Roles
- Controller: for our website/app account data and support interactions.
- Processor: for uploaded subscriber lists and campaign data. You determine purposes; we act on your instructions.
Lawful Bases & Purposes
Contract, legitimate interests, consent (where required), and legal obligations. Purposes include authentication, campaigns, analytics, fraud prevention, and support.
Data Subject Rights
Access, rectification, erasure, restriction, portability, objection, withdraw consent. Submit requests to flowasisc@gmail.com. Subscribers of our customers should contact the customer (controller); we assist as processor.
Security
- TLS in transit; secure password hashing
- Role-based access and audit logs
- Backups with restricted access
- Vendor due diligence; least privilege
Sub-processors
- Hostinger — cloud hosting & infrastructure
- Razorpay — payment processing & billing
- Google Analytics — usage analytics
We impose confidentiality and data-protection obligations in contracts.
International Transfers
Where data is transferred outside the EEA/UK, we rely on safeguards (e.g., SCCs), vendor commitments, and technical measures.
Incident Response
We detect, assess, and respond to incidents. Where required, we notify affected customers and/or authorities without undue delay.
Retention & Children
We retain data only as long as needed or required by law. Services aren’t intended for children under 16; if discovered, we’ll delete the data.
Contact: flowasisc@gmail.com