Back

Flowra Application Privacy Policy

Last Updated: September 22, 2025

This Privacy Policy outlines our policies and procedures on the collection, use, and disclosure of your information when you use the Flowra service. It also informs you about your privacy rights and how we handle your data.

By using the Service, you agree to the collection and use of information as described in this policy.

Interpretation and Definitions

The words with capitalized initial letters have meanings defined under the following conditions. The following definitions have the same meaning regardless of whether they appear in singular or in plural.

For the purposes of this Privacy Policy:

  • Account means a unique account created for you to access our Service.
  • Application refers to the Flowra software program provided by the Company.
  • Company (referred to as “the Company,” “We,” “Us,” or “Our”) refers to Hansab IT Solutions OÜ, located at Keevise 11, Tallinn 11415, Estonia.
  • Country refers to Estonia.
  • Device means any device that can access the Service, such as a computer, mobile phone, or digital tablet.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Service refers to the Application.
  • Service Provider means any natural or legal person who processes data on behalf of the Company. This includes third-party companies or individuals employed by the Company to facilitate the Service, provide the Service, perform services related to the Service, or assist us in analyzing how the Service is used.
  • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (e.g., the duration of a page visit).
  • You refers to the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service.

Data Controller and Data Processor

Please note: The Flowra application is a business-to-business (B2B) solution. This means we act as a data processor on behalf of our business customers, who are the data controllers. The business customer (your employer or organization) is responsible for the collection, management, and deletion of your personal data.

If you have any questions or requests regarding your personal data, such as access, correction, or deletion, you must contact your employer or the organization that provided you with access to the Flowra Service. We will only act on instructions from them.

Collecting and Using Your Personal Data

Types of Data We Collect

While using our Service, we may collect the following types of information:

Personal Data Depending on the features enabled by your organization, we may collect personally identifiable information you provide, which may include:

  • Email address
  • First name and last name
  • Geographic location (collected with your prior permission)
  • Phone number

Usage Data Usage Data is collected automatically when you use the Service. This may include information such as your device’s Internet Protocol (IP) address, browser type and version, the pages of our Service you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

When you access the Service via a mobile device, we may also collect information like the type of mobile device, your mobile device’s unique ID, your mobile operating system, and the type of mobile internet browser you use.

Information Collected from Your Device With your prior permission, we may collect information regarding your location to enable features of the Service. This information may be stored locally on your device or uploaded to our servers and/or our Service Provider’s servers. You can enable or disable location access at any time through your device settings.

How We Use Your Personal Data

We use the data we process on behalf of your organization for the following purposes:

  • To provide and maintain our Service: This includes monitoring the usage of the Service.
  • To manage your Account: To manage your registration as a user of the Service, giving you access to its functionalities.
  • To perform a contract: For the development, compliance, and undertaking of a contract with us.
  • To contact you: To communicate with you via email, phone calls, SMS, or push notifications regarding updates or informative communications related to the Service.
  • To manage your requests: To handle and manage any requests you submit to us.
  • For business transfers: Your information may be used to evaluate or conduct a merger, divestiture, or other sale or transfer of our assets, where your data is one of the transferred assets.
  • For other purposes: We may use your information for data analysis, identifying usage trends, and evaluating and improving our Service.

Sharing Your Personal Information

We may share your personal information with the following parties, based on instructions from your organization:

  • With Service Providers: We may share your information with third-party companies that monitor and analyze the use of our Service.
  • For business transfers: We may share or transfer your personal information in connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • With Affiliates: We may share your information with our affiliates, requiring them to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies we control or are under common control with us.
  • With business partners: We may share your information with our business partners to offer you specific products, services, or promotions.
  • With other users: If you share personal information in public areas of the Service, this information may be viewed by other users and may be publicly distributed.

Retention and Deletion of Your Personal Data

We will retain your Personal Data for as long as is necessary to provide the Service to your organization and to comply with legal obligations.

As a data processor, we will delete or return your data to your organization once our business relationship ends or when instructed to do so by your organization. You must direct any requests for data deletion to your employer or the organization that provided you with access to the Service.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. This means your data may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

We will take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place to an organization or a country unless adequate controls are in place, including the security of your data and other personal information.

Disclosure of Your Personal Data

We may be required to disclose your Personal Data under certain circumstances:

  • Business Transactions: If the Company is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
  • Law Enforcement: We may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities.
  • Other Legal Requirements: We may disclose your Personal Data in the good faith belief that such action is necessary to:
    • Comply with a legal obligation
    • Protect and defend the rights or property of the Company
    • Prevent or investigate possible wrongdoing
    • Protect the personal safety of Service users or the public
    • Protect against legal liability

Security of Your Personal Data

While we use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. Remember that no method of transmission over the Internet or electronic storage is 100% secure.

Children’s Privacy

Our Service is not intended for anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under 13. If you are a parent or guardian and are aware that your child has provided us with Personal Data, please contact your employer or the organization that provided you access to the Service.

Links to Other Websites

Our Service may contain links to other websites not operated by us. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will also update the “Last Updated” date at the top of this policy. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: itinfo@hansab.ee