Effective Date: May 2, 2026
Last Updated: May 6, 2026
FlowSync (“we,” “our,” or “us”) respects your privacy and is committed to protecting the personal information of visitors to our website (flowsync.site) and users of our WordPress plugin. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.
1. Information We Collect
Website Visitors
When you visit our marketing site, we may collect:
- Usage data: IP address, browser type, operating system, pages visited, time spent on pages, referral sources, and click patterns. This is collected via analytics tools and server logs.
- Contact information: Name, email address, and message content when you submit our support form or contact us directly.
- Purchase data: Billing name, email address, and payment confirmation details when you buy a license. We do not store full credit card numbers — all payment processing is handled by our payment provider.
Plugin Users
FlowSync is a WordPress plugin installed on your own server. As such:
- We do not access your WordPress site data. The plugin operates entirely within your WordPress installation. We cannot see your users, orders, workflows, or any content from your site.
- License validation: The plugin communicates with our licensing server to verify your license key. This transmission includes only your site URL and license key. No user data or workflow data is transmitted.
- Error reporting (optional): If you enable diagnostic reporting, the plugin may send anonymized error logs to help us fix bugs. This does not include personal data from your site.
2. How We Use Your Information
We use the collected information to:
- Provide, maintain, and improve the FlowSync plugin and website
- Process license purchases and deliver download links
- Respond to support requests sent to [email protected]
- Send transactional emails (purchase receipts, license renewals, critical security updates)
- Analyze website usage to improve our marketing and documentation
- Detect and prevent fraud or abuse of our licensing system
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3. Data Storage and Security
- Website data is stored on secure servers managed by our hosting provider. We implement industry-standard security measures, including SSL encryption, access controls, and regular backups.
- Plugin data remains on your WordPress server. We have no access to it. You are responsible for securing your own WordPress installation, database, and backups.
- Payment data is processed by our payment provider (e.g., Stripe or Paddle). We retain only confirmation records, not payment instrument details.
4. Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Payment Processor | License purchases | Billing name, email, payment confirmation |
| Email Service | Transactional emails | Email address, purchase details |
| Analytics | Website usage analysis | Anonymized browsing behavior |
| Hosting | Website infrastructure | Server logs, IP addresses |
Each third party operates under its own privacy policy. We select providers with strong privacy and security commitments.
5. Cookies and Tracking
Our website uses:
- Essential cookies: Required for site functionality (shopping cart, license management)
- Analytics cookies: Help us understand how visitors use our site. You can disable these via your browser settings.
- No advertising cookies: We do not run ads and do not use retargeting or behavioral tracking for marketing.
6. Your Rights
Depending on your location, you may have rights to:
- Access the personal information we hold about you
- Correct inaccurate or incomplete information
- Delete your personal information (subject to legal retention requirements)
- Object to certain processing activities
- Withdraw consent where processing is consent-based
- Data portability — receive your data in a structured format
To exercise these rights, email [email protected]. We will respond within 30 days.
7. Data Retention
We retain personal information only as long as necessary:
- License records: Retained for 7 years for tax and accounting compliance
- Support emails: Retained for 2 years to maintain context for ongoing issues
- Analytics data: Retained for 26 months, then aggregated or deleted
- Inactive licenses: After license expiration, contact data is retained for 1 year for renewal notices, then deleted unless you request earlier removal
8. Children’s Privacy
FlowSync is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact [email protected] and we will delete it promptly.
9. International Data Transfers
We operate primarily in the United States. If you access our site from outside the US, your information may be transferred to, stored, and processed in the US. We ensure appropriate safeguards are in place for such transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. For significant changes, we will notify active license holders via email.
11. Google API Services Data
FlowSync allows site administrators to connect their WordPress site to Google Sheets so workflow data can be added to, read from, or cleared from spreadsheets selected by the site administrator.
Google Data FlowSync Accesses
When you connect Google Sheets, FlowSync may request access to:
- Google Drive metadata, including spreadsheet file IDs and spreadsheet names, so FlowSync can show you the spreadsheets available in your Google Drive.
- Google Sheets data, including spreadsheet tabs, header rows, and row values, so FlowSync can append workflow data to selected sheets or clear matching rows when configured by you.
- OAuth authorization data, including access tokens, refresh tokens, token expiration times, and granted scopes, so your WordPress site can stay connected to Google Sheets.
FlowSync requests the following Google API scopes:
https://www.googleapis.com/auth/drive.metadata.readonlyhttps://www.googleapis.com/auth/spreadsheets
How FlowSync Uses Google Data
FlowSync uses Google user data only to provide the Google Sheets integration features that you choose to enable, including:
- Listing available Google Sheets spreadsheets in your Drive.
- Listing sheets/tabs within a selected spreadsheet.
- Reading the header row of a selected sheet so you can map WordPress workflow fields to Google Sheets columns.
- Appending workflow contact or event data to selected Google Sheets rows.
- Clearing rows from a selected sheet when you configure a workflow action to do so.
- Maintaining the Google Sheets connection through OAuth token refresh.
FlowSync does not use Google user data for advertising, retargeting, personalized advertising, credit decisions, data brokerage, or any unrelated purpose. FlowSync does not sell Google user data.
How Google Data Is Stored
OAuth tokens for the Google Sheets integration are stored in the connected WordPress site’s WordPress database. FlowSync may also temporarily cache spreadsheet metadata, sheet names, and header rows on the connected WordPress site to improve integration speed and reliability.
FlowSync’s OAuth service at oauth.flowsync.site helps complete the Google OAuth authorization and token refresh process. It processes OAuth authorization codes and refresh requests so your WordPress site can connect to Google, but FlowSync does not use Google user data for any purpose other than providing and maintaining the Google Sheets integration.
How Google Data Is Shared
FlowSync does not sell, rent, or share Google user data with advertisers, data brokers, or unrelated third parties.
Google data may be processed by FlowSync only as needed to provide the Google Sheets integration, maintain security, troubleshoot issues, comply with legal obligations, or operate the service infrastructure. Human access to Google user data is limited and occurs only with your permission for support, security purposes, or where required by law.
Limited Use Disclosure
FlowSync’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Your Controls
You can disconnect Google Sheets from FlowSync at any time from the FlowSync integration settings in your WordPress admin area. Disconnecting removes the stored OAuth connection data from your WordPress site. You may also revoke FlowSync’s access from your Google Account permissions page.
If you delete FlowSync from your WordPress site or delete the Google Sheets integration settings, locally stored OAuth tokens and related integration settings are removed according to the plugin’s data deletion behavior and your WordPress site configuration.
Changes to Google Data Use
If FlowSync changes how it accesses, uses, stores, or shares Google user data, we will update this Privacy Policy and provide notice where required before using Google user data in a new way.
12. Contact Us
For privacy-related questions, data requests, or concerns:
Email:[email protected]
We take privacy seriously and will work with you to resolve any issues promptly.