Privacy Policy

The protection of your data, trade secrets, and the confidentiality of your operations are the core pillars of Flow Synapse.

This Privacy Policy aims to transparently inform you about how we handle your personal and professional data within the scope of our AI automation and integration services.

1. Our role and infrastructure

Unlike traditional software platforms that store your data in third-party databases, Flow Synapse's model relies on a decentralized, custom-built infrastructure.

• No third-party storage platform: We develop your automations on our highly secure Virtual Private Server (VPS), hosted in Europe.
• Data in transit: Your company's data (emails, CRM information, documents) only passes through our servers ephemerally for processing. We do not maintain any databases of your clients or your operations.
• Your credentials: API keys and access tokens (OAuth) required to connect your software are end-to-end encrypted using the highest security standards.

2. What data do we collect?

In the context of our B2B commercial relationship, we collect only strictly necessary data:

• Professional identification data: First and last name, job title, company name, professional email address, and phone number.
• Billing data: Information required to issue quotes and invoices.
• Configuration data (Encrypted): API keys and access tokens for your software (CRM, email, etc.) necessary for the automations to function.
• Execution Logs (Temporary): Technical error and request logs generated by the server to monitor the proper functioning of your workflows and resolve any potential bugs.

3. Use of Artificial Intelligence and your data

Our automations utilize cutting-edge Large Language Models (LLMs) such as OpenAI (ChatGPT), Anthropic (Claude), or Google Gemini. We make firm commitments regarding the use of these AI models:

• Zero training (No Training): Professional data that passes through our automations or comes from third-party integrations is NEVER used to develop, improve, or train public or private artificial intelligence models.
• Real-time processing: Third-party data is processed by AI providers strictly in real-time to execute your immediate requests, and is not retained by these providers beyond the time necessary for processing.

4. Specific clause for Google Workspace APIs

Flow Synapse strictly complies with the privacy requirements for data accessed via Google APIs (Gmail, Drive, Calendar, Docs, Sheets, etc.).

We assure you that all data obtained through these APIs is used exclusively to provide and execute the automations you have approved. Specifically, we do not use any user data obtained via Google Workspace APIs to train generalized artificial intelligence (AI) and/or machine learning (ML) models.

5. Retention periods

Your data is kept for periods proportional to the purposes for which it was collected:

• Professional contact and billing details: Retained for the duration of our commercial relationship, then archived for legal prescription periods (typically 5 to 10 years for accounting purposes).
• API keys and software access: Immediately deleted and revoked upon termination of the contract or cessation of automations.
• Technical logs (data in transit): Retained temporarily (typically between 7 and 30 days maximum) for strict debugging and security purposes, then destroyed.

6. Security and protection

As the sole developer and administrator of Flow Synapse, I am the only person with access to the server infrastructure. Your data is never shared, sold, or transferred to third-party marketing providers.

• The VPS server is protected by strict firewalls, individual SSH keys, and secure connection protocols.
• All data flows are transmitted via encrypted protocols (HTTPS/TLS).

7. Do we use cookies?

We guarantee that we do not use any intrusive advertising or statistical cookies in the operation of our showcase website. We only use technical cookies that are strictly necessary for navigation and security.

8. Your Rights (GDPR & CCPA Compliance)

Depending on your location (such as the European Economic Area or California), you have full control over your information under regulations like the GDPR and CCPA:

• Right to access / Right to know: You can request a copy of the personal data we hold about you.
• Right to rectification: You can correct inaccurate or outdated information.
• Right to erasure ("Right to be forgotten"): You can request the deletion of your personal data.
• Right to portability and restriction: You can retrieve your data or temporarily suspend its processing.
• Right to opt-out: We do not sell your personal data to third parties.

To exercise these rights or for any questions regarding the security of your automated processes, you can contact me directly at the following address: flowsynapse@gmail.com. I am committed to processing your request as quickly as possible.