Join Now
Join Now

Privacy Policy for Proflow

Effective Date: May 14, 2026

Last Updated: May 14, 2026

Proflow (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, process, and share your information across the Proflow platform, including our website, mobile applications, and integrated services (collectively, the “Service”).

By using Proflow, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

We collect information that you provide directly to us, data generated by your use of the Service, and information from third-party integrations.

A. Personal & Account Data

  • Identity Data: Full name, job title, and organization name.

  • Contact Data: Email address, billing address, and phone number.

  • Credentials: Encrypted authentication data (we do not store plain-text passwords).

B. Workspace & Functional Data

  • Operational Content: Tasks, project boards, client records, notes, and internal team communications.

  • Financial Data: Invoices generated within the platform and billing status (processed via third-party providers like Stripe).

C. Integrated Third-Party Data (Google Workspace)

If you choose to connect your Google Account, Proflow accesses specific data via Google APIs to enable core functionality:

  • Google Profile: Email address and basic profile information to facilitate Single Sign-On (SSO).

  • Google Calendar Data: We access, create, and modify calendar events, including titles, time zones, attendee lists, descriptions, and location data.

  • Google Meet Data: Generation and retrieval of meeting URLs associated with calendar events.

2. Google API Disclosure & Limited Use

Proflow’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Specific Use Cases for Google Data:

  • Synchronization: To provide a unified view of your schedule by bi-directionally syncing Proflow tasks with Google Calendar.

  • Automation: To automatically generate Google Meet links when a meeting is scheduled within a Proflow project.

  • Availability: To prevent scheduling conflicts by checking your "Busy/Free" status.

Prohibitions on Google Data:

  • No Sale of Data: We never sell your Google user data to third parties.

  • No Advertising: We do not use Google user data to serve or target advertisements.

  • No Human Review: Our staff does not read your private calendar entries unless strictly necessary for security purposes, to comply with applicable law, or if you provide explicit consent for a support ticket.

3. Legal Basis for Processing (GDPR/CCPA)

We process your data under the following legal frameworks:

  • Consent: Where you have given us clear permission (e.g., connecting your Google Calendar).

  • Contractual Necessity: To provide the project management services you signed up for.

  • Legitimate Interests: To improve our platform, ensure security, and provide customer support.

4. Data Sharing and Sub-processors

We do not sell, rent, or trade your personal information. We share data only with the following categories of third-party "Sub-processors" necessary to provide the Service:

  • Cloud Hosting: Storing application data and hosting infrastructure (e.g., AWS, Google Cloud).

  • Authentication: Managing secure user logins (e.g., Auth0, Firebase).

  • Analytics: Understanding how users interact with Proflow to improve features.

  • Payment Processing: Securely handling subscriptions and invoices (e.g., Stripe).

5. Data Security & Technical Measures

We implement industry-standard security protocols to safeguard your information:

  • Encryption: Data is encrypted at rest (AES-256) and in transit (TLS 1.2+).

  • OAuth Security: Google OAuth tokens are stored in a secure, server-side vault. These tokens are never exposed to the client-side browser environment.

  • Isolation: Workspace data is logically separated to ensure that one organization cannot access another’s data.

6. Data Retention and Deletion

  • Active Accounts: We retain your data for as long as your account is active.

  • Disconnection: If you disconnect your Google Account, we immediately cease syncing. We will delete previously synced Google data from our active database within 30 days.

  • Account Deletion: Upon a formal "Right to Erasure" request, we will delete all personal data within 30 days, except where we are legally required to retain it (e.g., for tax or audit purposes).

7. Your Rights and Controls

Depending on your location, you may have the following rights:

  • Access & Portability: Request a copy of the data we hold about you.

  • Correction: Update inaccurate or incomplete information.

  • Withdrawal of Consent: Disconnect integrations (like Google Calendar) at any time via Settings > Integrations.

  • Object to Processing: Request that we stop using your data for specific purposes.

8. Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via the email address associated with your account or through a prominent notice within the Proflow platform.

9. Contact Us

For questions regarding this policy, or to exercise your data rights, please contact our Privacy Team:

Email: support@proflowtech.io


Contact

Get in touch with the Proflow team anytime.

info@proflowtech.io

© 2026. All rights reserved.