Anonymity, plain and simple

We built it so we literally can't tell who answered what.

Anonymity isn't a setting here. It's how we designed the application from day one. Here's exactly what we do and don't know about your group, in plain language.

Here's everything we know about your answer.

When you tap an option, we record what you picked and the day you picked it. That's it. We don't store who you are, where you are, when you clicked during the day, whether you opened the email, or anything else that could pin the answer back to you later.

What we know

  • That an answer was recorded
  • Which option was picked
  • The day the answer arrived
  • How many people in the group answered

What we never know

  • Who answered
  • Where they answered from
  • Their location, IP, or any other identifying signal that could point back to them outside what their manager already knows about the team
  • What time of day they clicked
  • Whether they opened the email
  • Anything that could point back to them later

How one answer moves through our system.

Four steps. Each one designed so the next one can't undo the privacy of the one before it.

1

We email a link

Each person in your group gets their own one-time code inside their email link. The code is how we know the click is real.

2

The code only lives in the link

What we keep on our end is a scrambled version, not the real code. Enough to tell a real click from a fake one. Not enough to point back at a person.

3

Answer saved. Code expires.

We write down the option you picked and the day. The link becomes unusable. Nothing else is stored.

4

No line back to you

Your answer and your name live in completely separate places. There's no trail connecting one to the other. Even we couldn't match them up if we tried.

The promises we keep.

No invisible trackers. Question emails don't contain the tiny hidden images other tools use to track when you open a message. If you open it, we don't know.
No name attached to answers. The connection between who you are and what you clicked simply doesn't exist. Not hidden, not encrypted, just never created in the first place.
Small groups are protected. Results only show up once enough people have answered. Until then, nothing is visible. No guessing from partial numbers.
No clock-level timing. We store the day you answered, never the exact minute. So there's no "Dave is always the first one to answer on Monday mornings, so that complaint must be from him" pattern to pick apart later.
Results stay sealed. Nobody sees today's answers, including your manager, until tomorrow's question is sent. No real-time peeking.

Still have a question?

Visit our help center. We'll answer it plainly.

Start free. No card