← Back to Home

Privacy Policy

Last Updated: November 27, 2025

1. Introduction

FlowMate ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our email intelligence platform ("Service").

By using FlowMate, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address, password
  • Email Account Access: OAuth tokens to access your Gmail and/or Outlook accounts
  • Profile Data: Preferences, settings, and customization choices
  • Payment Information: Processed securely through our payment processor (Stripe)

2.2 Email Data We Process

  • Email Content: Subject lines, sender information, recipients, email body, attachments metadata
  • Email Metadata: Timestamps, labels, categories, read/unread status
  • Thread Information: Conversation histories and relationships between emails

2.3 Automatically Collected Information

  • Usage Data: Features used, time spent, interaction patterns
  • Device Information: Browser type, operating system, IP address
  • Cookies and Tracking: Session cookies, analytics cookies, preference cookies
  • Log Data: Access times, pages viewed, error logs

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Provide AI-powered email intelligence, prioritization, and management
  • AI Processing: Analyze email content to generate summaries, extract action items, and identify priorities
  • Account Management: Create and maintain your account, authenticate access
  • Communication: Send service updates, security alerts, and support responses
  • Improvement: Analyze usage patterns to improve our Service and develop new features
  • Security: Detect fraud, prevent abuse, and protect user accounts
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. AI and Machine Learning

FlowMate uses artificial intelligence and large language models (LLMs) to analyze your email content. Here's how we handle this:

  • Processing Location: AI processing occurs on secure servers with enterprise-grade encryption
  • Model Training: We DO NOT use your email content to train our AI models without explicit consent
  • Third-Party AI: We may use third-party AI providers (e.g., OpenAI, Anthropic) under strict data processing agreements
  • Data Retention: Email content is processed in real-time and not stored longer than necessary

5. Data Sharing and Disclosure

We DO NOT sell your personal data or email content to third parties.

We may share your information only in the following circumstances:

  • Service Providers: Cloud hosting (Vercel), databases (Supabase), analytics (privacy-focused only)
  • AI Providers: OpenAI, Anthropic Claude (under strict DPAs with zero data retention policies)
  • Payment Processors: Stripe (for billing, under their privacy policy)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice to users)
  • With Your Consent: Any other disclosure with your explicit permission

6. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: TLS/SSL for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access, multi-factor authentication for staff
  • OAuth Security: We use OAuth 2.0 and never store your email passwords
  • Regular Audits: Security assessments and penetration testing
  • Monitoring: 24/7 security monitoring and incident response

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Data Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Correct inaccurate or incomplete information
  • Deletion: Request deletion of your data ("right to be forgotten")
  • Data Portability: Receive your data in a structured, machine-readable format
  • Restrict Processing: Limit how we use your data
  • Withdraw Consent: Revoke consent for email access at any time
  • Object: Object to processing based on legitimate interests

To exercise these rights, contact us at support@flowmate.click

8. Data Retention

  • Account Data: Retained for the duration of your account plus 90 days after deletion
  • Email Content: Processed in real-time, cached for 24 hours, then deleted
  • AI-Generated Summaries: Stored for 90 days unless you delete them
  • Usage Logs: Retained for 12 months for security and analytics
  • Legal Holds: Data may be retained longer if required for legal proceedings

9. International Data Transfers

FlowMate is based in the European Union (Poland). Your data is primarily stored and processed within the EU. If data is transferred outside the EU (e.g., to cloud service providers), we ensure adequate safeguards through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Compliance with GDPR, EU-U.S. Data Privacy Framework, and other data protection laws
  • Contractual obligations with third-party processors to maintain EU-equivalent protections

10. Children's Privacy

FlowMate is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@flowmate.click.

11. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Required for authentication and security
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Privacy-focused analytics (no personal data shared)

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to know what personal data we collect and how it's used
  • Right to delete personal data (with exceptions)
  • Right to opt-out of the "sale" of personal data (we do not sell data)
  • Right to non-discrimination for exercising your privacy rights

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under GDPR including:

  • Right to access, rectification, erasure, and data portability
  • Right to restrict or object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local data protection authority

Our legal basis for processing: Performance of contract, legitimate interests, and consent.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice in the Service

Your continued use of FlowMate after changes are posted constitutes acceptance of the updated policy.

15. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Email: support@flowmate.click

Company: FlowMate
Registered in European Union (Poland)

Data Protection Officer: support@flowmate.click

Terms of Service →Back to Home