FlowDrop

Flowdrop Privacy Policy

Effective Date: July 22, 2025

1. Who We Are

Flowdrop, Inc. ("Flowdrop," "we," "our," or "us") provides an AI‑powered visual workflow builder available at https://flowdrop.xyz (the "Service").

2. Scope

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Service, including when you sign in with Google OAuth.

3. Information We Collect

3.1 Google Account Information (OAuth)

  • Google user ID
  • Name
  • Email address
  • Profile picture URL

Scopes requested: "email" and "profile" only.

3.2 Other Information You Provide

  • Account credentials you set (e.g., password if you create one)
  • Content created in the Flowdrop builder (workflow metadata)
  • Support requests, feedback, or survey responses

3.3 Automatically Collected Information

  • Usage data (pages visited, nodes created, interactions)
  • Device and log data (IP address, browser type, date/time)

4. How We Use Information

We use your information to:

  • Authenticate and secure your account
  • Save and synchronize your workflows
  • Personalize your experience
  • Provide customer support
  • Monitor, analyze, and improve the Service
  • Communicate product updates and marketing (with your opt‑out consent)

5. Google User Data – Limited Use Compliance

We handle Google user data in accordance with Google's Limited Use requirements:

  • We only use Google user data to provide user‑facing features that are prominent in Flowdrop (e.g., signing in and displaying your name and avatar).
  • We do not transfer or sell Google user data to third parties, except as necessary to operate the Service with your consent, for security, or to comply with the law.
  • Humans do not read Google user data unless (i) you give us explicit permission; (ii) it is required for security or legal compliance; or (iii) the data is aggregated and anonymized for internal operations.
  • We do not use Google user data for advertising, creditworthiness, or lending decisions.

6. Legal Bases (EEA/UK)

We rely on contract (Art. 6(1)(b) GDPR) to process Google OAuth data needed to provide the Service, and on legitimate interests (Art. 6(1)(f)) or consent (Art. 6(1)(a)) for analytics and marketing.

7. Sharing of Information

We share information only with:

  • Service providers who process data under strict data‑processing agreements (e.g., hosting on Vercel and Supabase, analytics, payment processors).
  • Authorities if required by law or to protect rights and safety.
  • In connection with a merger, acquisition, or sale of assets, with notice to you.

We do not sell personal information.

8. Data Retention & Deletion

We retain account data while your account is active. You may delete your account at any time from your profile settings; this permanently deletes your workflows and Google user data within 30 days unless longer retention is required by law.

You may revoke Flowdrop's access to your Google account at https://myaccount.google.com/permissions.

9. Security

We use TLS encryption in transit, AES‑256 encryption at rest, least‑privilege access controls, periodic security reviews, and continuous monitoring. No method of transmission or storage is completely secure, but we strive to protect your data.

10. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or restrict your personal information, object to processing, opt out of marketing, or export your data. Email [email protected] to exercise these rights. California residents may exercise CCPA rights; we do not sell personal information.

11. Children

Flowdrop is not directed to children under 13, and we do not knowingly collect their data.

12. International Transfers

We store data in the United States. When transferring data internationally, we rely on Standard Contractual Clauses or other lawful mechanisms.

13. Changes to This Policy

We may update this Policy periodically. We will post the new version on our site and, if material, notify you by email or in‑product notice. The "Effective Date" above will reflect the latest revision.

14. Contact

Flowdrop, Inc.
Attn: Flowdrop Team
7905 Hope Valley Ct, Adamstown, MD, 21710, USA
Email: [email protected]