Privacy and data use
Privacy Policy
This public Privacy Policy explains how Fred handles personal data across the public website and the Fred platform, including customer-provided research material, customer-enabled platform integrations, AI-assisted analysis, and third-party tracking or infrastructure services.
This page is a public-facing policy statement for the Fred website and platform. Customer contracts, signed DPAs, and product-level notices may add more specific terms for particular workflows.
- Last updated
- Effective date
- Version
- privacy-2026-07-09
- Applies to
- Public website visitors, customers, workspace users, and people whose data is included in customer research materials.
Scope: Public website activity, customer-facing platform workflows, customer uploads, support interactions, billing records, and disclosed service providers.
Core hosting
Europe, with AWS and the database layer in Frankfurt, Germany.
Sensitive workflows
Recordings, behavioral signals, and AI-assisted analysis require purpose limitation, notice, and workflow-specific controls.
Customer boundary
Customers remain responsible for lawful instructions, external notices, and material uploaded outside Fred's native consent flows.
Platform integrations
Google Analytics, Google Calendar, Jira, PostHog, and Slack are customer-enabled integrations with provider-specific data limits.
1. Controller, scope, and roles
Fred The User Research Shepherd SRL is based in Italy and operates the public website and the Fred platform. Fred may act as a controller for public website activity, business contacts, billing, security, and support records. Fred may act as a processor when customers instruct Fred to host, organize, analyze, or report on customer research data inside the platform.
This policy covers the main public marketing site in this repository, related website services, and platform workflows where Fred receives or processes personal data. Some public content under /resources is delivered from a separate runtime surface and may use a separate implementation layer while remaining part of Fred's public web perimeter.
2. Data categories Fred may process
Depending on the workflow, Fred may process identification and account data, workspace metadata, billing records, support messages, technical diagnostics, website usage data, and customer-provided research materials.
Customer-provided research materials can include study responses, participant contact details, calendar metadata, recordings, transcripts, interaction events, tags, comments, reports, exports, and other evidence linked to a study or decision record.
Where a customer enables behavioral or AI-assisted workflows, the platform may also process signals derived from recordings or interactions, such as attention or gaze-related indicators, AI-generated summaries, evidence links, themes, tags, and similar research-support outputs.
- Public website data: analytics events, consent state, marketing referrals, and technical request metadata.
- Customer workspace data: accounts, projects, studies, participant records, files, prompts, reports, and collaboration artifacts.
- Sensitive research material: video, audio, transcripts, external uploads, behavioral signals, and AI-assisted outputs where enabled.
3. Purposes and legal bases
Fred processes personal data to operate the website and platform, secure the service, manage subscriptions, answer support or procurement requests, maintain auditability, and improve the product where permitted.
For customer-controlled research workflows, Fred processes data to provide requested platform functionality such as study setup, participant workflows, scheduling support, evidence management, AI-assisted synthesis, reporting, repository search, and collaboration.
Depending on the context, Fred relies on contract performance, legitimate interests, legal obligations, or consent. Where a workflow depends on recordings, behavioral analysis, marketing cookies, or similar sensitive or non-essential processing, Fred expects the relevant consent or other lawful basis to be in place before processing begins.
5. Customer-enabled platform integrations
This section covers provider data received or sent through customer-enabled Fred platform integrations. It includes Google Analytics, Google Calendar, Jira, PostHog, and Slack. For Google services, provider data includes Google API data received through OAuth-authorized Google APIs. This section is separate from public website cookies, Google Tag Manager, Google Ads, reCAPTCHA, and other website tracking described in Section 4 and in the Cookie Policy.
Fred uses integrations only when a workspace owner or authorized workspace user connects, configures, imports, refreshes, previews, or executes the relevant provider workflow. Provider permissions can be broader than the specific data Fred chooses to process; this section describes the current Fred implementation and should be read together with the provider consent screen shown during authorization.
Google Analytics integration. Fred requests https://www.googleapis.com/auth/analytics.readonly. Fred uses it to list available Analytics accounts and properties, validate the selected property, read supported dimension and metric metadata, and refresh aggregate reports from the selected property. Fred stores aggregate rows, counts, totals, source windows, snapshots, evidence signals, and selected property metadata. The current implementation does not store GA client IDs, Google user IDs, device IDs, or visitor-level rows.
PostHog integration. Fred requests query:read and project:read. Fred uses it to discover the selected PostHog project or environment, run a health check, and refresh aggregate event-count evidence. Fred stores aggregate event names, counts, totals, source windows, snapshots, evidence signals, and selected project or environment metadata. The current implementation does not store PostHog person profiles, PostHog distinct IDs, visitor rows, or raw PostHog event streams.
Scheduling integration: Google Calendar. Fred uses Google OAuth identity scopes together with https://www.googleapis.com/auth/calendar.readonly and https://www.googleapis.com/auth/calendar.events. Fred uses Calendar read access to list calendars selected or available for scheduling and to request free/busy windows for availability checks. Free/busy checks use calendar identifiers and busy start/end times; Fred does not read or store existing Google Calendar event titles, descriptions, attendees, locations, conference links, or recurrence rules for availability checks. Fred uses calendar.events to create, update, or delete Fred-created booking events on the selected calendar, or on the primary or available fallback calendar where no selected calendar is configured. Fred-created booking events may include the study name, participant label, optional study description, optional host name, duration, time zone, start and end time, and a Fred platform link. Fred stores the Google calendar ID, Google event ID, sync status, sync timestamp, and limited error state needed to keep the booking synchronized and auditable inside the Fred workspace.
Jira integration. Fred requests read:jira-work and write:jira-work. Fred uses read access to discover accessible Jira sites, projects, issue types, create metadata, and configured fields. Fred can import selected Jira issue evidence into a Fred project, including issue key, issue URL, summary, description text, issue type, status, priority, labels, components, and source updated time. The Jira import path is designed to exclude comments, assignee, reporter, creator, watcher, and other user identity fields from saved imported issue evidence. Fred uses Jira write access only for configured workflow actions, such as creating Jira issues or roadmap items from Fred findings, adding evidence comments to existing issues, or linking existing Jira issues back to Fred findings.
Slack integration. Fred requests chat:write and channels:read. Fred uses channels:read to list public Slack channels for destination setup and uses chat:write to send customer-approved finding or report-summary messages to the selected channel. The current Slack implementation stores selected channel ID and channel name, does not read Slack message history, and disables link and media unfurling in the Slack payload.
Fred uses provider integration data only to provide the customer-enabled feature that was configured: aggregate analytics evidence, calendar availability and booking synchronization, issue import, evidence review, report support, AI-assisted context where reviewed or attached evidence is eligible, and approved workflow delivery. Fred does not sell provider integration data or use it for advertising, retargeting, or unrelated marketing purposes.
- Data accessed: Google Analytics account/property metadata and aggregate GA4 report rows; Google Calendar account identity, calendar list metadata, free/busy windows, and Fred-created booking-event identifiers and fields; Jira site/project/issue metadata and selected issue fields; PostHog project/environment metadata and aggregate event-count query results; Slack workspace metadata, public channel IDs/names/archive status, and sent-message response identifiers.
- Data stored: provider connection metadata, selected source or destination configuration, encrypted integration credentials, saved aggregate analytics snapshots, imported Jira issue evidence, external evidence signals, workflow previews, action logs, provider object links, sync status, timestamps, provider IDs, provider URLs, and limited provider error state needed to operate and audit the integration.
- Data sharing: each provider receives the API requests and payloads needed to run the enabled integration. Fred's disclosed infrastructure, database, monitoring, support, and security providers may process the limited records needed to host, secure, troubleshoot, and operate those integrations. Authorized Fred personnel may access records only where needed for support, security, legal, or service administration.
- Storage and protection: integration credentials in Fred's integration-connection system are stored server-side in encrypted credential payloads; application responses exclude those credential payloads; provider API calls use HTTPS endpoints; workspace authorization checks control access to connection settings, destinations, saved evidence, booking records, previews, action logs, and object links.
- Retention and deletion: disconnecting an integration removes the active integration credentials and stops future provider reads or writes. Saved aggregate analytics snapshots, imported Jira issue evidence, Slack/Jira destinations, workflow previews, action logs, booking metadata, external object links, provider IDs, and provider URLs can remain in the customer workspace while needed for projects, reports, audit records, billing/legal/security records, backups, or support history, unless deleted or suppressed through available product, contractual, or support workflows. Disconnecting Fred does not delete provider-side data such as Google Calendar events, Jira issues, Jira comments, Slack messages, PostHog source data, or Google Analytics source data in the customer's provider workspace.
Customers remain responsible for choosing which provider account, workspace, project, property, calendar, environment, channel, or issue to connect and for ensuring that imported or exported content is appropriate for the research, reporting, scheduling, or workflow purpose.
6. Google API data, Limited Use, and AI-assisted processing
Fred’s use and transfer of raw or derived user data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Fred uses Google API data only to provide the user-facing Fred features that the user or workspace has enabled. These features may include Google Calendar scheduling workflows, Google Calendar booking synchronization, Google Analytics aggregate evidence workflows, reporting support, and AI-assisted research analysis where aggregate or derived evidence has been selected, reviewed, attached, or otherwise made eligible by the customer.
Fred does not sell Google API data, use Google API data for advertising or retargeting, or use Google API data to train generalized AI or machine learning models.
Where Google Analytics data is used in Fred’s AI-assisted workflows, Fred uses aggregate or derived evidence summaries, such as aggregate report rows, counts, totals, source windows, snapshots, evidence signals, freshness metadata, and limitations. Fred’s current implementation is not designed to store Google Analytics client IDs, Google user IDs, device IDs, IP addresses, ad identifiers, or visitor-level rows.
Where Google Calendar data is used, Fred uses it for customer-enabled scheduling, availability checks, and synchronization of Fred-created booking events. Fred does not use Google Calendar data to train generalized AI or machine learning models. Availability checks are designed around calendar identifiers and busy start/end times rather than existing event titles, descriptions, attendees, locations, conference links, or recurrence rules.
Fred’s AI-assisted processing is provided through Amazon Bedrock, operated by Amazon Web Services. Fred invokes model capabilities through Amazon Bedrock in European AWS Regions. Fred’s primary Bedrock configuration uses Europe (Stockholm), eu-north-1, and fallback or related Bedrock configuration may use other European AWS Regions such as Europe (Frankfurt), eu-central-1, where applicable.
Fred does not route Google API data to direct non-Bedrock model-provider APIs.
- Google API data is used only for enabled, user-facing Fred functionality.
- Google API data is not sold or used for advertising or retargeting.
- Google API data is not used to train generalized AI or machine learning models.
- AI-assisted processing, where enabled, is routed through Amazon Bedrock in European AWS Regions.
- Google Analytics data used in AI-assisted contexts is aggregate or derived evidence, not visitor-level identity data.
- Google Calendar data is used for scheduling, availability checks, and Fred-created booking synchronization.
7. AI-assisted analysis, recordings, and behavioral signals
Fred offers AI-assisted features to help organize and review research evidence. Depending on the enabled workflow, these features may process transcripts, summaries, tags, thematic clusters, evidence links, interaction patterns, or behavioral indicators derived from customer-provided material.
If a customer uploads external recordings, imports participant material, or requests analysis outside Fred's native notice and acceptance flow, the customer remains responsible for ensuring that the upload and the requested analysis are lawful, properly noticed, and appropriately consented where required.
Fred's AI-assisted and behavioral-analysis features are research-support tools. They are not presented as definitive statements about a person's feelings, intent, identity, health, legal status, employability, or future behavior.
Fred may refuse, suspend, or remove a workflow if required notices, permissions, or legal preconditions are missing or appear unreliable.
9. Retention, deletion, and security handling
Fred keeps data for as long as needed to provide the service, follow customer instructions, maintain security, support billing and auditability, comply with legal obligations, or resolve disputes. Different data categories can have different retention periods.
Customers can request deletion or export of customer-controlled data according to the product capability, written agreements, and applicable law. Fred may retain limited records where required for billing, legal obligations, backup integrity, security investigation, or fraud prevention.
Fred applies access controls, infrastructure safeguards, and privacy-aware operational practices that reflect the sensitivity of research evidence, participant data, and customer records.
10. Rights and contact
Depending on the applicable law and the role Fred is performing, people may have rights to access, correct, delete, restrict, object to, or port their personal data, and to lodge a complaint with a competent supervisory authority.
If Fred receives a request about customer-controlled research data, Fred may direct the requester to the relevant customer while providing reasonable assistance where appropriate. Questions about this policy or Fred's privacy handling can be sent to the contact address below.
Contact
Questions about this document can be sent to [email protected].