{"id":26415,"date":"2024-11-03T11:52:04","date_gmt":"2024-11-03T11:52:04","guid":{"rendered":"https:\/\/refiner.io\/docs\/?post_type=knowledgebase&#038;p=26415"},"modified":"2026-03-23T14:36:18","modified_gmt":"2026-03-23T14:36:18","slug":"legal-compliance","status":"publish","type":"knowledgebase","link":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/","title":{"rendered":"Legal &amp; Compliance"},"content":{"rendered":"\n\n\n<p><em>Last reviewed: 2026-03-23<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">At a glance<\/h2>\n\n\n\n<p>Refiner is designed to help you collect user feedback in a privacy-conscious and compliant way. This page outlines how Refiner handles data and what you need to consider when using the product.<\/p>\n\n\n\n<p>When using Refiner, you may send and process user data such as identifiers, attributes (traits), and survey responses. Depending on your use case and location, this data may be subject to data protection regulations.<\/p>\n\n\n\n<p>Here is a quick overview of what Refiner provides to help you stay compliant:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Data hosting: AWS (eu-west-1, Ireland)<\/li>\n\n\n\n<li>Data residency: All user data is stored and processed within the European Union<\/li>\n\n\n\n<li>Data processing role: Refiner acts as a data processor for your user data; you remain the data controller<\/li>\n\n\n\n<li>Sub-processors: By default, no user data is processed by third-party sub-processors other than our hosting provider<\/li>\n\n\n\n<li>Security: SOC 2 Type II certified infrastructure and controls<\/li>\n\n\n\n<li>Encryption: All data is transmitted securely via HTTPS<\/li>\n\n\n\n<li>Authentication: SAML 2.0 Single Sign-On (SSO) supported<\/li>\n\n\n\n<li>Data control: Full control over data retention, deletion, and export<\/li>\n\n\n\n<li>Integrations: Data sharing with third-party tools is fully controlled by you<\/li>\n<\/ul>\n\n\n\n<p>If you require additional documentation, security questionnaires, or compliance attestations, please contact our team.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Legal Framework<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"security\">Terms of Service<\/h3>\n\n\n\n<p>When you create an account with Refiner, you agree to our Terms of Service and Privacy Policy. Both documents are designed with a strong emphasis on data protection, regulatory compliance, and information security.<\/p>\n\n\n\n<p>For Enterprise customers, we offer the option to execute custom agreements, including tailored Data Processing Agreements (DPAs) and additional contractual safeguards as required.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/refiner.io\/legal\/terms-of-service\/\" target=\"_blank\" rel=\"noreferrer noopener\">Terms of Service<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/refiner.io\/legal\/privacy-policy\/\" target=\"_blank\" rel=\"noreferrer noopener\">Privacy Policy<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Roles &amp; Responsibilities<\/h3>\n\n\n\n<p>Refiner provides the tools and infrastructure to support compliance, but you are responsible for configuring your implementation in accordance with applicable laws.<\/p>\n\n\n\n<p>Generally speaking<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>You (the customer)<\/strong> act as the <strong>data controller<\/strong>, deciding what data is collected and how it is used.<\/li>\n\n\n\n<li><strong>Refiner<\/strong> acts as the <strong>data processor<\/strong>, processing data on your behalf.<\/li>\n<\/ul>\n\n\n\n<p>This means you are responsible for:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Defining the legal basis for data collection<\/li>\n\n\n\n<li>Informing users about how their data is used<\/li>\n\n\n\n<li>Handling user rights requests (access, deletion, etc.)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"protection\">Data Protection (GDPR, CCPA, &#8230;)<\/h3>\n\n\n\n<p>Refiner supports compliance with major international data protection regulations and healthcare standards. Our platform is designed to help you meet your regulatory obligations while maintaining full administrative control over your data.<\/p>\n\n\n\n<p>If you operate in the European Union or process data of EU residents, the <a href=\"https:\/\/refiner.io\/legal\/gdpr\/\" target=\"_blank\" rel=\"noreferrer noopener\">General Data Protection Regulation (GDPR)<\/a> applies.<\/p>\n\n\n\n<p>To stay compliant, you should:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Establish a valid legal basis for processing (e.g. legitimate interest or consent)<\/li>\n\n\n\n<li>Inform users about data collection in your privacy policy<\/li>\n\n\n\n<li>Provide mechanisms for users to access or delete their data<\/li>\n<\/ul>\n\n\n\n<p>Refiner supports:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Data access requests<\/li>\n\n\n\n<li>Data deletion requests<\/li>\n<\/ul>\n\n\n\n<p>We provide multiple technical and organizational mechanisms to support lawful data processing, subject access requests, deletion workflows, and controlled data retention.<\/p>\n\n\n\n<p>For detailed information, please refer to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/refiner.io\/legal\/gdpr\/\">GDPR compliance<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/refiner.io\/legal\/ccpa\/\">CCPA compliance<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/refiner.io\/legal\/hipaa\/\" target=\"_blank\" rel=\"noreferrer noopener\">HIPAA compliance<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"security\">Data Security (SOC 2) <\/h3>\n\n\n\n<p>Refiner applies industry-standard security measures to protect your data, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Encrypted data transmission (HTTPS)<\/li>\n\n\n\n<li>Secure infrastructure and access controls<\/li>\n\n\n\n<li>Ongoing monitoring and best practices for data protection<\/li>\n<\/ul>\n\n\n\n<p>As of June 2024, Refiner has successfully completed a SOC 2 Type II audit, which validates the operational effectiveness of our security controls over a defined audit period.<\/p>\n\n\n\n<p>For additional details on our security posture and to request a copy of our SOC 2 report, please refer to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/refiner.io\/legal\/soc-2\/\">SOC 2 Type II certification<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/refiner.io\/security-statement\/\">Security Statement<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Consent &amp; Tracking<\/h3>\n\n\n\n<p>Depending on how you use Refiner, you may need to obtain user consent before collecting data.<\/p>\n\n\n\n<p>This is especially relevant when:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Using the JavaScript SDK in combination with cookies or tracking technologies<\/li>\n\n\n\n<li>Operating in jurisdictions with strict consent requirements (e.g. EU ePrivacy Directive)<\/li>\n<\/ul>\n\n\n\n<p>Refiner\u2019s JavaScript SDK stores an anonymous user token in the browser\u2019s Local Storage to ensure consistent user recognition and correct survey delivery.<\/p>\n\n\n\n<p>No sensitive personal data is stored in Local Storage or cookies by default\u2014only the minimal technical identifiers necessary to operate the SDK.<\/p>\n\n\n\n<p>For more details, please refer to the dedicated documentation <a href=\"https:\/\/refiner.io\/docs\/kb\/javascript-client\/web-storage-cookies\/\">page<\/a>.<\/p>\n\n\n\n<p>You are responsible for:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Integrating Refiner with your consent management solution (if applicable)<\/li>\n\n\n\n<li>Respecting user preferences regarding tracking and data collection<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Accessibility<\/h3>\n\n\n\n<p>We are committed to making our surveys accessible to all users by following established accessibility best practices. This includes using semantic HTML, ensuring proper keyboard navigation, and maintaining compatibility with assistive technologies. Accessibility is an ongoing effort, and we continuously work to identify and address potential barriers. We welcome feedback from our users to help us improve and provide a more inclusive experience for everyone.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Data Lifecycle<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Data Collected<\/h3>\n\n\n\n<p>Refiner may process the following types of data:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>User identifiers (e.g. user ID, email address)<\/li>\n\n\n\n<li>User traits (e.g. plan, role, custom attributes)<\/li>\n\n\n\n<li>Events (user actions, if tracked)<\/li>\n\n\n\n<li>Survey responses (including free-text feedback)<\/li>\n<\/ul>\n\n\n\n<p>We recommend only sending data that is necessary for your use case. Avoid sending sensitive personal data unless absolutely required.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Data Residency<\/h3>\n\n\n\n<p>Your personal data, your imported user data, as well as data we collect on your behalf from your users, is safely stored in our AWS cloud in the EU-WEST-1 (Ireland) data center. The physical data residency of your user data is in Europe at all times.<\/p>\n\n\n\n<p>Your user data stays within our data center at all times. We are not sending any of your user data to third party sub-processors.<\/p>\n\n\n\n<p>We might send data about our customers (your name, company, email, &#8230;) to third party providers, such as our CRM or email sending solution. We are committed to anonymize personal data as much as possible in that case.<\/p>\n\n\n\n<p>We don&#8217;t store any payment information and don&#8217;t process payments on our own infrastructure. We are using Stripe and Chargebee for all payment related matters. Stripe and Chargebee are both PCI compliant services.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Data Retention<\/h3>\n\n\n\n<p>By default, user data remains stored in your account environment until:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You cancel your subscription<\/li>\n\n\n\n<li>You delete the environment<\/li>\n\n\n\n<li>You manually delete user records<\/li>\n<\/ul>\n\n\n\n<p>You maintain full administrative control over data retention. We recommend:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Regularly reviewing stored data<\/li>\n\n\n\n<li>Deleting data that is no longer needed<\/li>\n\n\n\n<li>Aligning retention policies with your legal requirements<\/li>\n<\/ul>\n\n\n\n<p>We provide various mechanism allowing you to delete individual user records on demand or delete old user profiles automatically after a certain time of inactivity.<\/p>\n\n\n\n<p>At any given moment you can choose to delete individual user profiles or groups of users. You can do this on the&nbsp;<a href=\"https:\/\/refiner.io\/docs\/kb\/segmentation\/introduction\/\">User Segments<\/a>&nbsp;page.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Sub-processors<\/h3>\n\n\n\n<p>By default, no user data is shared with third party sub-processors other than our hosting provider AWS Europe.<\/p>\n\n\n\n<p>Refiner uses a limited number of trusted sub-processors to operate and deliver the service, such as infrastructure and payment providers. These vendors are carefully selected and bound by strict data protection and security requirements.<\/p>\n\n\n\n<p>If you choose to use our <a href=\"https:\/\/refiner.io\/docs\/kb\/alerts\/email-alerts\/\">email alert<\/a> features, user data will be shared with our email service provider Customer.io. If you choose to use IP address based geo targeting, we&#8217;ll send anonymized IP addresses to our IP geocoding provider. <\/p>\n\n\n\n<p>A full list of our sub-processors can be found in our GDPR Data Processing Agreement template.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Third-Party Integrations<\/h3>\n\n\n\n<p>Refiner can send data to third-party tools (e.g. Slack, CRM systems, data warehouses).<\/p>\n\n\n\n<p>When using integrations:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ensure those tools meet your compliance requirements<\/li>\n\n\n\n<li>Understand what data is being shared and why<\/li>\n\n\n\n<li>Update your privacy policy accordingly<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">AI Data Processing<\/h3>\n\n\n\n<p>Our AI-powered features (<a href=\"https:\/\/refiner.io\/docs\/kb\/customization\/multi-language-surveys\/\">AI Translations<\/a> and <a href=\"https:\/\/refiner.io\/docs\/kb\/responses\/response-tagging\/#ai-tags\">AI Tagging<\/a>) are designed with the same strict data protection principles that apply to the rest of our platform. We use AWS Bedrock to process AI requests within our secure infrastructure, ensuring that customer data does not leave our controlled environment and is not used to train external models. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Security &amp; Access<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Infrastructure<\/h3>\n\n\n\n<p>Our service is built using the Amazon Web Services (AWS) cloud. AWS offers robust security mechanisms to protect our infrastructure.<\/p>\n\n\n\n<p>Our networking infrastructure (routers, load balancers, DNS servers,&#8230;) are all managed by AWS.<\/p>\n\n\n\n<p>All communications are performed through end-to-end HTTPS encryption.<\/p>\n\n\n\n<p>Access to our network is strictly controlled using a VPN with network access control lists (ACL) and IP whitelisting.<\/p>\n\n\n\n<p>Our inbound and outbound network traffic is monitored and controlled using firewalls and IP whitelisting.<\/p>\n\n\n\n<p>We are using an industry-leading solution to mitigate our risk of Distributed Denial of Service (DDoS).<\/p>\n\n\n\n<p>We are using solutions to monitor the performance of our platform and log errors in our service.<\/p>\n\n\n\n<p>We commit to full transparency on all outages and service degradation. You can follow our system status in real time on our&nbsp;<a href=\"https:\/\/status.refiner.io\/\" target=\"_blank\" rel=\"noreferrer noopener\">public status page<\/a>.<\/p>\n\n\n\n<p>We are using separate environments for testing and production.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Application Security<\/h3>\n\n\n\n<p>We are following OWASP security best practices to protect our solution.<\/p>\n\n\n\n<p>We are restricting access to production data to authorized staff members only and protecting it by 2FA, VPN access, and IP Whitelisting.<\/p>\n\n\n\n<p>We are reviewing our code systematically for security vulnerabilities. We welcome responsible disclosure of vulnerabilities. We are strictly controlling who has access to our source code.<\/p>\n\n\n\n<p>We are monitoring and updating our dependencies to make sure none of them has know vulnerabilities.<\/p>\n\n\n\n<p>We are regularly performing automated penetration tests against all our endpoints. You can&nbsp;<a href=\"https:\/\/refiner.io\/contact\/\">contact us<\/a>&nbsp;to request our latest penetration test report.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Service Levels<\/h3>\n\n\n\n<p>Traditionally, Refiner had an uptime of 99.9% or higher. One of our top priorities is to provide uninterupted services at all times. You can follow our system status in real time on our&nbsp;<a href=\"https:\/\/status.refiner.io\/\" target=\"_blank\" rel=\"noreferrer noopener\">public status page<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Data Encryption<\/h3>\n\n\n\n<p>All data coming to or sending from our infrastructure is encrypted in transit using Transport Layer Security (TLS 1.2). All data in our system is encrypted at rest using AES 256-bit encryption algorithm.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Authentication &amp; Access Control<\/h3>\n\n\n\n<p>Refiner supports <em>SAML 2.0 Single Sign-On (SSO)<\/em> for secure and centralized authentication.<\/p>\n\n\n\n<p>With SAML SSO, you can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Manage user access through your identity provider (IdP)<\/li>\n\n\n\n<li>Enforce company-wide security policies (e.g. MFA)<\/li>\n\n\n\n<li>Simplify user provisioning and access management<\/li>\n<\/ul>\n\n\n\n<p>SAML SSO is recommended for teams with advanced security or compliance requirements. Please contact us to set up SAML SSO on your account.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Employees &amp; Contractors<\/h3>\n\n\n\n<p>We require all employees and contractors to sign a confidentiality agreement and comply with our cybersecurity policy. We are reviewing our cyber security policy every quater and train our team on security regularly.<\/p>\n\n\n\n<p>We enforce a device management policy (password strength and rotation, lock screen when leaving the desk, disk encryption, remote lock).<\/p>\n\n\n\n<p>Our employees and contractors must report all actual or suspected IT security incidents.<\/p>\n\n\n\n<p>By default, our employees and contractors don&#8217;t have access to user data. Exceptions can be made for customer support.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Bug Bounty Program<\/h3>\n\n\n\n<p>Refiner supports responsible disclosure and values the contributions of the security research community. If you discover a potential vulnerability, please <a href=\"https:\/\/refiner.io\/contact\/\">report it to us<\/a> with sufficient detail to allow for timely investigation and remediation.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Last reviewed: 2026-03-23 At a glance Refiner is designed to help you collect user feedback in a privacy-conscious and compliant way. This page outlines how Refiner handles data and what you need to consider when using the product. When using Refiner, you may send and process user data such as identifiers, attributes (traits), and survey [&#8230;]<\/p>\n<p><a class=\"btn btn-secondary understrap-read-more-link\" href=\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/\">Read More&#8230;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","template":"","knowledgebase_tag":[],"class_list":["post-26415","knowledgebase","type-knowledgebase","status-publish","hentry","knowledgebase_cat-getting-started"],"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","ab-block-post-grid-landscape":"","ab-block-post-grid-square":"","gb-block-post-grid-landscape":"","gb-block-post-grid-square":""},"post_excerpt_stackable_v2":"<p>Last reviewed: 2026-03-23 At a glance Refiner is designed to help you collect user feedback in a privacy-conscious and compliant way. This page outlines how Refiner handles data and what you need to consider when using the product. When using Refiner, you may send and process user data such as identifiers, attributes (traits), and survey responses. Depending on your use case and location, this data may be subject to data protection regulations. Here is a quick overview of what Refiner provides to help you stay compliant: Data hosting: AWS (eu-west-1, Ireland) Data residency: All user data is stored and processed&hellip;<\/p>\n","category_list_v2":"","author_info_v2":{"name":"Moritz Dausinger","url":"https:\/\/refiner.io\/docs\/author\/user\/"},"comments_num_v2":"0 comments","acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Legal &amp; Compliance<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Legal &amp; Compliance\" \/>\n<meta property=\"og:description\" content=\"Last reviewed: 2026-03-23 At a glance Refiner is designed to help you collect user feedback in a privacy-conscious and compliant way. This page outlines how Refiner handles data and what you need to consider when using the product. When using Refiner, you may send and process user data such as identifiers, attributes (traits), and survey [...]Read More...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"Refiner Documentation\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-23T14:36:18+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/\",\"url\":\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/\",\"name\":\"Legal &amp; Compliance\",\"isPartOf\":{\"@id\":\"https:\/\/refiner.io\/docs\/#website\"},\"datePublished\":\"2024-11-03T11:52:04+00:00\",\"dateModified\":\"2026-03-23T14:36:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/refiner.io\/docs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Legal &amp; Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/refiner.io\/docs\/#website\",\"url\":\"https:\/\/refiner.io\/docs\/\",\"name\":\"Refiner Documentation\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/refiner.io\/docs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/refiner.io\/docs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/refiner.io\/docs\/#organization\",\"name\":\"Refiner Documentation\",\"url\":\"https:\/\/refiner.io\/docs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/refiner.io\/docs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/refiner.io\/docs\/wp-content\/uploads\/2022\/11\/cropped-Group-8.png\",\"contentUrl\":\"https:\/\/refiner.io\/docs\/wp-content\/uploads\/2022\/11\/cropped-Group-8.png\",\"width\":400,\"height\":61,\"caption\":\"Refiner Documentation\"},\"image\":{\"@id\":\"https:\/\/refiner.io\/docs\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Legal &amp; Compliance","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/","og_locale":"en_US","og_type":"article","og_title":"Legal &amp; Compliance","og_description":"Last reviewed: 2026-03-23 At a glance Refiner is designed to help you collect user feedback in a privacy-conscious and compliant way. This page outlines how Refiner handles data and what you need to consider when using the product. When using Refiner, you may send and process user data such as identifiers, attributes (traits), and survey [...]Read More...","og_url":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/","og_site_name":"Refiner Documentation","article_modified_time":"2026-03-23T14:36:18+00:00","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/","url":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/","name":"Legal &amp; Compliance","isPartOf":{"@id":"https:\/\/refiner.io\/docs\/#website"},"datePublished":"2024-11-03T11:52:04+00:00","dateModified":"2026-03-23T14:36:18+00:00","breadcrumb":{"@id":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/refiner.io\/docs\/kb\/getting-started\/legal-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/refiner.io\/docs\/"},{"@type":"ListItem","position":2,"name":"Legal &amp; Compliance"}]},{"@type":"WebSite","@id":"https:\/\/refiner.io\/docs\/#website","url":"https:\/\/refiner.io\/docs\/","name":"Refiner Documentation","description":"","publisher":{"@id":"https:\/\/refiner.io\/docs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/refiner.io\/docs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/refiner.io\/docs\/#organization","name":"Refiner Documentation","url":"https:\/\/refiner.io\/docs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/refiner.io\/docs\/#\/schema\/logo\/image\/","url":"https:\/\/refiner.io\/docs\/wp-content\/uploads\/2022\/11\/cropped-Group-8.png","contentUrl":"https:\/\/refiner.io\/docs\/wp-content\/uploads\/2022\/11\/cropped-Group-8.png","width":400,"height":61,"caption":"Refiner Documentation"},"image":{"@id":"https:\/\/refiner.io\/docs\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/knowledgebase\/26415","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/knowledgebase"}],"about":[{"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/types\/knowledgebase"}],"author":[{"embeddable":true,"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/comments?post=26415"}],"version-history":[{"count":56,"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/knowledgebase\/26415\/revisions"}],"predecessor-version":[{"id":28365,"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/knowledgebase\/26415\/revisions\/28365"}],"wp:attachment":[{"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/media?parent=26415"}],"wp:term":[{"taxonomy":"knowledgebase_tag","embeddable":true,"href":"https:\/\/refiner.io\/docs\/wp-json\/wp\/v2\/knowledgebase_tag?post=26415"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}