Privacy Policy – FlowInsight

Last updated: March 2026

1. Introduction

FlowInsight ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use the FlowInsight mobile application (the "App").


2. Who We Are

FlowInsight is a business application used by organizations to manage workflows and operational insights.

Accounts are created and managed by administrators within your organization.


3. What Data We Collect

3.1 Account Information

  • Name
  • Email address
  • Organization / company name
  • User role (e.g. admin, user)

3.2 Authentication Data

We use OpenID Connect (OIDC) for authentication.

  • Authentication tokens (access/refresh tokens)
  • Identity provider data (e.g. name, email)

We do NOT store passwords directly.


3.3 Multi-Factor Authentication (MFA)

If you enable SMS-based multi-factor authentication (MFA), we also store your telephone number.

SMS-based MFA is optional.


3.4 Usage Data

  • Log data (e.g. actions within the app)
  • Device information (OS version, device type)
  • Error and performance data

3.5 Business Data

Data entered into the app by users as part of normal business operations (e.g. workflow data, reports, or records).


4. How We Use Your Data

We process your data for the following purposes:

  • To provide and maintain the App
  • To authenticate users via OIDC
  • To enable organization-based account management
  • To improve performance and stability
  • To ensure security and prevent misuse

5. Data Storage and Infrastructure

Your data is stored and processed using:

  • Europe-based cloud hosting platforms
  • MongoDB databases

Data is stored within the European Economic Area (EEA) unless otherwise specified.


6. Data Sharing

We do NOT sell personal data.

We may share data with:

  • Identity providers (for authentication via OIDC)
  • Infrastructure providers (e.g. hosting and database services)
  • Your organization's administrators (who manage your account)

7. Data Retention

We retain data:

  • As long as your organization uses the service
  • Until your account is deleted by an administrator
  • Or as required by legal obligations

8. Security

We take appropriate technical and organizational measures, including:

  • Secure authentication (OIDC)
  • Encrypted connections (HTTPS)
  • Access controls and role-based permissions

9. Your Rights (GDPR)

If you are located in the EU, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing

Requests should be directed to your organization's administrator or to us (see contact below).


10. Children's Privacy

The App is intended for business use only and is not directed at individuals under 16 years of age.


11. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be published on this page.


12. Contact

If you have any questions about this Privacy Policy, contact us at:

📧 info@flow-insight.nl
🌐 https://www.flow-insight.nl


13. Organization Responsibility

Because FlowInsight is a business application:

  • Your organization acts as the data controller
  • FlowInsight acts as a data processor

Administrators within your organization are responsible for managing user accounts and data access.