FlowlyBack to home

Privacy Policy

1. Information We Collect

When you use Flowly, we may collect the following information:

1.1 Account Information

  • Name, username, and email address
  • Information returned by Google or LINE when social login is used

1.2 Business Information

  • Business name, address, tax ID, and VAT number
  • PromptPay ID and phone number

1.3 Document Information

  • Quotations, invoices, receipts, and tax invoices
  • Customer records, products or services, and expense data

1.4 Payment Information

  • Payment history processed through Omise
  • We do not store raw credit card details directly; Omise handles encryption and storage

1.5 Usage Information

  • IP address, user agent, and access timestamps
  • Collected only for security and service improvement purposes

2. How We Use Information

  • To provide the services you request, including document creation, tax calculations, and emails
  • To verify identity and keep accounts secure
  • To process payments
  • To send essential notices such as overdue reminders or plan expiration alerts
  • To improve the product

3. Sharing of Information

We do not sell personal data. We only share information with:

  • Omise for payment processing
  • SendGrid for email delivery
  • Google OAuth or LINE Login for authentication
  • Government authorities when required by law

4. Security

  • Passwords are hashed with bcrypt
  • HTTPS is used for all connections
  • Session cookies are marked httpOnly to reduce XSS risk
  • Card information is encrypted by Omise under PCI DSS standards

5. Your Rights

Users may request access, correction, export, or deletion of their information. Contact support@flowly-hub.com to exercise these rights.

6. Cookies

We use two categories of cookies:

6.1 Managing Cookies

On your first visit, a banner lets you accept or reject non-essential cookies. To change your choice later, clear your browser's localStorage so the banner appears again.

  • Essential cookies: required for authentication sessions and security. These cannot be disabled as they are necessary for the service to function.
  • Analytics cookies: used to understand product usage and improve the service. You may reject these via the cookie consent banner.

7. Data Retention

We keep data while an account remains active. After service stops, data may be retained for 90 days before permanent deletion.

8. Policy Changes

We may update this policy from time to time and will notify users by email or in-app notice before material changes take effect.

9. Contact

If you have questions about this privacy policy, contact support@flowly-hub.com.