Privacy Policy

Last updated July 19, 2025

Privacy Policy

Effective Date: July 19, 2025
Last Updated: July 19, 2025

1. Introduction

This Privacy Policy describes how Flow Spec Apps ("we," "us," or "our") collects, uses, protects, and shares your personal information when you use our services, website, and applications (collectively, the "Services"). We are committed to protecting your privacy and ensuring transparency about our data practices.

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Our Commitment to Your Privacy

We do NOT sell, rent, or share your personal data with third parties for their marketing purposes. Your personal information is yours, and we respect that fundamental principle.

3. Information We Collect

3.1 Information You Provide

  • Account registration information (name, email address, username)
  • Profile information you choose to provide
  • Communications with us (support requests, feedback)
  • Content you create or share through our Services

3.2 Information Automatically Collected

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • Log files and error reports
  • Location data (if permitted by your device settings)

3.3 Information from Third Parties

  • Social media profile information (if you choose to connect accounts)
  • Information from business partners (only as necessary to provide Services)

4. How We Use Your Information

We use your personal information to:

  • Provide, maintain, and improve our Services
  • Process transactions and send related information
  • Send technical notices, updates, and security alerts
  • Respond to your comments and questions
  • Analyze usage patterns to enhance user experience
  • Comply with legal obligations
  • Protect against fraudulent or illegal activity

5. Data Security and Storage

5.1 Encryption and Security

  • All personal data is stored in encrypted databases using industry-standard encryption protocols
  • All data transfers are protected via TLS (Transport Layer Security) encryption
  • We implement multi-layered security measures including:
    • Regular security audits and vulnerability assessments
    • Access controls and authentication protocols
    • Network security monitoring
    • Secure backup and recovery procedures

5.2 Data Storage Locations

Our data is primarily stored in secure data centers located in [SPECIFY REGIONS]. We may transfer data internationally as necessary to provide our Services, always with appropriate safeguards in place.

6. Your Rights and Choices

Under applicable privacy laws (including GDPR, CCPA, and others), you have the following rights:

6.1 Access Rights

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Information: Understand how your data is processed

6.2 Control Rights

  • Right to Correction: Request correction of inaccurate or incomplete data
  • Right to Deletion: Request deletion of your personal data ("right to be forgotten")
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Opt-Out: Opt out of the sale of personal information (we don't sell data, but you can still exercise this right)

6.3 Processing Rights

  • Right to Restrict Processing: Limit how we process your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

6.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at [PRIVACY_EMAIL] or use our privacy rights portal at [PRIVACY_PORTAL_URL]. We will respond to your request within the timeframes required by applicable law.

7. Data Retention

7.1 Retention Periods

We retain personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained while your account is active and for up to 2 years after account deletion
  • Usage Data: Aggregated and anonymized after 12 months
  • Support Communications: Retained for up to 3 years for quality assurance
  • Legal Compliance Data: Retained as required by applicable laws and regulations

7.2 Deletion Process

When retention periods expire, we securely delete or anonymize your personal information using industry-standard data destruction methods.

8. Cookies and Analytics

8.1 Cookies

We use cookies and similar tracking technologies to:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Provide personalized content and advertisements
  • Ensure security and prevent fraud

8.2 Types of Cookies

  • Essential Cookies: Required for basic website functionality
  • Analytics Cookies: Help us understand how visitors use our website
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Used to deliver relevant advertisements

8.3 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

8.4 Analytics Services

We use analytics services such as Google Analytics to understand usage patterns. These services may collect information about your use of our Services and other websites. You can opt out of Google Analytics by visiting Google Analytics Opt-out.

9. International Data Transfers

When we transfer personal data internationally, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws
  • Standard Contractual Clauses: EU-approved contractual protections
  • Binding Corporate Rules: Internal data protection standards
  • Certification Schemes: Industry-recognized privacy certifications

10. Children's Privacy (COPPA Compliance)

10.1 Age Restrictions

Our Services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

10.2 Discovery of Child Data

If we learn that we have collected personal information from a child under 13 without parental consent, we will:

  • Delete the information immediately
  • Take steps to prevent future collection
  • Notify parents if contact information is available

10.3 Parental Rights

Parents have the right to:

  • Review their child's personal information
  • Request deletion of their child's information
  • Refuse further collection or use of their child's information

11. California Privacy Rights (CCPA)

11.1 California Consumer Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising CCPA rights

11.2 Information Disclosure

We do not sell personal information as defined by the CCPA. In the past 12 months, we have not sold personal information of consumers.

12. Australian Privacy Principles (APP) Compliance

For Australian users, we comply with the Australian Privacy Principles:

  • We collect personal information fairly and lawfully
  • We use and disclose personal information only for stated purposes
  • We take reasonable steps to ensure data quality and security
  • We provide access to personal information upon request
  • We handle complaints through established procedures

13. Data Sharing and Third Parties

13.1 When We Share Information

We may share personal information only in these limited circumstances:

  • Service Providers: Trusted vendors who assist in providing our Services
  • Legal Requirements: When required by law, regulation, or legal process
  • Safety and Security: To protect the rights, property, or safety of our users
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

13.2 Third-Party Services

We may integrate with third-party services (payment processors, analytics providers). These services have their own privacy policies, and we encourage you to review them.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Post the updated policy on our website
  • Notify users of material changes via email or in-app notification
  • Update the "Last Updated" date at the top of this policy
  • Provide a summary of significant changes

Continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact Information

15.1 Privacy Officer

For privacy-related questions, concerns, or requests, contact our Privacy Officer:

Email: [PRIVACY_EMAIL]
Postal Address:
[COMPANY NAME]
[ADDRESS LINE 1]
[ADDRESS LINE 2]
[CITY, STATE, ZIP]
[COUNTRY]
Phone: [PRIVACY_PHONE]

15.2 Data Protection Officer (EU)

For EU residents, our Data Protection Officer can be reached at:
Email: [DPO_EMAIL]

15.3 Response Time

We will respond to privacy inquiries within:

  • 30 days for general inquiries
  • 72 hours for data breach notifications (where applicable)
  • As required by applicable law for rights requests

16. Complaints and Dispute Resolution

If you have concerns about our privacy practices:

16.1 Internal Process

  1. Contact our Privacy Officer using the information above
  2. We will investigate and respond within 30 days
  3. If unsatisfied, you may escalate to our senior management

16.2 External Authorities

You may also file complaints with relevant data protection authorities:

  • EU: Your local Data Protection Authority
  • California: California Attorney General
  • Australia: Office of the Australian Information Commissioner
  • Other jurisdictions: Relevant privacy regulatory bodies

This Privacy Policy is designed to comply with major privacy regulations including GDPR, CCPA, COPPA, and Australian Privacy Principles. However, specific legal requirements may vary by jurisdiction. We recommend consulting with legal counsel to ensure full compliance with all applicable laws.

Document Version: 1.0
Classification: Public
Review Schedule: Annual or as needed for regulatory changes