Privacy Policy

Last Updated: March 26, 2026

At Flowre.io ("we," "us," or "our"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information and data from third-party integrations — including Google, YouTube, Meta (Facebook, Instagram), Telegram, LinkedIn, Twitter, Pinterest, and TikTok — when you use the Flowre.io platform and services (the "Service").

---

1. Information We Collect

A. Personal Information You Provide

When you register for an account, subscribe to a plan, or contact our support team, we may collect:

• Full name and email address
• Billing and payment information (processed securely via Stripe)
• Company name and profile details

B. Information from Third-Party Platform Integrations

To provide our social media management, CRM, and automation services, you may connect your Flowre.io account to the following third-party platforms. When you do so, we collect and process:

Google / YouTube:

• Google account profile information (name, email, profile picture) obtained via Google OAuth 2.0
• YouTube channel information (channel ID, channel name, subscriber count)
• OAuth access tokens and refresh tokens required to publish content (YouTube Shorts and videos) on your behalf
• We request the following Google OAuth scopes:
  • https://www.googleapis.com/auth/youtube.upload — to upload videos and YouTube Shorts to your channel
  • https://www.googleapis.com/auth/youtube.readonly — to read your channel information
  • https://www.googleapis.com/auth/userinfo.profile — to identify your Google account

Meta (Facebook & Instagram):

• Facebook Page and Instagram Business account profile information
• OAuth access tokens required to publish posts, stories, and reels on your behalf
• Inbound and outbound messages and interactions strictly needed to power automated workflows and CRM features you configure

Telegram:

• Bot token and chat/channel identifiers you provide
• Message content required to execute your configured chatbot workflows

TikTok:

• TikTok account profile information (username, display name, avatar) obtained via TikTok OAuth 2.0 when you connect your TikTok account to Flowre.io
• OAuth access tokens and refresh tokens required to publish videos and content to your TikTok account on behalf of Flowre.io users
• Post performance metrics (views, likes, comments, shares) for content published through Flowre.io
• Flowre.io requests only the minimum permissions necessary to provide the Service
• Flowre.io does not access, store, or share your TikTok credentials (password)
• TikTok data collected by Flowre.io is used exclusively to provide the scheduling and publishing features you request — never for advertising, resale, or any unrelated purpose
• You may revoke Flowre.io's access to your TikTok account at any time from your TikTok account settings

LinkedIn, Twitter/X, Pinterest:

• Account profile information and OAuth tokens
• Content and media required to publish posts on your behalf

C. Automatically Collected Information

We automatically collect technical data including your IP address, browser type, operating system, and platform usage telemetry (pages visited, features used, session duration) to operate and improve the Service.

---

2. How We Use Google User Data

We use Google user data solely to provide and improve the features of Flowre.io that you explicitly request. Specifically:

• YouTube access tokens are used exclusively to publish videos and YouTube Shorts to your YouTube channel on your behalf, as directed by you.
• Google profile information (name, email, profile picture) is used to identify your account and display your connected channel information within the Flowre.io dashboard.
• We do not use Google user data for:
  • Targeted, personalized, or interest-based advertising
  • Selling or transferring data to data brokers or information resellers
  • Determining creditworthiness or for lending purposes
  • Training AI or machine learning models
  • Any purpose unrelated to providing or improving the Flowre.io Service

Our use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

---

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, maintain, and improve the core Flowre.io Service
• Publish content to your connected social media platforms on your behalf
• Execute your configured automated workflows, chatbot logic, and CRM features
• Process subscription payments securely
• Send technical notices, system updates, security alerts, and support communications
• Analyze platform usage to enhance user experience and develop new features
• Comply with legal obligations and enforce our Terms of Service

---

4. How We Share Your Information

We do not sell your personal data or Google user data to any third party. We share data only in the following limited circumstances:

• Service Providers: With vetted third-party vendors who perform services on our behalf (e.g., Stripe for payments, Neon for database hosting, Hetzner for cloud storage). These providers are contractually obligated to protect your data.
• Your Connected Platforms: Content and data (such as posts, captions, and media) are transmitted to platforms like YouTube, Facebook, Instagram, Telegram, Pinterest, LinkedIn, and Twitter strictly to execute the publishing and automation actions you configure.
• Legal Requirements: If required by law, court order, or lawful request from public authorities.
• Business Transfers: In the event of a merger, acquisition, or asset sale, your information may be transferred with prior notice to you.

We do not transfer Google user data to third parties for advertising, resale, or any purpose other than providing the Service.

---

5. Data Security

We implement industry-standard security measures to protect your personal information and API tokens, including:

• Encryption in transit: All data is transmitted over HTTPS/TLS
• Encryption at rest: OAuth access tokens and refresh tokens are encrypted using AES-256-CBC before being stored in our database
• Access controls: Access to production systems and user data is restricted to authorized personnel only

No internet transmission is completely secure, and while we take all reasonable precautions, we cannot guarantee absolute security.

---

6. Data Retention and Deletion

We retain your information only for as long as necessary to provide the Service, resolve disputes, and comply with legal obligations.

• Connected Account Tokens: If you disconnect a third-party account (e.g., removing your Google/YouTube or Meta connection), we will immediately revoke the OAuth tokens and securely delete them from our systems.
• Google User Data: We retain Google OAuth tokens only while your account is actively connected. Upon disconnection or account deletion, all associated Google user data is permanently deleted.
• Account Deletion: You may request the deletion of your Flowre.io account and all associated data by contacting us at privacy@flowre.io or using account management tools in the dashboard. We will process your request within 30 days.
• Messaging Logs: CRM and messaging data is retained for the duration of your subscription and deleted upon account termination.

---

7. Your Rights and Choices

Depending on your jurisdiction (including GDPR and CCPA), you have the right to:

• Access the personal information we hold about you
• Update or correct inaccurate information
• Delete your personal data and connected account tokens
• Restrict or object to certain data processing activities
• Data portability — receive a copy of your data in a machine-readable format
• Withdraw consent at any time for data processing based on consent
• Revoke platform access directly from the respective platform settings (e.g., Google Account Permissions, Facebook Business Integrations)

To exercise any of these rights, contact us at privacy@flowre.io.

---

8. Third-Party Platform Compliance

By connecting your accounts to Flowre.io, you agree to comply with the respective platform's terms:

• Google Terms of Service and YouTube Terms of Service
• Meta Platform Terms and Instagram Terms of Use
• Twitter/X Developer Agreement
• LinkedIn API Terms
• Pinterest Developer Services Agreement
• TikTok Terms of Service and TikTok Developer Terms of Service

Flowre.io complies with TikTok's Developer Terms and Platform Policies. Flowre.io does not use TikTok user data for any purpose beyond what is explicitly disclosed in this Privacy Policy and approved by TikTok.

---

9. Children's Privacy

Flowre.io is designed for business and professional use and is not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

---

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable regulations. We will notify you of material changes by posting the revised policy on this page and updating the "Last Updated" date above. Your continued use of the Service after such notice constitutes acceptance of the updated policy.

---

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us at:

Email: privacy@flowre.io or support@flowre.io Website: https://flowre.io