Privacy Policy
Last Updated: April 7, 2026
1. Introduction
Welcome to OmniFlow ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.
2. Information We Collect
Information You Provide
- Account Information: Name, email address, and profile picture when you create an account.
- Payment Information: Billing details processed securely through Stripe. We never store your full credit card number.
- Content: Workspace data, settings, and preferences you create within the application.
Information Collected Automatically
- Usage Data: Pages visited, features used, and interaction patterns (via PostHog, only with your consent).
- Device Information: Browser type, operating system, and device identifiers.
- Log Data: IP address, access times, and referring URLs.
3. How We Use Your Information
We use the collected information to:
- Provide, maintain, and improve our services
- Process payments and manage subscriptions
- Send transactional emails (receipts, security alerts)
- Analyze usage patterns to improve user experience (with consent)
- Detect and prevent fraud or abuse
4. Cookie Policy
We use cookies and similar technologies for:
- Essential cookies: Required for authentication and security
- Analytics cookies: Used only after you provide explicit consent via our cookie banner
You can manage your cookie preferences at any time through the cookie consent banner or your browser settings.
5. Data Sharing
We do not sell your personal data. We share information only with:
- Service Providers: Stripe (payments), Supabase (infrastructure), Resend (emails), Sentry (error tracking)
- Legal Requirements: When required by law or to protect our rights
6. Data Security
We implement industry-standard security measures including:
- End-to-end encryption for data in transit
- Row Level Security (RLS) for database access control
- Multi-factor authentication (MFA) support
- Regular security audits
7. Your Rights
You have the right to:
- Access your personal data
- Request data correction or deletion
- Export your data
- Opt out of analytics tracking
- Withdraw consent at any time
8. Data Retention
We retain your data for as long as your account is active. Upon account deletion, your data is soft-deleted and permanently purged after 30 days.
9. Changes to This Policy
We may update this policy from time to time. We will notify you of material changes via email or in-app notification.
10. Contact Us
If you have questions about this Privacy Policy, contact us at privacy@omniflow.app.