Privacy Policy
Version 1.1
Revised June 5, 2024
Privacy Policy
Version 1.1
Revised June 5, 2024
This policy describes how we collect and process your data through https://www.flowpoint.ai website (the "Website"). The terms "Flowpoint", "we", "us", "our" and "ourselves" refer to Flowpoint Analytics Ltd, a legal person registered under the laws of England and Wales.
We are committed to safeguarding the privacy of our users. We are not going to misuse your data.
Controller Details
Flowpoint Analytics Ltd
Registered address: Flat 41 Oslo Court, Prince Albert Road, London, England, NW8 7EN
Contact email address: office@flowpoint.ai
Our Data Protection Officer
Information We Collect from You
Account Set Up and Provision of Services
To access the services and start using our product, you will be required to create an account on our Website and provide us with some information. Specifically, we will ask you to provide us with the following categories of information:
email address;
full name of the person creating the account;
the name of the organisation you represent as well as your address;
your organisation's website domain.
The above-mentioned personal information will be processed in order to perform the contract between you and us (GDPR Art. 6.1.b).
Agentic Workflows and Process Configuration
When creating agentic workflows within the Product, you may provide inputs, configurations, and details specific to your business processes. This information is stored and processed solely to enable the functionality of the workflows you build.
We do not use the data from your workflows for any purpose other than providing the agreed-upon Services.
Communication and Customer Support
We may receive your information when you leave a request for support on the Website, or when you inquire about our services. We will use the information given by you to provide you with the help you might need, fix and improve the Website, and analyse our efficiency in product efforts. Additionally, we may process other communications between us and you, for example, your inquiries regarding the services.
The applied legal basis for this is the performance of the contract between you and us (GDPR Art. 6.1.b) and our legitimate interest in improving the Website (GDPR Art. 6.1.f).
Integrated Services
You may be given the option to access/authenticate or register for the Website through the use of your user name and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your Google account, or otherwise have the option to authorise an Integrated Service to provide your personal data or other information to us. By authorising us to connect with an Integrated Service, you allow us to access and store your name, profile information, email address, and other information that the Integrated Service makes available to us, and to use and disclose it in accordance with this Policy. You should check your privacy settings on each Integrated Service to understand what information that Integrated Service makes available to us, and make changes as appropriate. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Website.
Our Data Processor Obligations
Flowpoint serves as a data processor for the information you submit when configuring workflows in the Product. This includes data related to the agents you build, such as:
• Inputs for agentic processes
• Output data generated by the agents
• Workflow-specific configurations and parameters
We do not use or analyze this data for any purposes outside of enabling your workflows. All processing is performed based on your instructions.
Retention of Your Information
We will store your information and data of your website visitors for as long as you have an activated account with us. When you stop being our client, we will delete or anonymise the information collected from you and your website visitors after 6 months, unless you explicitly ask us to delete the information earlier.
However, we may need to retain some of your personal data for longer if there is a need for it, for example, in order to comply with our tax, accounting and legal requirements. In this case, the applied legal basis for the processing of your information will be the necessity to comply with a legal obligation.
Third-party Access to Information
Your personal information may be shared with the following third parties:
IT outsourcing service providers;
email service providers;
cloud hosting providers to store and process collected data;
customer communication solutions;
payment service providers;
online document storage solutions;
CRM software solutions;
project management solutions.
The providers listed above process your information based on our instructions only.
In case your personal data is provided to third parties outside the EEA, we will implement appropriate safeguards to protect your personal data, including Standard Contractual Clauses as adopted by the European Commission. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Google API Services
The Website’s use and transfer to any other website of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Please make sure to familiarise yourself with this policy.
OpenAI Services
Flowpoint integrates with OpenAI’s API services for processing large language model (LLM) queries and generating results in your agentic workflows. Any data shared with OpenAI is transmitted securely and processed according to OpenAI’s Data Usage Policies.
We encourage you to review OpenAI’s Privacy Policy to understand how your data is handled during this interaction.
Other Disclosures
In addition to the disclosures for the purposes identified before, we may disclose information about you for the following purposes:
law enforcement, legal process and compliance: if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights, or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose personal data or other information that we believe, in good faith, is appropriate or necessary to: (i) take precautions against liability; (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity; (iii) investigate and defend ourselves against any third-party claims or allegations; (iv) protect the security or integrity of our services and any facilities or equipment used to make our services available; or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others;
change of ownership or other business needs: (i) in case we sell, licence or otherwise assign our company, corporate rights, the Website or its separate parts or features to third parties; (ii) as part of a transaction, financing, or for other business needs (e.g., if Flowpoint needs to disclose your personal data to the prospective lender or bank, investor or prospective investor, and/or their professional advisers as part of certain due diligence processes, as the case may be); (iii) we may also disclose and otherwise transfer your personal data to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets and only if the recipient of the information commits to a privacy policy that has terms substantially consistent with this policy.
Your Rights
You may exercise GDPR rights regarding your personal data. In particular, you have the right to:
The right to access your information. You have the right to know what personal data we process. As such you can obtain the disclosure of the personal data involved in the processing and you can obtain a copy of the information undergoing processing.
The right to verify your information and seek its rectification. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;
The right to have your personal data deleted. If we are not under the obligation to keep your personal data for legal compliance and it is not needed in the scope of an active contract or claim, we will remove your information upon your request.
The right to restrict the processing of your information. When you contest the accuracy of your information, believe we process it unlawfully or want to object to the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will stop processing your personal data (other than storing it) until we are able to provide you with evidence of its lawful processing.
The right to have your personal data transferred to another organisation. Where we process your personal data on the legal basis of consent you provided us or on the necessity to perform a contract, we can make, at your request, your personal data available to you or to an organisation of your choosing.
The right to object against the processing of your information. If we process your information for our legitimate interests (e.g., for direct marketing emails or for our marketing research purposes), you can object to it. Let us know what you object against and we will consider your request. If there are no compelling interests for us to refuse to perform your request, we will stop the processing for such purposes. If we believe our compelling interests outweigh your right to privacy, we will clarify this to you.
You can formulate such requests or channel further questions on data protection by contacting us directly at office@flowpoint.ai or by contacting our Data Protection Officer at: dpo.flowpoint@legalnodes.com.
If you are a visitor of the website that uses our services, please send your personal data request to the data controller of your data, i.e., the website owner.
If you believe that our use of personal information violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to lodge a complaint with the competent data protection authority of your choice.
Security of Information
We implement industry-standard security measures to protect your data from unauthorized access, loss, or misuse. This includes:
• Secure storage and encryption of data in transit and at rest.
• Access control restricted to authorized personnel only.
• Use of secure VPN connections and TLS encryption for all external communications.
For data processed outside the EU, Flowpoint ensures adequate safeguards are in place.
Changes to This Policy
We may update this Privacy Policy from time to time by posting a new version on our website. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.
This policy describes how we collect and process your data through https://www.flowpoint.ai website (the "Website"). The terms "Flowpoint", "we", "us", "our" and "ourselves" refer to Flowpoint Analytics Ltd, a legal person registered under the laws of England and Wales.
We are committed to safeguarding the privacy of our users. We are not going to misuse your data.
Controller Details
Flowpoint Analytics Ltd
Registered address: Flat 41 Oslo Court, Prince Albert Road, London, England, NW8 7EN
Contact email address: office@flowpoint.ai
Our Data Protection Officer
Information We Collect from You
Account Set Up and Provision of Services
To access the services and start using our product, you will be required to create an account on our Website and provide us with some information. Specifically, we will ask you to provide us with the following categories of information:
email address;
full name of the person creating the account;
the name of the organisation you represent as well as your address;
your organisation's website domain.
The above-mentioned personal information will be processed in order to perform the contract between you and us (GDPR Art. 6.1.b).
Agentic Workflows and Process Configuration
When creating agentic workflows within the Product, you may provide inputs, configurations, and details specific to your business processes. This information is stored and processed solely to enable the functionality of the workflows you build.
We do not use the data from your workflows for any purpose other than providing the agreed-upon Services.
Communication and Customer Support
We may receive your information when you leave a request for support on the Website, or when you inquire about our services. We will use the information given by you to provide you with the help you might need, fix and improve the Website, and analyse our efficiency in product efforts. Additionally, we may process other communications between us and you, for example, your inquiries regarding the services.
The applied legal basis for this is the performance of the contract between you and us (GDPR Art. 6.1.b) and our legitimate interest in improving the Website (GDPR Art. 6.1.f).
Integrated Services
You may be given the option to access/authenticate or register for the Website through the use of your user name and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your Google account, or otherwise have the option to authorise an Integrated Service to provide your personal data or other information to us. By authorising us to connect with an Integrated Service, you allow us to access and store your name, profile information, email address, and other information that the Integrated Service makes available to us, and to use and disclose it in accordance with this Policy. You should check your privacy settings on each Integrated Service to understand what information that Integrated Service makes available to us, and make changes as appropriate. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Website.
Our Data Processor Obligations
Flowpoint serves as a data processor for the information you submit when configuring workflows in the Product. This includes data related to the agents you build, such as:
• Inputs for agentic processes
• Output data generated by the agents
• Workflow-specific configurations and parameters
We do not use or analyze this data for any purposes outside of enabling your workflows. All processing is performed based on your instructions.
Retention of Your Information
We will store your information and data of your website visitors for as long as you have an activated account with us. When you stop being our client, we will delete or anonymise the information collected from you and your website visitors after 6 months, unless you explicitly ask us to delete the information earlier.
However, we may need to retain some of your personal data for longer if there is a need for it, for example, in order to comply with our tax, accounting and legal requirements. In this case, the applied legal basis for the processing of your information will be the necessity to comply with a legal obligation.
Third-party Access to Information
Your personal information may be shared with the following third parties:
IT outsourcing service providers;
email service providers;
cloud hosting providers to store and process collected data;
customer communication solutions;
payment service providers;
online document storage solutions;
CRM software solutions;
project management solutions.
The providers listed above process your information based on our instructions only.
In case your personal data is provided to third parties outside the EEA, we will implement appropriate safeguards to protect your personal data, including Standard Contractual Clauses as adopted by the European Commission. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Google API Services
The Website’s use and transfer to any other website of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Please make sure to familiarise yourself with this policy.
OpenAI Services
Flowpoint integrates with OpenAI’s API services for processing large language model (LLM) queries and generating results in your agentic workflows. Any data shared with OpenAI is transmitted securely and processed according to OpenAI’s Data Usage Policies.
We encourage you to review OpenAI’s Privacy Policy to understand how your data is handled during this interaction.
Other Disclosures
In addition to the disclosures for the purposes identified before, we may disclose information about you for the following purposes:
law enforcement, legal process and compliance: if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights, or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose personal data or other information that we believe, in good faith, is appropriate or necessary to: (i) take precautions against liability; (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity; (iii) investigate and defend ourselves against any third-party claims or allegations; (iv) protect the security or integrity of our services and any facilities or equipment used to make our services available; or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others;
change of ownership or other business needs: (i) in case we sell, licence or otherwise assign our company, corporate rights, the Website or its separate parts or features to third parties; (ii) as part of a transaction, financing, or for other business needs (e.g., if Flowpoint needs to disclose your personal data to the prospective lender or bank, investor or prospective investor, and/or their professional advisers as part of certain due diligence processes, as the case may be); (iii) we may also disclose and otherwise transfer your personal data to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets and only if the recipient of the information commits to a privacy policy that has terms substantially consistent with this policy.
Your Rights
You may exercise GDPR rights regarding your personal data. In particular, you have the right to:
The right to access your information. You have the right to know what personal data we process. As such you can obtain the disclosure of the personal data involved in the processing and you can obtain a copy of the information undergoing processing.
The right to verify your information and seek its rectification. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;
The right to have your personal data deleted. If we are not under the obligation to keep your personal data for legal compliance and it is not needed in the scope of an active contract or claim, we will remove your information upon your request.
The right to restrict the processing of your information. When you contest the accuracy of your information, believe we process it unlawfully or want to object to the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will stop processing your personal data (other than storing it) until we are able to provide you with evidence of its lawful processing.
The right to have your personal data transferred to another organisation. Where we process your personal data on the legal basis of consent you provided us or on the necessity to perform a contract, we can make, at your request, your personal data available to you or to an organisation of your choosing.
The right to object against the processing of your information. If we process your information for our legitimate interests (e.g., for direct marketing emails or for our marketing research purposes), you can object to it. Let us know what you object against and we will consider your request. If there are no compelling interests for us to refuse to perform your request, we will stop the processing for such purposes. If we believe our compelling interests outweigh your right to privacy, we will clarify this to you.
You can formulate such requests or channel further questions on data protection by contacting us directly at office@flowpoint.ai or by contacting our Data Protection Officer at: dpo.flowpoint@legalnodes.com.
If you are a visitor of the website that uses our services, please send your personal data request to the data controller of your data, i.e., the website owner.
If you believe that our use of personal information violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to lodge a complaint with the competent data protection authority of your choice.
Security of Information
We implement industry-standard security measures to protect your data from unauthorized access, loss, or misuse. This includes:
• Secure storage and encryption of data in transit and at rest.
• Access control restricted to authorized personnel only.
• Use of secure VPN connections and TLS encryption for all external communications.
For data processed outside the EU, Flowpoint ensures adequate safeguards are in place.
Changes to This Policy
We may update this Privacy Policy from time to time by posting a new version on our website. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.
Table of Contents
Title