Feona
Security & Privacy

Your data, your control

Feona is built to earn your trust. Here's exactly how we handle your data — no vague promises, no fine print.

What data we collect

  • Your public social media metrics (followers, engagement, post performance) — only from accounts you explicitly connect
  • Contract documents you upload for review — analyzed by AI, stored encrypted
  • Deal details you share (brand names, rates, timelines) — used to manage your pipeline
  • Conversation history with Feona — used to improve responses and remember your preferences

How data is stored

  • All data is stored in Supabase with encryption at rest (AES-256)
  • Data in transit is encrypted via TLS 1.3
  • Database access uses row-level security — you can only see your own data
  • Infrastructure hosted on AWS in the United States

How OAuth tokens are handled

  • Social platform tokens are encrypted with AES-256-GCM before storage
  • Email OAuth tokens (Gmail, Outlook) use the same AES-256-GCM encryption
  • Tokens are automatically refreshed before expiry — you never need to reconnect
  • We request only the minimum permissions needed for each feature

What we never do

  • We never post, comment, or send messages on your behalf without explicit approval
  • We never sell, share, or trade your data with third parties
  • We never store your passwords — all authentication goes through official OAuth flows
  • We never access data beyond what you have explicitly connected

Disconnecting accounts

  • You can disconnect any connected account instantly from Settings
  • Disconnecting revokes our access token immediately
  • Your historical data from that account is retained for your records unless you request deletion

Data deletion

  • You can request full account deletion by contacting us
  • Account deletion removes all your data, conversations, deals, and connected accounts
  • Deletion is permanent and processed within 30 days
  • Backups are purged on a rolling 90-day cycle

Automatic token refresh

Connected accounts (Instagram, Gmail, Outlook) use OAuth tokens that expire periodically. Feona automatically refreshes these tokens so your integrations stay connected. If a refresh fails, you'll be notified to reconnect — we never silently lose access.

Who's behind Feona

Feona is built by Wavefield LLC — a small team focused on giving creators the same tools that talent agencies charge 20% for. We're creators ourselves, so we understand what it means to trust a tool with your business data.

Have a security concern? Reach out at security@feona.ai

Questions? Email us at hello@feona.ai