Privacy
Privacy Policy
1. Controller
Controller within the meaning of the General Data Protection Regulation (GDPR):
Bastian Probian
Götensberg 16
21039 Escheburg
Germany
Email: info@flowtig.com
Imprint: https://flowtig.com/imprint
2. General information on data processing
We process personal data exclusively in accordance with the legal requirements of the General Data Protection Regulation (GDPR) and other applicable data protection laws.
Processing takes place only insofar as this is necessary to provide our website, our services, or to fulfil contractual obligations.
3. Hosting & infrastructure
Our website and the Flowtig platform are hosted on servers operated by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
Data processing takes place within the European Union. A data processing agreement pursuant to Art. 28 GDPR has been concluded with the hosting provider.
4. Use of the website
When accessing our website, server log files are automatically collected by the web server, such as IP address, date and time, or the accessed page.
This data is used exclusively for technical provision, security, and stability of the website and is not used to create user profiles.
5. Registration & user account
When registering a user account, we process the data you provide, such as name, email address, and access credentials, in order to grant access to the Flowtig platform.
Processing is carried out for the performance of the user agreement pursuant to Art. 6 para. 1 lit. b GDPR.
6. Use of Flowtig apps
Within the Flowtig platform, users process personal data as part of the applications they use, such as time tracking, invoicing, or project management.
This data belongs to the respective customer and is processed by us exclusively for providing the platform and the agreed functionalities.
Where we process personal data on behalf of our customers, this is done as a processor pursuant to Art. 28 GDPR. The data is not used for our own purposes.
The data of individual customers is technically separated.
7. Email communication
For sending transactional emails such as registration, password reset, or notifications, we use the service Mailjet, Mailjet SAS, 13–13 bis, rue de l’Aubrac, 75012 Paris, France.
Processing is carried out on the basis of a data processing agreement pursuant to Art. 28 GDPR.
8. Payment processing
For payment processing, we handle billing-related data. Depending on the selected payment method, processing is carried out via bank transfer, direct debit, or PayPal.
For payments via PayPal, the privacy policy of the respective payment service provider applies.
9. Protection against abuse
To protect our registration and password reset processes against automated access, we use Google reCAPTCHA v3 provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA v3 analyses user behaviour, such as IP address, mouse movements, or time spent, to detect automated requests.
Processing is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in ensuring the security of our platform.
Further information can be found in Google’s privacy policy at https://policies.google.com/privacy.
10. Rights of data subjects
Data subjects have the right to access, rectification, erasure, restriction of processing, and data portability pursuant to Art. 15 to 20 GDPR.
In addition, there is a right to object pursuant to Art. 21 GDPR and a right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.
11. Changes to this privacy policy
We reserve the right to amend this privacy policy to reflect changes in legal requirements or new features of the platform.