Privacy Policy

Last updated: 09.06.2025

1. Introduction

Flowthings by Codamy ("we", "us", or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Flowthings platform ("Service").

By using our Service, you consent to the data practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide directly to us, including:

Account Information:

• Name and email address
• Username and password
• Company name and role (if applicable)
• Profile information you choose to provide

Service Data:

• Content you create, upload, or store in the Service
• Communications you send through the Service
• Support requests and correspondence

Payment Information:

• Billing address and payment method details
• Payment information is processed by our third-party payment processors and is not stored on our servers

2.2 Information We Collect Automatically

When you use our Service, we automatically collect certain information:

Usage Information:

• Log data (IP address, browser type, operating system)
• Pages visited and time spent on the Service
• Features used and actions taken
• Device information and unique device identifiers

Cookies and Similar Technologies:

• We use cookies, web beacons, and similar technologies to enhance your experience
• You can control cookie preferences through your browser settings
• Some features may not function properly if cookies are disabled

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Authentication services (if you sign up using social media or SSO)
• Payment processors
• Analytics providers
• Integration partners (if you connect third-party services)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Authenticate users and prevent fraud
• Provide customer support

3.2 Communication

• Send you technical notices and support messages
• Respond to your comments and questions
• Send marketing communications (with your consent)
• Notify you about changes to our Service or policies

3.3 Analytics and Improvement

• Analyze usage patterns and trends
• Develop new features and functionality
• Conduct research and analytics
• Monitor and analyze the effectiveness of marketing campaigns

3.4 Legal and Security

• Comply with legal obligations
• Protect against fraud and abuse
• Enforce our Terms of Service
• Protect the rights and safety of our users

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with third-party service providers who perform services on our behalf:

• Cloud hosting providers
• Payment processors
• Email service providers
• Analytics providers
• Customer support tools

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Legal process or government requests
• Protect against fraud or security threats
• Enforce our agreements and policies
• Protect the rights and safety of our users

4.4 With Your Consent

We may share information for any other purpose with your explicit consent.

5. Data Security

5.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Employee training on data protection

5.2 Limitations

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Data Retention

6.1 Retention Periods

We retain your information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Fulfill the purposes described in this Privacy Policy

6.2 Data Deletion

• Account data is deleted within [30] days of account closure
• Some information may be retained longer for legal or legitimate business purposes
• You can request deletion of your data by contacting us

7. Your Rights and Choices

7.1 Access and Control

You have the right to:

• Access your personal information
• Update or correct your information
• Delete your account and associated data
• Export your data in a portable format
• Restrict or object to certain processing

7.2 Communication Preferences

You can:

• Opt out of marketing communications at any time
• Update your email preferences in your account settings
• Contact us to update your communication preferences

7.3 Cookie Controls

You can:

• Disable cookies through your browser settings
• Use browser extensions to block tracking
• Opt out of certain analytics services

8. International Data Transfers

8.1 Cross-Border Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

8.2 EU Users

For users in the European Economic Area (EEA), we comply with GDPR requirements for international data transfers, including:

• Standard Contractual Clauses
• Adequacy decisions
• Other appropriate safeguards

9. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover we have collected information from a child under 16, we will delete it promptly.

10. Third-Party Links and Services

10.1 External Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

10.2 Integrations

If you connect third-party services to our platform, their privacy policies will govern how they handle your information.

11. Regional Privacy Rights

11.1 European Union (GDPR)

If you are in the EU, you have additional rights under GDPR:

• Right to portability
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to object to processing
• Right to lodge a complaint with supervisory authorities

11.2 California (CCPA)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

11.3 Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification (for significant changes)
• Providing notice through the Service

Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

13. Contact Us

13.1 Privacy Questions

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

• Email: jan_riis@codamy.io

13.2 Data Protection Officer

If required by law, our Data Protection Officer can be contacted at:

• Email: [DPO EMAIL]

13.3 Exercise Your Rights

To exercise your privacy rights or make requests regarding your personal information:

• Email: jan_riis@codamy.io

---

This Privacy Policy is effective as of the date listed above and applies to all information collected by [COMPANY NAME].