1. General
This Privacy Policy describes how FlowHunt processes the Users’ personal information to perform the Services offered on the website under the domain flowhunt.io (“Services”).
Users must read and expressly consent to the data treatment referred to in this Privacy Policy before using the Services.
2. Data Controller
The Controller of the data collected through this Website is QualityUnit,s.r.o..
3. Purposes of the Processing and Legal Basis
Flowhunt will process the personal data of the User of this Website for the following purposes:
- Services and Business Relationship: Enable the maintenance, development, and management of the Services. This includes managing contracts, orders, deliveries, invoices, and disputes. Data processed for this purpose will be kept as long as the business relationship is maintained, and afterward, during legally established retention periods.
- Responding to User Requests: Respond to requests for information or queries made by the User. Data will be kept until the request has been answered and for the legally established retention period.
- Marketing Communications: Keep the User informed about FlowHunt products, services, and news via electronic means. This processing is based on the User’s consent, which can be withdrawn at any time by contacting support@flowhunt.io .
Failure to accept this Privacy Policy will imply that FlowHunt’s Services and content will not be available.
4. Categories of Data
Personal data, including bank card details, is securely stored on Stripe. Refer to Stripe’s Privacy Policy for further details.
5. Automated Decision-Making
FlowHunt informs Users that they may be subject to automated decision-making, including profiling, when using the Services.
6. Recipients and Personal Data Transfers
Data may be shared with third-party recipients, including OpenAI and Google. For a complete list of subprocessors that may have access to or process your data, please refer to our Subprocessors page. This page provides detailed information about our infrastructure subprocessors, vendor subprocessors, and service-specific subprocessors, including when and how they may process your data.
7. Rights of the Users
Users have the right to:
- Access, rectify, erase, or restrict processing of their data.
- Exercise data portability rights.
- Object to automated decision-making or profiling.
- Withdraw consent at any time without affecting the lawfulness of prior processing.
- File a complaint with a supervisory authority.
To exercise the above rights, Users must contact support@flowhunt.io with a valid ID attached for verification purposes.
8. FlowHunt as Data Processor
When Users purchase a license to use the Services, FlowHunt acts as a Data Processor on behalf of the User or the legal entity represented by the User (Data Controller). The processing relationship is governed by GDPR and related regulations.
8.1. Obligations of the Processor
FlowHunt commits to:
- Process data only as directed by the Controller.
- Maintain confidentiality.
- Notify the Controller of any breaches within 48 hours.
- Assist the Controller in responding to data subject rights.
- Implement robust security measures to protect data.
8.2. Obligations of the Data Controller
The Controller must ensure compliance with data protection laws, supervise processing activities, and provide necessary access to data.
9. Data Sharing Disclosures
FlowHunt shares data only with third-party services explicitly chosen by users. No data is shared without user consent. Integrations include:
- LiveChat and Helpdesk platforms: LiveAgent, HubSpot, LiveChat, Smartsupp, Freshchat, Tawk.to, Slack.
- Google Services (in development): Authentication, Google Ads, Google Docs, Google Calendar, Google Sheets, Google Drive, Google Tasks, and Google Meet.
- Shopify.
- TikTok: When you connect your TikTok account to FlowHunt, we integrate with TikTok’s API to enable AI-powered management of your TikTok account.
FlowHunt ensures that user data is never stored or reused by LLMs like OpenAI, Grok, or Amazon BedRock.
9.1 TikTok Integration
When you choose to connect your TikTok account with FlowHunt, this integration allows you to manage your TikTok account using AI agents. The following disclosures apply to the TikTok integration:
9.1.1 Data Collection and Use
We use third-party tracking and integration technologies, including TikTok’s Login Kit and API services. When you authorize the TikTok integration, we may collect and process:
- Your TikTok profile information (username, display name, profile picture)
- Account access tokens required for API authentication
- Data necessary to perform the specific actions you configure through FlowHunt’s AI agents
All TikTok user data is processed only for the limited purpose of enabling and using TikTok integration features within FlowHunt.
9.1.2 User Consent and Control
We will never share your TikTok personally identifiable information (PII) with anyone without your explicit consent. You have complete control over:
- Which TikTok account permissions you grant to FlowHunt
- What actions FlowHunt can perform on your TikTok account
- The ability to revoke TikTok integration access at any time
9.1.3 Data Security and Processing
We implement appropriate technical and organizational security measures to protect TikTok user data in accordance with applicable data protection laws. TikTok data is:
- Encrypted in transit and at rest
- Processed only by authorized personnel under confidentiality commitments
- Not used for any purpose other than providing the specific TikTok integration features you have enabled
9.1.4 TikTok’s Privacy Policy
For information about how TikTok collects, uses, and protects your data, please review TikTok’s Privacy Policy .
9.1.5 Data Retention
TikTok integration data (access tokens and associated account information) is retained only while you maintain an active TikTok connection in FlowHunt. When you disconnect your TikTok account or delete your FlowHunt account, all TikTok-related data is deleted in accordance with our standard data retention policies outlined in Section 10.
9.1.6 Compliance with TikTok Developer Terms
Our TikTok integration complies with the TikTok Developer Terms of Service and TikTok Data Sharing Agreement .
10. Data Retention and Deletion Policies
- Generated Content History: Retained for up to 1 year.
- Cached Data: Stored for a maximum of 14 days.
- User-Initiated Deletion: Users can delete all data at any time, and it will be irrecoverable.
- Backups: Stored securely on Amazon AWS S3 for 30 days.
11. Explicit Use of User Data
User data is exclusively used to provide and improve FlowHunt’s Services. It is not used for targeted advertising or shared with third parties. All data is securely isolated within individual workspaces.
12. Data Access and Control
Users can manage data access via:
- Role-Based Permissions:
- Administrator: Full access.
- Editor: Can modify flows and data.
- Member: View-only access.
- Guest: Limited read-only access.
- API Key-Based Access: Users can define API key validity for programmatic access.
Requests to manage data should be submitted via the support portal or emailed to support@flowhunt.io .
13. Security and Protection of Data
FlowHunt employs encryption, access controls, and regular security assessments to ensure user data remains secure.
14. Changes to this Privacy Policy
FlowHunt may amend this policy to reflect new regulations or practices. Changes will be posted on this page.
Updated: 05/30/2025