TopReact

Privacy Policy

Last updated: January 27, 2026

1. Introduction

TopReact ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using TopReact, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us:

  • Account Information: Name, email address, password, organization name
  • Profile Information: Profile picture, job title, preferences
  • Billing Information: Payment method details (processed securely via Stripe)
  • Feedback Data: User feedback collected through your widgets
  • Communications: Messages, support requests, survey responses

2.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data: Pages viewed, features used, time spent, interactions
  • Device Information: Browser type, operating system, device type, screen resolution
  • Log Data: IP address, access times, referring URLs, error logs
  • Cookies: Session cookies, preference cookies, analytics cookies
  • Location Data: Approximate geographic location based on IP address

2.3 Information from Third Parties

We may receive information from third-party services:

  • OAuth Providers: Google, GitHub, Apple Sign-In (name, email, profile picture)
  • Payment Processors: Stripe (payment confirmation, billing information)
  • Analytics Services: Aggregated usage statistics

3. How We Use Your Information

We use your information for the following purposes:

3.1 Provide and Improve the Service

  • Create and manage your account
  • Process and analyze feedback data
  • Provide AI-powered insights and classification
  • Generate analytics and reports
  • Improve and optimize the Service
  • Develop new features and functionality

3.2 Communication

  • Send service-related notifications and updates
  • Respond to your inquiries and support requests
  • Send marketing communications (with your consent)
  • Conduct surveys and gather feedback

3.3 Security and Fraud Prevention

  • Detect and prevent fraud or abuse
  • Monitor for security threats
  • Enforce our Terms of Service
  • Protect the rights and safety of users

3.4 Legal Compliance

  • Comply with legal obligations
  • Respond to law enforcement requests
  • Protect our legal rights

4. AI and Data Processing

4.1 AI Processing

We use artificial intelligence (AI) to analyze feedback data:

  • Classification: AI categorizes feedback into predefined categories
  • Sentiment Analysis: AI determines emotional tone of feedback
  • Insights Generation: AI identifies patterns and trends
  • Summarization: AI creates concise summaries of feedback clusters

4.2 AI Service Providers

We use the following AI services:

  • Anthropic Claude: Feedback classification and reasoning
  • OpenAI: Vector embeddings for similarity search
  • Google Gemini: Text generation and summarization

Your feedback data is sent to these services only for processing and is not used to train their models (per our agreements with these providers).

4.3 Data Anonymization

When using aggregated data to improve the Service, we:

  • Remove personally identifiable information
  • Aggregate data across multiple customers
  • Use statistical sampling to prevent re-identification

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Cloud hosting (Cloudflare, Neon Database)
  • Payment processing (Stripe)
  • Email delivery (Resend)
  • AI processing (Anthropic, OpenAI, Google)
  • Analytics (privacy-respecting tools only)

5.2 Business Transfers

If TopReact is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Government or regulatory requests
  • Protection of rights, property, or safety
  • Enforcement of our Terms of Service

5.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: Data encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Access Controls: Role-based access controls and multi-factor authentication
  • Secure Infrastructure: Hosted on secure cloud platforms with DDoS protection
  • Regular Audits: Security assessments and vulnerability testing
  • Incident Response: Procedures for detecting and responding to breaches

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

  • Active Accounts: Retained while your account is active
  • Canceled Accounts: Retained for 90 days after cancellation
  • Billing Records: Retained for 7 years for tax and accounting purposes
  • Anonymized Data: May be retained indefinitely for analytics
  • Legal Requirements: Retained as required by applicable law

You may request deletion of your data at any time by contacting privacy@topreact.com.

8. Your Privacy Rights

8.1 General Rights

You have the right to:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain types of processing
  • Restriction: Request restriction of processing in certain circumstances

8.2 GDPR Rights (EU/UK Users)

If you are located in the European Union or United Kingdom, you have additional rights under GDPR:

  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority
  • Right to object to automated decision-making and profiling

8.3 CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information is collected, used, and shared
  • Delete personal information (subject to exceptions)
  • Opt-out of the sale of personal information (we do not sell data)
  • Non-discrimination for exercising privacy rights

8.4 Exercising Your Rights

To exercise your privacy rights, contact us at privacy@topreact.com. We will respond within 30 days and may need to verify your identity before processing your request.

9. Cookies and Tracking Technologies

9.1 Types of Cookies

We use the following types of cookies:

  • Essential Cookies: Required for authentication and basic functionality
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Help us understand usage patterns
  • Security Cookies: Detect fraud and abuse

9.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit functionality of the Service.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your home country.

When we transfer data internationally, we use appropriate safeguards such as:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield frameworks (where applicable)
  • Encryption and security measures

11. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

12. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information to them.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

  • We will update the "Last updated" date at the top of this page
  • We will notify you via email or in-app notification for material changes
  • Your continued use of the Service constitutes acceptance of the changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@topreact.com

Support: support@topreact.com

Website: topreact.com

Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at dpo@topreact.com.