Security Overview
This page summarizes Ferndesk's security posture as it relates to GitHub access, customer source code handling, AI processing, data retention, compliance status, and third-party service providers.
Topic | Summary |
|---|---|
Encryption | Data is encrypted in transit. Integration credentials are encrypted before storage. |
Access control | Access to Ferndesk is limited to authenticated users and authorized workspace roles. |
Data retention | Customer content is retained for the duration of the subscription and deleted within 30 days of termination or deletion request. |
Source code storage | Ferndesk does not store customer source code in its product databases. |
Source code indexing | Ferndesk does not build or maintain a persistent search or embedding index of customer source code. |
Temporary analysis | Repository analysis uses temporary, time-limited workspaces that are automatically cleaned up. |
AI training | Customer source code is not used to train Ferndesk models or third-party foundation models. |
Current compliance status | Ferndesk is not currently SOC 2 certified. SOC 2 Type I is in progress. |
Security Controls
Data is encrypted in transit.
Integration credentials are encrypted before storage.
Raw support-ticket message payloads are stored encrypted.
PII in support tickets are redacted during processing
GitHub webhook signatures are validated before webhook events are accepted.
Access to Ferndesk is limited to authenticated users and authorized workspace roles.
Data Handling
Ferndesk stores the account, configuration, help-center, billing, and service data required to operate the service.
If a customer connects support systems, Ferndesk may process support conversations and related metadata to identify documentation gaps and draft updates.
If a customer connects GitHub, repository data is processed only for the documentation-related workflows the customer enables.
Codebase access
Ferndesk connects to GitHub through a GitHub App when a customer enables that integration.
GitHub access is read-only.
Ferndesk uses read-only repository access to analyze repository contents, commit history, and pull request context for documentation workflows.
Ferndesk does not require write, admin, repository-management, or organization-administration permissions.
GitHub App installation can be restricted to specific repositories only.
Ferndesk uses pull request webhooks to detect merged changes and trigger documentation review workflows.
Ferndesk does not use GitHub access to write back to repositories, merge pull requests, change repository settings, or perform repository administration.
Source code handling
Ferndesk does not store customer source code in its product databases.
Ferndesk does not build or maintain a persistent search or embedding index of customer source code.
Ferndesk's persistent search systems are used for published knowledge content and related search data, not customer source code.
When code analysis is required, Ferndesk uses temporary, time-limited repository workspaces that are automatically cleaned up.
Ferndesk retains only limited repository metadata needed to manage documentation workflows, such as repository name, pull request reference, merge timestamp, and generated change summaries.
In practice, Ferndesk may temporarily process repository contents in order to draft or evaluate documentation updates, but Ferndesk does not turn customer source code into a persistent product database record or a long-lived code-search index.
AI Processing
Ferndesk uses third-party AI services to generate drafts, summaries, and embeddings used in documentation workflows.
OpenRouter is used for model routing and generation.
Google Vertex AI is used for embeddings and related model services.
These services process the inputs required to complete the requested workflow.
Ferndesk does not use customer source code for model training.
Ferndesk's AI features are used to assist with documentation generation, summarization, classification, and search. They are not used to build a reusable training corpus from customer source code.
Data Retention and Deletion
Customer content is retained for the duration of the subscription.
Customer content is deleted within 30 days of termination or deletion request, unless a shorter deletion window applies.
Backup copies are overwritten within 60 days.
Billing, audit, and security logs may be retained longer where required for legal, accounting, or security purposes.
Deleting a workspace removes associated managed search data used by Ferndesk.
Raw support-ticket message payloads are handled separately from long-lived documentation outputs. Where Ferndesk stores raw support message data for processing, those payloads are encrypted.
Compliance Status
Ferndesk is not currently SOC 2 certified.
SOC 2 Type I is in progress.
Ferndesk does not currently publish a public trust center.
Ferndesk does not currently have a SOC report available to share under NDA.
Subprocessors and Service Providers
Core service providers
These providers support the hosted product and may process customer or service data as part of Ferndesk's core operation.
Provider | Purpose |
|---|---|
Cloudflare | CDN, caching, and object storage infrastructure |
OpenRouter | AI model gateway for generation workflows |
Turbopuffer | managed search infrastructure for customer knowledge content |
Stripe | billing and payments |
Resend | email delivery and inbound email handling |
Bento | email delivery |
Sentry | application error monitoring |
Axiom | telemetry and traces |
Additional and limited-scope providers
These providers are used for narrower functions such as embeddings, product analytics, embeds, changelog widgets, and website attribution.
Provider | Purpose |
|---|---|
Google Vertex AI | embeddings and related model services |
Mixpanel | product and website analytics |
Featurebase | changelog and feedback widget |
Google Ads / | website attribution and marketing analytics |
Iframely | embed rendering and metadata retrieval |
Customer-enabled integrations such as GitHub, Zendesk, Intercom, Help Scout, Slack, and similar systems are separate from Ferndesk's subprocessors and are only used when enabled by the customer.
8. Security Review Requests
For security reviews, vendor due diligence, or DPA requests, contact [email protected].