Privacy Policy

Last updated: January 30, 2025

1. Introduction

FlowKeeper ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered accounting platform.

2. Information We Collect

Personal Information

  • Name and email address
  • Business information (company name, business type)
  • Authentication data (encrypted passwords, OAuth tokens)
  • Payment information (processed securely through third-party providers)

Financial Data

  • Transaction records from uploaded CSV files
  • Bank account information (account names, not credentials)
  • Financial categories and entities you create
  • AI-generated insights and categorizations

Usage Data

  • Chat interactions with our AI assistant
  • Application usage patterns and preferences
  • Device and browser information
  • IP addresses and location data

3. How We Use Your Information

We use your information to:

  • Provide and maintain our AI accounting services
  • Process and categorize your financial transactions
  • Generate financial insights and reports
  • Improve our AI models and categorization accuracy
  • Communicate with you about your account
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Data Security

We implement industry-standard security measures to protect your data:

  • End-to-end encryption for sensitive data
  • Secure PostgreSQL database with row-level security
  • Regular security audits and monitoring
  • Secure authentication through Better Auth
  • TLS/SSL encryption for all data transfers
  • Regular backups and disaster recovery procedures

5. AI and Machine Learning

Our AI features process your data to provide intelligent categorization and insights:

  • Transaction categorization uses pattern recognition on your financial data
  • AI models learn from your corrections to improve accuracy
  • Chat interactions are processed to understand and respond to queries
  • We do not sell or share your data for AI training outside our platform
  • You maintain full control over AI-generated categorizations

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data only:

  • With your explicit consent
  • To comply with legal obligations
  • With service providers who assist our operations (under strict confidentiality)
  • In connection with a merger or acquisition (with notice to users)
  • To protect our rights and prevent fraud

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Financial records are retained according to applicable accounting regulations (typically 7 years). You can request data deletion at any time, subject to legal requirements.

8. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt-out of certain data processing
  • Withdraw consent at any time

9. GDPR Compliance

For users in the European Union, we comply with GDPR requirements including:

  • Lawful basis for data processing
  • Data minimization principles
  • Right to erasure ("right to be forgotten")
  • Data portability
  • Privacy by design and default

10. Third-Party Services

We use trusted third-party services:

  • Neon for database hosting
  • Vercel for application hosting
  • OpenAI for AI processing
  • Google OAuth for authentication

Each service has its own privacy policy and security measures.

11. Children's Privacy

FlowKeeper is not intended for users under 18 years of age. We do not knowingly collect information from children.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the application.

13. Contact Us

For questions about this Privacy Policy or your data, please contact us at:

  • Email: privacy@flowkeeper.app
  • Address: FlowKeeper, Inc.