access to DMs unless DM moderation is explicitly enabled. We do not request access to ads account billing data, insights data, or any scope that is not directly required for the moderation function.
Per-account data isolation
Customer data is logically isolated at the tenant level. Moderation rules, classifications, audit logs, and billing are scoped to a single customer account. Internal access is role-based and logged.
Data retention and deletion
Comments are processed in memory for classification and retained only in aggregated form for your dashboard. Raw comment content is retained for 30 days for audit and retraining, then deleted. Customers can request full data deletion at any time — executed within 30 days of request.
Subprocessor transparency
FeedGuardians maintains a public list of all subprocessors (infrastructure, AI model providers, support tools) and provides 30 days notice before adding any new subprocessor. Enterprise customers can subscribe to subprocessor update notifications.
모든 제3자 귀하의 데이터에 접촉하는
우리는 모든 하위 프로세서의 투명한 목록을 유지하며, 새로운 하위 프로세서를 추가하기 30일 전에 기업 고객에게 알립니다.
누구에게 연락할지 what
Report vulnerabilities or request a penetration-testing engagement window.
Data processing agreements, subject access requests, and deletion requests.
Enterprise contracts, security questionnaires, and procurement reviews.
조달 및 보안 질문
When a comment is posted on your connected platform, FeedGuardians receives it via webhook or API polling, classifies it, and takes the action you have configured (hide, approve, auto-reply, escalate). The raw comment content is retained for 30 days in encrypted storage for audit and classification-model retraining, then automatically deleted. Only aggregate statistics (counts, sentiment averages, categories) are retained beyond 30 days.
FeedGuardians hosts data in AWS regions. North American customers are hosted in us-east-1 by default; EU customers are hosted in eu-west-1. Enterprise customers can request specific region pinning. Backups are encrypted and stored in the same region as the primary database.
Yes, comment classification is performed via OpenAI and Anthropic APIs — but both providers are configured with zero data retention mode, meaning comment content is not stored on their infrastructure and is not used for training their foundation models. This is contractually enforced via our API agreements with both providers.
Yes. A signed DPA is available for all Pro and Enterprise customers at no additional cost. The DPA follows the standard GDPR Article 28 structure with Standard Contractual Clauses for international transfers. Contact [email protected] for the current version.
FeedGuardians is currently in the SOC 2 Type II observation period with an external auditor. The Type II report is expected within the standard audit window. We can provide a Letter of Engagement and SOC 2 Type I report on request for enterprise customers conducting due diligence.
Yes. When you cancel, you have 30 days to export any data you want to keep from the dashboard. After 30 days, we automatically delete all raw comment data and audit logs tied to your account. You can also request immediate deletion by emailing [email protected] — we execute within 72 hours.
We maintain an incident response plan with defined severity levels and escalation paths. In the event of a security incident affecting customer data, we commit to notifying affected customers within 72 hours and providing a root cause analysis within 14 days. Enterprise customers can subscribe to proactive security advisories.
Yes. We complete CAIQ, SIG Lite, and custom enterprise security questionnaires as part of standard procurement for Enterprise customers. Reach out via [email protected] to initiate a questionnaire.