This website uses cookies

We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

You may choose which types of cookies to allow and can change your preferences at any time. Remember that disabling cookies may affect your experience on the website. You can at any time change or withdraw your consent. Learn more about who we are, how you can contact us and how we process personal data in our privacy policy
Allow allDeny allPreferences
Preferences

Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website.  Blocking categories may impact your experience on the website.

Accept all cookies

These items are required to enable basic website functionality.

Always active

These items are used to deliver advertising that is more relevant to you and your interests.

These items allow the website to remember choices you make (such as your username, language, or the region you are in) and provide enhanced, more personal features.

These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Flowal Privacy Policy

Effective date: January 15, 2026
Last updated: February 14, 2026

This Privacy Policy explains how Flowal (“Flowal”, “we”, “us”) collects, uses, shares, and protects your personal data when you use our website, app, and related services (together, the “Services”).

Reality check: A privacy policy normally must identify the legal entity and address of the data controller. You asked not to specify that for now. That’s a compliance risk (especially UK/EU), but the policy below is written to be operationally accurate with what you told me.

1) Who we are and how to contact us

Controller (generally): Flowal (the operator of the Services).
Contact: christian@flowal.co

Enterprise / Organization accounts (controller vs processor)

If you use Flowal through an organization (e.g., an MCN/agency/brand) that creates/administers your account or uploads/links creator information:

If you sign up directly as an individual user, Flowal generally acts as the controller.

2) What we collect

A) Information you provide

B) Information we collect automatically

C) Information from third parties (including YouTube/Google)

If you connect a YouTube/Google account, we may receive data via Google/YouTube APIs depending on what you authorize. This can include:

We only access what you authorize, and you can revoke access at any time in your Google account settings.

3) How we use your data

We use personal data to:

  1. Provide and operate the Services
    • Create and manage accounts
    • Provide dashboards, insights, and features you request
    • Maintain OAuth connections to third-party services you link
  2. Process payments and payouts
    • Manage subscriptions and billing through Stripe
    • Process payouts either via Stripe or via IBAN details you provide (as applicable)
  3. Claims handling and support
    • Review claim submissions and supporting documentation
    • Communicate with you about your claim and required information
    • Detect and prevent fraud and misuse related to claims
  4. AI-assisted features (support only)
    • Provide AI-powered assistance (e.g., guidance, drafting support, or help understanding policy/appeals)
    • Important: AI in Flowal does not make automated approval/denial decisions. It provides support to users and/or internal teams.
  5. Security, fraud prevention, and abuse detection
    • Prevent unauthorized access, account takeover, fraud, and platform abuse
    • Enforce our Terms and protect the Services
  6. Analytics and product improvement (including session replay)
    • Understand usage and improve features, reliability, and user experience
    • We use session replay tools to help diagnose issues and improve the product. (See Section 6.)
  7. Legal compliance
    • Meet legal, regulatory, tax, accounting, and reporting obligations
    • Handle disputes and enforce rights

4) Legal bases (UK GDPR / EU GDPR)

Where UK/EU data protection laws apply, we rely on these legal bases:

You can withdraw consent at any time where consent is the basis (this won’t affect processing already performed).

5) How we share your data

We share personal data only as needed:

A) Service providers (processors)

We use vendors to operate the Services, such as:

We may also use providers for hosting, analytics/session replay, customer support tooling, communications, and security monitoring. They are permitted to process data only to provide services to us.

B) Legal and safety

We may share data if required to comply with law, regulation, subpoena, court order, or to protect rights, users, and the integrity of the Services.

C) Business transfers

If we’re involved in a merger, acquisition, financing, or sale of assets, personal data may be transferred as part of that deal (subject to appropriate safeguards).

D) No “sale” of personal data

We do not sell personal data. We also do not share personal data for cross-context behavioral advertising (targeted ads) based on your answers (no ad/social pixels running).

6) Cookies, analytics, and session replay

We use cookies and similar technologies for:

Your choices

Session replay note (important)

Session replay can capture interactions within the product (e.g., clicks, scrolling, navigation). We design our implementation to avoid collecting sensitive fields where possible (masking/redaction), but you should still avoid entering sensitive information into free-text fields unless required.

7) AI and OpenAI processing

We use OpenAI models to provide AI-assisted functionality.

8) YouTube/Google API data and “Limited Use”

If you connect Google/YouTube:

9) International transfers

Your data may be processed in countries other than where you live, depending on where we and our service providers operate.

Where UK/EU transfer rules apply, we use appropriate safeguards (such as Standard Contractual Clauses and/or the UK International Data Transfer Addendum/IDTA, and other legally recognized mechanisms).

10) Data retention

We keep data as long as necessary for the purposes described, with an intentionally conservative (long) retention approach that’s still defensible:

We may retain data longer where required by law or for legitimate claims, security investigations, or fraud prevention.

11) Security

We use administrative, technical, and organizational measures designed to protect personal data. No method of transmission or storage is 100% secure, so we can’t guarantee absolute security.

12) Your rights

Depending on where you live, you may have rights including:

How to exercise rights

Email us at christian@flowal.co. We may request information to verify your identity.

Complaints (UK/EU)

If you are in the UK or EEA, you can lodge a complaint with your local supervisory authority. In the UK, that’s the Information Commissioner’s Office (ICO).

13) Children’s privacy

The Services are not intended for anyone under 18, and you must be at least 18 or the age of legal majority in your country (whichever is higher) to use Flowal. If we learn we collected personal data from a minor, we will delete it.

14) Changes to this policy

We may update this policy from time to time. If changes are material, we will provide notice (for example, by email or in-product). The “Last updated” date will reflect the latest version.

15) Contact

For privacy questions or requests: christian@flowal.co

YouTube / Google Data Addendum