Privacy Policy
Last modified: December 3rd, 2025
PRIVACY POLICY
INTRODUCTION
Autoflow ("Company," "we," "us," or "our") is committed to safeguarding your privacy. This Privacy Policy outlines how we collect, use, protect, and disclose your personal information ("Personal Data") when you access our platform at https://autoflowfleet.com, https://getautoflow.io, or use any of our associated services (collectively, the "Services"). This Privacy Policy applies only to information collected through our Services and not to information collected elsewhere.
Please read this Privacy Policy carefully to understand our practices regarding your Personal Data.
DATA CONTROLLER
The data controller for your Personal Data is Autoflow.
You may contact us regarding this Privacy Policy at:
Email: contact@getautoflow.io
TYPES OF PERSONAL DATA WE COLLECT
We may collect the following categories of Personal Data directly from you or automatically when you use our Services:
1. Data You Provide
Contact Information: Email address, phone number (optional)
Account Information: Username, password, and digital wallet address (if applicable)
Communication Data: Contents of messages sent to us
Integration Data: When connecting external accounts (such as Google Calendar), we collect permissions and metadata necessary for the integration
2. Data Collected Automatically
Technical Data: IP address, browser type, device information, operating system, and configuration
Usage Data: Date/time of visits, pages viewed, features used, interactions
Location Data: Approximate geographic location derived from IP address
We use cookies and tracking technologies as described in our Cookie Policy.
GOOGLE USER DATA & CALENDAR INTEGRATION
Autoflow integrates with Google services to provide calendar synchronization. When you connect your Google account, we access only the minimum data required for this functionality.
1. Google User Data Usage
We access Google Calendar data solely for the following:
Syncing your Autoflow bookings with Google Calendar
Displaying availability inside Autoflow
Creating Autoflow-generated events
Ensuring accurate scheduling across devices
We only access:
Calendar IDs
Event start/end times
Autoflow-generated event content
Calendar metadata required for sync
We do not:
Access or store unrelated calendar events
Use Google data for advertising or analytics
Sell or share Google user data
Our use complies with the Google API Services User Data Policy and Limited Use Requirements.
2. Google User Data Sharing
Autoflow does not share Google Calendar data with third parties except:
Trusted service providers supporting core functionality (e.g., hosting)
Legal authorities when required by law
To protect platform integrity or prevent fraud
Google user data is never disclosed for marketing, advertising, or analytics.
3. Data Storage & Protection (Google Data)
We store Google integration data using industry-standard security:
Encrypted storage
Encrypted transmission (HTTPS/TLS)
OAuth token encryption
Strict access controls
Regular internal audits
We store only:
OAuth tokens
Calendar identifiers
Autoflow-generated event metadata
We do not store the full content of your Google Calendar.
4. Data Retention & Deletion (Google Data)
We retain Google integration data only while your Google account remains connected.
When you disconnect Google Calendar:
All OAuth tokens are deleted
All calendar sync metadata is removed
Autoflow immediately loses access to your Google user data
If you request deletion of your Autoflow account, all Google-related data will be deleted within 30 days, unless legal obligations require retention.
5. User Control & Consent
You may remove Autoflow's access to Google at any time:
Through Autoflow account settings
Through Google Account permissions: https://myaccount.google.com/permissions
Connecting Google Calendar is fully optional.
PURPOSES FOR PROCESSING YOUR PERSONAL DATA
Purpose
Legal Basis
To provide and personalize the Services
Contract performance
To respond to inquiries and maintain your account
Legitimate interests
To improve our Services and internal analytics
Legitimate interests
To ensure platform security
Legitimate interests / legal obligations
To comply with legal obligations
Legal compliance
To send marketing communications
Consent or legitimate interests
DISCLOSURE OF PERSONAL DATA
We may share Personal Data with:
Service Providers (hosting, analytics, cloud storage, payment processing)
Business Partners (for integrations or collaborations)
Legal Regulators (when required by law)
Professional Advisors (legal, financial, technical)
Corporate Transaction Parties (mergers, acquisitions, reorganizations)
Parties You Authorize
We do not sell Personal Data.
COOKIES AND TRACKING TECHNOLOGIES
We use cookies and similar technologies to improve user experience, analyze performance, and running essential platform functions.
You may disable cookies in your browser, but this may limit functionality.
YOUR CHOICES
1. Marketing Communications
You may unsubscribe anytime using the link in our emails or by contacting us.
2. Cookies
Disable cookies through browser settings. Some features may not work correctly without cookies.
DATA RETENTION
We retain Personal Data only as long as needed for:
Service operation
Security
Legal compliance
Retention length depends on data type, sensitivity, and legal requirements.
SECURITY MEASURES
We implement technical and organizational measures to protect Personal Data from unauthorized access, use, and disclosure.
However, no internet transmission is fully secure.
THIRD-PARTY WEBSITES
We are not responsible for the privacy practices of third-party sites linked from our Platform.
CHILDREN’S DATA
Our Services are not intended for individuals under 13.
We do not knowingly collect data from children.
If discovered, we delete such data immediately.
DO NOT TRACK SIGNALS
Our Platform does not respond to “Do Not Track” signals due to the absence of industry standards.
INTERNATIONAL DATA TRANSFERS
If you access our Services from outside the United States, your data may be transferred and processed in the U.S. or other jurisdictions.
We use safeguards such as Standard Contractual Clauses when required.
RIGHTS FOR EEA, SWITZERLAND, AND UK RESIDENTS
If you are located in the EEA, Switzerland, or the UK, you have the following rights under GDPR and equivalent laws:
1. Right of Access
Request confirmation of whether we process your Personal Data and receive a copy of such data.
2. Right to Rectification
Request correction of inaccurate or incomplete Personal Data.
3. Right to Erasure ("Right to Be Forgotten")
Request deletion of your Personal Data where:
It is no longer needed
You withdraw consent (where applicable)
You object to processing and no overriding legitimate grounds exist
Processing is unlawful
4. Right to Restrict Processing
Request we limit processing of your Personal Data under certain circumstances.
5. Right to Data Portability
Receive your Personal Data in a structured, machine-readable format and transmit it to another controller.
6. Right to Object
Object to processing based on legitimate interests, including profiling.
7. Right to Withdraw Consent
If processing is based on consent, you may withdraw it at any time.
8. Right to Lodge a Complaint
File a complaint with your local data protection authority.
To exercise your rights, contact: contact@getautoflow.io
RIGHTS FOR CALIFORNIA RESIDENTS (CCPA/CPRA)
If you are a California resident, you may:
1. Request to Know
Ask for details about:
The categories of Personal Data collected
The sources of that data
The purposes for collection
The categories of third parties we share data with