Privacy Policy

1. Introduction

Rafał Sokołowski - Izenflow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://flowliberate.com/ and use our AI automation services.

This policy complies with the General Data Protection Regulation (GDPR) and Polish data protection laws.

2. Data Controller

3. Information We Collect

3.1 Personal Information You Provide

• Contact Information: Name, email address, company name (for project communication)
• Project Information: Technical specifications and requirements necessary to deliver automation workflows
• Communication Data: Messages and correspondence related to your project
• Payment Information: Billing information (processed securely through Stripe - we do not store this data)

3.2 Information Collected Automatically

• Technical Data: Basic server logs including IP address and browser information (automatically deleted)
• No Tracking: We do not use cookies, analytics, or tracking technologies on our website

4. Legal Basis for Processing

We process your personal data based on:

• Contract Performance: To provide our AI automation services
• Legitimate Interest: To improve our services, communicate with prospects, and operate our business
• Consent: For marketing communications (where required)
• Legal Obligation: To comply with tax, accounting, and legal requirements

5. How We Use Your Information

We use your information to:

• Provide custom automation workflow development using tools like Python, n8n, and Make.com
• Process payments for completed projects
• Communicate about project specifications and delivery
• Comply with legal and tax reporting requirements
• Protect against fraud and maintain service security

6. Payment Processing

We use Stripe, Inc. as our payment processor. When you make a payment:

• Your payment information is transmitted directly to Stripe
• We do not store your complete payment card details
• Stripe's processing is governed by their Privacy Policy
• We retain transaction records for accounting and legal purposes

For more information about Stripe's data practices, visit: https://stripe.com/privacy

7. Data Sharing and Disclosure

We may share your information with:

7.1 Service Providers

• Stripe: For payment processing only - we do not store payment information

7.2 Legal Requirements

We may disclose information when required by law, regulation, or legal process.

7.3 Business Transfers

In case of merger, acquisition, or sale of assets, minimal business records may be transferred.

8. International Data Transfers

We serve clients worldwide. When we communicate with clients outside the European Economic Area (EEA), we ensure appropriate safeguards through:

• Standard Contractual Clauses: EU-approved contract terms for data transfers
• Adequacy Decisions: Transfers to countries with adequate protection levels
• Minimal Data: We only process essential project information required for service delivery

9. Data Retention

We follow a minimal data retention policy:

• Project Communications: Deleted immediately after project completion and payment
• Payment Records: Transaction records retained for 6 years as required by Polish tax law (processed by Stripe)
• Legal Records: Only basic business transaction records for tax/legal compliance
• No Long-term Storage: We do not maintain client databases or marketing lists

10. Your Rights Under GDPR

You have the right to:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal obligations)
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: For consent-based processing

To exercise these rights, contact us at rafal@flowliberate.com.

11. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: Data encryption in transit and at rest
• Access Controls: Limited access on a need-to-know basis
• Regular Updates: Security patches and system updates
• Staff Training: Regular privacy and security training
• Incident Response: Procedures for data breach response

12. Cookies and Tracking

Our website does not use cookies, analytics, or tracking technologies. We maintain a simple static website that does not collect or store visitor information.

13. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

• Posting the updated policy on our website
• Sending email notifications for material changes
• Including the "Last updated" date at the top of this policy

15. Contact Information

For privacy-related questions or concerns:

16. Supervisory Authority

You have the right to lodge a complaint with the Polish supervisory authority:

17. Definitions

• Personal Data: Any information relating to an identified or identifiable natural person
• Processing: Any operation performed on personal data
• Controller: The entity that determines the purposes and means of processing
• Processor: An entity that processes personal data on behalf of the controller