Privacy Policy

FlowHunt’s Privacy Policy explains how user data is collected, processed, stored, and protected, ensuring transparency and compliance with legal standards.

Privacy Policy GDPR Data Protection User Rights
Try it out Book a demo

1. General

This Privacy Policy describes how FlowHunt processes the Users’ personal information to perform the Services offered on the website under the domain flowhunt.io (“Services”).

Users must read and expressly consent to the data treatment referred to in this Privacy Policy before using the Services.

2. Data Controller

The Controller of the data collected through this Website is QualityUnit,s.r.o..

Flowhunt will process the personal data of the User of this Website for the following purposes:

  • Services and Business Relationship: Enable the maintenance, development, and management of the Services. This includes managing contracts, orders, deliveries, invoices, and disputes. Data processed for this purpose will be kept as long as the business relationship is maintained, and afterward, during legally established retention periods.
  • Responding to User Requests: Respond to requests for information or queries made by the User. Data will be kept until the request has been answered and for the legally established retention period.
  • Marketing Communications: Keep the User informed about FlowHunt products, services, and news via electronic means. This processing is based on the User’s consent, which can be withdrawn at any time by contacting support@flowhunt.io .

Failure to accept this Privacy Policy will imply that FlowHunt’s Services and content will not be available.

4. Categories of Data

Personal data, including bank card details, is securely stored on Stripe. Refer to Stripe’s Privacy Policy for further details.

5. Automated Decision-Making

FlowHunt informs Users that they may be subject to automated decision-making, including profiling, when using the Services.

6. Recipients and Personal Data Transfers

Data may be shared with third-party recipients, including OpenAI and Google. For a complete list of subprocessors that may have access to or process your data, please refer to our Subprocessors page. This page provides detailed information about our infrastructure subprocessors, vendor subprocessors, and service-specific subprocessors, including when and how they may process your data.

7. Rights of the Users

Users have the right to:

  • Access, rectify, erase, or restrict processing of their data.
  • Exercise data portability rights.
  • Object to automated decision-making or profiling.
  • Withdraw consent at any time without affecting the lawfulness of prior processing.
  • File a complaint with a supervisory authority.

To exercise the above rights, Users must contact support@flowhunt.io with a valid ID attached for verification purposes.

8. FlowHunt as Data Processor

When Users purchase a license to use the Services, FlowHunt acts as a Data Processor on behalf of the User or the legal entity represented by the User (Data Controller). The processing relationship is governed by GDPR and related regulations.

8.1. Obligations of the Processor

FlowHunt commits to:

  • Process data only as directed by the Controller.
  • Maintain confidentiality.
  • Notify the Controller of any breaches within 48 hours.
  • Assist the Controller in responding to data subject rights.
  • Implement robust security measures to protect data.

8.2. Obligations of the Data Controller

The Controller must ensure compliance with data protection laws, supervise processing activities, and provide necessary access to data.

9. Data Sharing Disclosures

FlowHunt shares data only with third-party services explicitly chosen by users. No data is shared without user consent. Integrations include:

  • LiveChat and Helpdesk platforms: LiveAgent, HubSpot, LiveChat, Smartsupp, Freshchat, Tawk.to, Slack.
  • Google Services (in development): Authentication, Google Ads, Google Docs, Google Calendar, Google Sheets, Google Drive, Google Tasks, and Google Meet.
  • Shopify.
  • TikTok: When you connect your TikTok account to FlowHunt, we integrate with TikTok’s API to enable AI-powered management of your TikTok account.

FlowHunt ensures that user data is never stored or reused by LLMs like OpenAI, Grok, or Amazon BedRock.

9.1 TikTok Integration

When you choose to connect your TikTok account with FlowHunt, this integration allows you to manage your TikTok account using AI agents. The following disclosures apply to the TikTok integration:

9.1.1 Data Collection and Use

We use third-party tracking and integration technologies, including TikTok’s Login Kit and API services. When you authorize the TikTok integration, we may collect and process:

  • Your TikTok profile information (username, display name, profile picture)
  • Account access tokens required for API authentication
  • Data necessary to perform the specific actions you configure through FlowHunt’s AI agents

All TikTok user data is processed only for the limited purpose of enabling and using TikTok integration features within FlowHunt.

We will never share your TikTok personally identifiable information (PII) with anyone without your explicit consent. You have complete control over:

  • Which TikTok account permissions you grant to FlowHunt
  • What actions FlowHunt can perform on your TikTok account
  • The ability to revoke TikTok integration access at any time

9.1.3 Data Security and Processing

We implement appropriate technical and organizational security measures to protect TikTok user data in accordance with applicable data protection laws. TikTok data is:

  • Encrypted in transit and at rest
  • Processed only by authorized personnel under confidentiality commitments
  • Not used for any purpose other than providing the specific TikTok integration features you have enabled

9.1.4 TikTok’s Privacy Policy

For information about how TikTok collects, uses, and protects your data, please review TikTok’s Privacy Policy .

9.1.5 Data Retention

TikTok integration data (access tokens and associated account information) is retained only while you maintain an active TikTok connection in FlowHunt. When you disconnect your TikTok account or delete your FlowHunt account, all TikTok-related data is deleted in accordance with our standard data retention policies outlined in Section 10.

9.1.6 Compliance with TikTok Developer Terms

Our TikTok integration complies with the TikTok Developer Terms of Service and TikTok Data Sharing Agreement .

10. Data Retention and Deletion Policies

  • Generated Content History: Retained for up to 1 year.
  • Cached Data: Stored for a maximum of 14 days.
  • User-Initiated Deletion: Users can delete all data at any time, and it will be irrecoverable.
  • Backups: Stored securely on Amazon AWS S3 for 30 days.

11. Explicit Use of User Data

User data is exclusively used to provide and improve FlowHunt’s Services. It is not used for targeted advertising or shared with third parties. All data is securely isolated within individual workspaces.

12. Data Access and Control

Users can manage data access via:

  • Role-Based Permissions:
    • Administrator: Full access.
    • Editor: Can modify flows and data.
    • Member: View-only access.
    • Guest: Limited read-only access.
  • API Key-Based Access: Users can define API key validity for programmatic access.

Requests to manage data should be submitted via the support portal or emailed to support@flowhunt.io .

13. Security and Protection of Data

FlowHunt employs encryption, access controls, and regular security assessments to ensure user data remains secure.

14. Changes to this Privacy Policy

FlowHunt may amend this policy to reflect new regulations or practices. Changes will be posted on this page.

Updated: 05/30/2025

Ready to build your own AI?

Smart Chatbots and AI tools under one roof. Connect intuitive blocks to turn your ideas into automated Flows.

Try it out Book a demo