Privacy Policy

Last updated: March 12, 2026

1. Introduction

FlowingNow ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This policy describes how we collect, use, and safeguard your information when you use our website and application.

2. Data We Collect

Account information: When you register, we collect your name, email address, and password (hashed). If you use OAuth (Google, GitHub), we receive your name, email, and profile picture from the provider.

Project data: Tasks, milestones, documents, timesheets, and other project content you create. In local mode, this data stays entirely on your device. In cloud mode, it is stored in our EU-hosted infrastructure.

Payment data: If you subscribe to a paid plan, payment is processed by Stripe. We do not store your card number — only a reference to your Stripe customer ID.

Usage data: We collect anonymized usage analytics (page views, feature usage) to improve the product. No personal data is included in analytics.

3. How We Use Your Data

  • To provide and maintain the FlowingNow service
  • To manage your account and subscription
  • To send transactional emails (account confirmation, password resets)
  • To improve the product based on anonymized usage patterns
  • To comply with legal obligations

We never sell your personal data to third parties.

4. Data Storage & Security

Cloud-synced data is stored on EU-hosted Supabase infrastructure with encryption at rest and in transit. Access to production systems is restricted and audited. Local-mode data never leaves your device.

5. Your Rights

Under the GDPR, you have the right to access, rectify, or delete your personal data at any time. You can export all your data from within the app. To delete your account, contact us at privacy@flowingnow.com.

6. Cookies

We use essential cookies for authentication session management. We do not use tracking cookies or third-party advertising cookies.

7. Third-Party Services

We use the following third-party services:

  • Supabase — Authentication and database (EU-hosted)
  • Stripe — Payment processing (PCI DSS compliant)
  • Google Fonts — Font delivery (see Google's privacy policy)

8. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or an in-app notice. The "Last updated" date at the top will reflect the latest revision.

9. Contact

For privacy-related inquiries, contact us at privacy@flowingnow.com.