Privacy Policy

At FlowDay AI, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your personal data and being transparent about how we handle it. This policy applies to all users of FlowDay AI, including our website, applications, and related services.

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies, please do not use our Service.

We collect information in several ways:

Information You Provide: • Account information (name, email, password) • Profile information (company name, job title) • Payment information (processed by our payment provider) • Content you create using our Service • Communications with our support team • Survey responses and feedback

Automatically Collected Information: • Device information (browser type, operating system) • IP address and approximate location • Usage data (features used, time spent) • Cookies and similar technologies • Log data and error reports

Information from Third Parties: • Social login providers (if you sign up via Google, GitHub, etc.) • Analytics providers • Payment processors

We use the information we collect to:

Provide Our Service: • Create and manage your account • Process payments and subscriptions • Deliver AI-powered features and functionality • Store and display your projects

Improve Our Service: • Analyze usage patterns and trends • Develop new features and improvements • Train and improve our AI models (with anonymized data) • Debug issues and improve performance

Communicate With You: • Send service updates and announcements • Respond to support requests • Send marketing communications (with your consent) • Notify you of security issues

Legal and Safety: • Comply with legal obligations • Protect against fraud and abuse • Enforce our Terms of Service • Respond to legal requests

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers: We share data with trusted third parties who assist in operating our Service, including: • Cloud hosting providers (AWS, Vercel) • Payment processors (Stripe, Paddle) • Analytics services (PostHog, Google Analytics) • Customer support tools • Email service providers

Business Transfers: If FlowDay AI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Legal Requirements: We may disclose information if required by law or if we believe disclosure is necessary to: • Comply with legal process • Protect our rights and property • Ensure safety of users or the public • Detect and prevent fraud

With Your Consent: We may share information for any other purpose with your explicit consent.

We use cookies and similar technologies to enhance your experience:

Essential Cookies: • Authentication and security • Session management • User preferences These are necessary for the Service to function and cannot be disabled.

Analytics Cookies: • Usage patterns and trends • Feature popularity • Error tracking You can opt out of analytics in your account settings.

Marketing Cookies: • Personalized advertisements • Conversion tracking You can manage these preferences in your browser settings.

Managing Cookies: Most browsers allow you to control cookies through settings. However, disabling certain cookies may limit your ability to use some features of our Service.

Do Not Track: We currently do not respond to "Do Not Track" browser signals as there is no industry standard for handling them.

We implement robust security measures to protect your information:

Technical Safeguards: • Encryption in transit (TLS/SSL) • Encryption at rest for sensitive data • Regular security audits and penetration testing • Secure development practices • Access controls and authentication

Organizational Measures: • Employee training on data protection • Limited access to personal data • Incident response procedures • Regular policy reviews

Data Retention: • Active account data: retained while account is active • Deleted account data: removed within 30 days • Backup data: removed within 90 days • Legal hold data: retained as required by law

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

You have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.

Correction: Request correction of inaccurate or incomplete data.

Deletion: Request deletion of your personal data (subject to legal requirements).

Portability: Request your data in a portable, machine-readable format.

Restriction: Request restriction of processing in certain circumstances.

Objection: Object to processing based on legitimate interests.

Withdraw Consent: Withdraw consent for processing based on consent.

To exercise these rights, contact us at privacy@flowdayai.com. We will respond within 30 days. We may need to verify your identity before processing requests.

Note: Some rights may be limited by applicable law or our legitimate business interests.

FlowDay AI operates globally. Your information may be transferred to and processed in countries other than your own.

Transfer Mechanisms: • Standard Contractual Clauses (SCCs) • Data Processing Agreements with vendors • Compliance with local data protection laws

For users in the European Economic Area (EEA): We ensure appropriate safeguards are in place before transferring personal data outside the EEA, in compliance with GDPR requirements.

For users in California: We comply with the California Consumer Privacy Act (CCPA). California residents have additional rights including the right to know, delete, and opt-out of sale of personal information. We do not sell personal information.

For users in other jurisdictions: We comply with applicable local data protection laws and will honor rights granted by such laws.

Our Service is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@flowdayai.com. We will take steps to delete such information.

If we discover we have collected information from a child without parental consent, we will delete that information as quickly as possible.

You can request deletion of your account and associated data at any time.

How to Delete Your Account: 1. Go to Account Settings → Delete Account 2. Confirm your decision 3. Your account will be scheduled for deletion

What Happens After Deletion: • Your account is immediately deactivated • Personal data is deleted within 30 days • Backup copies are deleted within 90 days • Some anonymized data may be retained for analytics

Data We May Retain: • Transaction records (for legal/tax purposes) • Anonymized/aggregated data • Information necessary to prevent fraud • Data required by applicable law

To request deletion, email: privacy@flowdayai.com

If you have questions or concerns about this Privacy Policy or our data practices:

Email: privacy@flowdayai.com Support: support@flowdayai.com

Data Protection Officer: For EU/EEA matters: dpo@flowdayai.com

Address: FlowDay AI, Inc. [Address to be added]

We aim to respond to all inquiries within 30 days.

For urgent privacy concerns, please include "URGENT" in your email subject line.