Fibbler Labs: Insights from $100M+ in ad spend across 300 SMB SaaS companies.Read the full report
Fibbler white logo

Features

Pricing

RESOURCES

LOGin

Start today

Privacy Policy for Fibbler

Last Updated: October 2025

Information about us

“Fibbler”, “we“, “our“ or “us“ means Fibbler AB are committed to protecting and respecting your privacy. This “Privacy Policy” sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting our “Website” www.fibbler.co you are accepting and consenting to the terms in this Privacy Policy. For the purpose of the Data Protection Act 1998 (the Act), the “Data Controller” is Fibbler AB, Kävlinge, Sweden, which is registered with the Swedish companies registration office (Org nr 559476-3491). If you have any questions about this Privacy Policy or our privacy practices, please contact us.

Contact information to responsible Fibbler party: legal@fibbler.co

Information Collection

When you register with Fibbler, we collect the following personal data:

  • Name
  • Email address
  • Company name

This information is essential for the use of our product and services.

Important: Fibbler does not process any personal data (PII) on behalf of our customers. The only personal data we handle is your email address, which is used to create and manage your Fibbler account. We do not process CRM contacts, personal identifiers, LinkedIn messages, or any sensitive information of any kind.

Use of Information

The personal data collected is used for the following purposes:

  • To enable full use of our product.
  • For marketing purposes, such as sending newsletters, if you opt-in to receive them.

Data Sharing and Disclosure

In order to provide our services effectively, Fibbler shares your personal data with specific third parties:

  • Email Marketing Services: For communication purposes, we will send you emails related to essential service notifications and account updates immediately upon signup. Additionally, you will receive our newsletter and other marketing communications, from which you may opt-out at any time if you choose not to receive them.
  • Payment Processing Services: To facilitate transactions and manage payment-related processes.

We ensure that these partners adhere to strict data protection and confidentiality standards, and we share only the necessary information required to perform these services.

Service-specific Data Processors

Fibbler uses the following EU-based sub-processors to deliver our services. All data processing occurs exclusively within the European Economic Area (EEA):

Sub-processorLocationPurposeData Processed
Google Cloud
(Cloud Run, Cloud SQL)		Belgium region (EU) (SOC 2, ISO 27001)Primary infrastructure and database hostingApplication data, LinkedIn ads data
Fly.ioEU region (SOC 2 Type 2 certified)Application hosting and server infrastructureProcesses application requests and scheduled jobs
RedisEU-hostedCaching layerTemporary session and cache data
SentryEU-hostedError monitoring and loggingError logs and performance metrics (no customer PII)
ResendEU-hostedTransactional email deliveryEmail addresses for account notifications only
HubSpotEU data hostingMarketing emails, announcements, updatesContact email for company communications only
StripeEU operationsPayment processingBilling metadata only; no customer PII or data shared

Note: LinkedIn Insights (analytics) is used only on our marketing website (fibbler.co) for visitor analytics. It is not present on the Fibbler application (app.fibbler.co) and does not process any customer or application data.

All sub-processors are subject to strict security terms and GDPR compliance requirements. We continuously monitor our sub-processors to ensure they maintain appropriate security standards and EU data residency.

Data Storage and Caching

All data is hosted in the EU on Google Cloud's infrastructure, which operates in European regions. Our application services run on both Google Cloud and Fly.io, ensuring high availability and performance. No data is processed outside the EU.

For the purpose of improving user experience and optimizing performance, certain data may be temporarily stored in cache and encrypted on servers located within the European Union. The caching duration varies based on the type of data:

  • Session data and temporary user preferences: 2 hours
  • Static content and frequently accessed resources: up to 7 days

We store LinkedIn ads data in our database to improve performance and enable advanced analytics features. For customers using HubSpot CRM sync features, we also store company ID and domain information to improve performance and enable faster data matching. Other CRM data is still fetched in real time via API calls when you actively filter for it in the app.

Additionally, when users choose to share content with others, this shared data is stored in our database for a period of 7 days. This is separate from our caching system and applies specifically to user-shared content that has been explicitly designated for sharing with other users.

All stored data is encrypted at rest using AES-256 encryption before being stored in the database, ensuring that even if the database is compromised, the data remains secure. This combined approach of caching and database storage is designed to enhance website performance, reduce server load, and improve loading times while maintaining data security and privacy. Users retain full control over what content they choose to share and for how long.

Use of Aggregated and Anonymized Data

In addition to the handling of personal data described in this policy, Fibbler may use aggregated and anonymized company-level data (for example, advertising performance metrics and opportunity data) to generate industry benchmarks, trends reports, and similar insights. This data is processed in a way that ensures no individual or company can be identified.

Database Security & Access Controls

Our database infrastructure is protected by multiple layers of security:

  • Database access is restricted to whitelisted IP addresses only
  • All database connections are encrypted using TLS
  • Database accounts have minimal required permissions
  • Regular security updates and patches are applied
  • Database access is logged and monitored in real-time
  • Backup data is encrypted and stored separately

Only authorized personnel with specific business needs can access the database, and all access is logged and audited regularly.

Our Security Measures

We apply technical and organizational measures to protect your account and integrations, including:

  • Encrypted data transfer (TLS)
  • Database access restricted to whitelisted IP addresses only
  • Real-time monitoring and alerting
  • Access controls and internal audit logging
  • Dependency scanning and vulnerability alerts
  • Annual third-party security audits (Aikido)

We are not yet SOC 2 or ISO 27001 certified. However, we have completed an external security audit by Aikido Security and run real-time monitoring and alerts across all infrastructure and code.

International Data Transfers

There are no international data transfers as all data is stored within EU warehouses.

User Rights

As a user of Fibbler, you have the right to edit your personal information, including:

  • Name
  • Email address
  • Password
  • Two-factor authentication (2FA) settings
  • Company details

Cookies and Tracking Technologies

Fibbler uses cookies and similar tracking technologies to enhance your experience on our website. Specifically, we use the LinkedIn Insights Tag to help us understand the effectiveness of our advertising campaigns and to provide you with relevant advertising.

You have the option to accept or decline cookies. If you choose to accept cookies, the LinkedIn Insights Tag will be activated, and it may collect information such as your IP address, page views, and other browsing data. This information is used to improve our services and tailor our marketing efforts.

If you do not wish to have cookies set on your device, you can adjust your browser settings to refuse cookies or indicate when a cookie is being sent. Please note that if you disable cookies, some features of our website may not function properly.

Children's Privacy

Fibbler does not specify a minimum age for its users. However, we encourage parents and guardians to take an active role in their children's online activities.

Data Processing Agreements and Non-Disclosure Agreements

Most companies don't need extra paperwork to use Fibbler. But we understand that larger organizations may have vendor vetting, legal, or procurement requirements.

We now offer:

  • A standard Data Processing Agreement (DPA) aligned with GDPR
  • A Mutual Non-Disclosure Agreement (NDA) for vendor evaluation

These documents are available upon request. Just email support@fibbler.co and we'll be happy to help.

Changes to the Privacy Policy

Fibbler reserves the right to update this Privacy Policy periodically, and the latest version will always be available on the Fibbler website. When significant changes occur, we will endeavor to notify you via email to the address linked with your account, if appropriate. We encourage you to regularly review this policy for any modifications or updates. By continuing to use the Services after being informed of any amendments taking effect, you consent to the updated Privacy Policy. Should you disagree with the changes made to the Privacy Policy, you are advised to cease using the Services immediately.

Contact Information

For any privacy-related inquiries or concerns, please contact us at support@fibbler.co.