Case study · Privacy · SaaS

AnonaVoice: a privacy-first anonymous feedback platform.

Secure, two-way communication between organisations and the people they serve — with zero personally identifying data, by design, not by promise.

Visit AnonaVoice Build something similar
At a glance
  • Product: Anonymous, two-way messaging platform for organisations
  • Built for: HR teams, government bodies, schools, customer-feedback programs
  • Differentiator: Zero PII collected — no login, no IP logging, no fingerprinting
  • Hosting: Sydney (AU), AES-256 at rest, TLS 1.3 in transit, Australian Privacy Act compliant

The problem we kept seeing

Across our consulting work, the same gap kept surfacing: organisations needed honest feedback from the people they served — but the existing tools failed them in opposite directions.

One category was invasive — feedback platforms that collected emails, IP addresses, browser fingerprints, or "anonymity tokens" that quietly weren't anonymous. People learned not to trust them. The feedback dried up, or never started.

The other was broken — anonymous feedback boxes that took information one-way. You could submit a concern, but the organisation couldn't ask a follow-up question. Real conversations couldn't happen. The most important feedback — whistleblowing concerns, safety incidents, mental health disclosures — needs dialogue, not a black hole.

Either you couldn't trust the channel, or the channel couldn't have a conversation. Neither worked.

The design constraint: zero PII

We started with one rule: no personally identifying information would ever enter the system. Not via login (there isn't one). Not via IP logging (we don't). Not via browser fingerprinting (intentionally disabled). Not via metadata leakage (audited at the schema level).

This is harder than it sounds. Modern web platforms collect identity by default in a hundred small ways. We had to actively design against that — choosing storage patterns, request paths, and even server logging policies that made identifying a submitter impossible by design, not impossible by promise.

The technical innovation: two-way without identity

The hard part was making conversation possible without compromising anonymity. We solved it with cryptographic reply tokens: each submission generates a random, ephemeral token that the recipient can use to ask a follow-up question — without ever knowing who they're talking to.

The submitter holds the only link to their own token. If they lose it, the conversation ends — and that's the right behaviour. We never store a back-channel to reach them.

This turned anonymous feedback from a one-way drop box into something that can actually function as a feedback conversation. It's the architectural decision the platform turns on.

Where AnonaVoice fits

  • HR teams wanting candid employee voices — engagement, culture, wellbeing, harassment reporting
  • Government bodies wanting honest citizen feedback on policies and services
  • Schools where student safety depends on quiet kids being able to speak up
  • Customer-feedback programs for organisations serving vulnerable populations
  • Whistleblowing channels for any organisation taking compliance seriously

What's under the hood

  • Hosted in Sydney, Australia. Data residency matters for Australian Privacy Act compliance and for trust with public-sector buyers.
  • AES-256 encryption at rest. Even if storage is compromised, contents are unreadable.
  • TLS 1.3 in transit. Industry-standard secure transport.
  • Cryptographic reply tokens. The mechanism enabling two-way communication without identity.
  • No third-party trackers. No Google Analytics, no Facebook pixel, no marketing-tech residue. Visiting the platform is private by default.

What this case study tells you about how Stacksy works

AnonaVoice is the kind of thing we build: opinionated, principled, and shipped to a high standard rather than a high feature count. We made hard architectural choices upfront — choices that ruled out easy paths most software platforms take. That's the difference between custom software that fits your principles and off-the-shelf software that compromises them.

If you have a workflow or product idea where the principles are non-negotiable — privacy, compliance, sector-specific rules, regulatory evidence — that's the work we're built for.

Related

Got a principled product idea?

AnonaVoice started as an idea about what feedback could be if you took the principles seriously. The Discovery Program is where we start the same conversation about yours.

Apply for the Discovery Program