Privacy Policy

PRIVACY POLICY FOR FLWKIT This Privacy Policy ("Policy") describes how SIA ByteMind, a company registered in Latvia ("Company", "we", "us", or "our"), collects, uses, stores, and protects your personal information when you use the FlwKit service, including the website located at https://flwkit.com (the "Website"), the FlwKit dashboard, API, SDK, and all related services (collectively, the "Service"). By accessing or using the Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree with our policies and practices, please do not use the Service. 1. DATA CONTROLLER The data controller responsible for processing your personal data is: SIA ByteMind Latvia Email: hello@flwkit.com 2. INFORMATION WE COLLECT We collect several types of information from and about users of our Service: 2.1 Account Information When you create an account, we collect: - Name (if provided) - Email address - Profile image (if provided via Google OAuth) - Password (encrypted, if using email authentication) - Authentication tokens and session identifiers 2.2 Payment and Subscription Information When you subscribe to a paid plan, we collect: - Subscription plan details (Free or Indie) - Subscription ID (from Polar.sh or Stripe) - Customer ID (from payment processors) - Payment processor account information (processed by third-party payment processors, not stored on our servers) 2.3 User Content When you use the Service, we collect and store: - Apps you create - Flows, screens, and flow versions you design - A/B tests and experiments you configure - Team information (team name, team members, roles) - Flow configurations, styling, and content 2.4 Analytics and Usage Data When users interact with flows via the SDK, we collect: - Flow start and completion events - Screen view events - User interactions (button clicks, choice selections, form submissions) - Session identifiers - User identifiers (if provided by your application) - Timestamps of events - Device and browser information (if available) 2.5 Technical Information We automatically collect certain technical information: - IP address - Browser type and version - Device information - Operating system - Referral URLs - Pages visited and time spent on pages - Cookies and similar tracking technologies 2.6 Communication Data When you contact us or use our support features, we collect: - Email communications - Support requests and responses - Feedback and survey responses 3. HOW WE USE YOUR INFORMATION We use the information we collect for the following purposes: 3.1 Service Provision - To provide, maintain, and improve the Service - To authenticate and authorize your access to the Service - To process your subscription and manage billing - To enable team collaboration and member management - To deliver flows to your mobile applications via the SDK 3.2 Analytics and Performance - To track and analyze flow performance - To generate analytics reports and insights - To measure user engagement and conversion rates - To conduct A/B tests and experiments - To identify and fix technical issues 3.3 Communication - To send you service-related notifications (e.g., account updates, subscription changes) - To respond to your inquiries and provide customer support - To send you important updates about the Service - To send team invitations and collaboration notifications 3.4 Legal and Security - To comply with legal obligations - To enforce our Terms of Service - To protect the rights, property, or safety of the Company, our users, or others - To detect, prevent, or address fraud, security, or technical issues 4. LEGAL BASIS FOR PROCESSING (GDPR) If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds: 4.1 Contractual Necessity We process your account information, user content, and payment data to perform our contract with you and provide the Service. 4.2 Legitimate Interests We process analytics data, technical information, and usage data based on our legitimate interests in: - Improving and optimizing the Service - Understanding how users interact with flows - Ensuring security and preventing fraud - Providing customer support 4.3 Consent We process certain data (such as marketing communications) based on your consent, which you may withdraw at any time. 4.4 Legal Obligations We process data to comply with legal obligations, such as tax and accounting requirements. 5. DATA SHARING AND DISCLOSURE We do not sell your personal information. We may share your information in the following circumstances: 5.1 Service Providers We share data with trusted third-party service providers who assist us in operating the Service: - Payment processors (Polar.sh, Stripe) - for subscription and payment processing - Authentication providers (Google OAuth) - for user authentication - Email service providers (Resend) - for sending emails and notifications - Cloud hosting providers - for data storage and infrastructure - Analytics services - for service performance monitoring These service providers are contractually obligated to protect your data and use it only for the purposes we specify. 5.2 Business Transfers If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership. 5.3 Legal Requirements We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to: - Comply with legal obligations - Protect our rights or property - Prevent or investigate wrongdoing - Protect the safety of users or the public 5.4 With Your Consent We may share your information with third parties when you explicitly consent to such sharing. 6. DATA RETENTION We retain your personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law: - Account information: Retained while your account is active and for a reasonable period after account deletion to comply with legal obligations - User content: Retained until you delete it or your account is deleted - Analytics data: Retained for up to 2 years for historical analysis - Payment records: Retained for 7 years to comply with tax and accounting requirements - Communication records: Retained for 3 years for customer support purposes When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes. 7. YOUR RIGHTS (GDPR) If you are located in the EEA or other jurisdictions with similar data protection laws, you have the following rights: 7.1 Right of Access You have the right to request access to the personal information we hold about you and receive a copy of that data. 7.2 Right to Rectification You have the right to request correction of inaccurate or incomplete personal information. 7.3 Right to Erasure ("Right to be Forgotten") You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, legitimate interests). 7.4 Right to Restrict Processing You have the right to request that we restrict the processing of your personal information in certain circumstances. 7.5 Right to Data Portability You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit that data to another controller. 7.6 Right to Object You have the right to object to processing of your personal information based on legitimate interests or for direct marketing purposes. 7.7 Right to Withdraw Consent If processing is based on consent, you have the right to withdraw your consent at any time. To exercise any of these rights, please contact us at hello@flwkit.com. We will respond to your request within 30 days. 8. COOKIES AND TRACKING TECHNOLOGIES We use cookies and similar tracking technologies to collect and store information about your use of the Service: 8.1 Types of Cookies - Essential cookies: Required for the Service to function (e.g., authentication, session management) - Functional cookies: Enhance functionality and personalization (e.g., preferences, language settings) - Analytics cookies: Help us understand how users interact with the Service 8.2 Local Storage We use browser local storage to: - Store authentication tokens - Remember your selected app - Store user preferences 8.3 Managing Cookies You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of the Service. 9. DATA SECURITY We implement appropriate technical and organizational measures to protect your personal information: - Encryption of data in transit (HTTPS/TLS) - Encryption of sensitive data at rest - Secure authentication and authorization mechanisms - Regular security assessments and updates - Access controls and employee training - Secure data centers and infrastructure However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. 10. INTERNATIONAL DATA TRANSFERS Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. When we transfer data from the EEA to countries outside the EEA, we ensure appropriate safeguards are in place, such as: - Standard Contractual Clauses approved by the European Commission - Adequacy decisions by the European Commission - Other legally recognized transfer mechanisms 11. CHILDREN'S PRIVACY The Service is not intended for children under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at hello@flwkit.com, and we will delete such information. 12. THIRD-PARTY LINKS AND SERVICES The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access. 13. CHANGES TO THIS PRIVACY POLICY We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by: - Posting the updated Policy on this page - Updating the "Last Updated" date - Sending you an email notification (for significant changes) Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Policy. 14. CALIFORNIA PRIVACY RIGHTS (CCPA) If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA): - Right to know what personal information is collected, used, shared, or sold - Right to delete personal information - Right to opt-out of the sale of personal information (we do not sell personal information) - Right to non-discrimination for exercising your privacy rights To exercise these rights, please contact us at hello@flwkit.com. 15. CONTACT US If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: Email: hello@flwkit.com We will respond to your inquiry within 30 days. 16. DATA PROTECTION OFFICER For data protection inquiries, you may contact us at hello@flwkit.com. --- By using FlwKit, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.