Privacy
Policy

Data Protection Guidelines // SaaS Platform

Effective DateApril 2026

We respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

01

Who We Are

TechFlow Solutions OÜ (“we”, “us”, “our”) provides a Software-as-a-Service (SaaS) platform.

  • »For personal data collected via our website, subscriptions, and support, we act as a Data Controller.
  • »For data processed within our platform on behalf of customers, we act as a Data Processor.
02

Data We Collect

A. Information you provide

  • -Name, email address, company name
  • -Account credentials
  • -Billing and payment details
  • -Support communications

B. Automatically collected data

  • -IP address
  • -Device and browser information
  • -Usage logs and interactions

C. Customer data (processed on behalf of clients)

  • -Any data uploaded, stored, or managed by customers within the platform
03

How We Use Data

We process personal data to:

  • »Provide and maintain our SaaS service
  • »Manage accounts and subscriptions
  • »Process payments
  • »Provide customer support
  • »Improve performance, reliability, and security
  • »Send service-related communications
  • »Send marketing communications (only with consent where required)
04

Legal Basis for Processing

We rely on:

  • »Contract performance – to deliver the service
  • »Legal obligations – e.g., tax and compliance
  • »Legitimate interests – security, analytics, service improvement
  • »Consent – marketing and cookies where applicable
05

Data Sharing

We do not sell personal data. We may share personal data with trusted third-party service providers (“subprocessors”) where necessary to operate our SaaS platform, including:

Hosting & Infrastructure Providers

We use Vercel, Render, and Supabase to host our application, databases, and backend services.

Payment Processing

Payments are securely processed via Stripe. We do not store full payment card details on our systems.

Analytics & Monitoring

We may use analytics and logging tools to understand platform usage and ensure system reliability.

Customer Support Tools

We may use third-party platforms to manage and respond to support requests.

All third-party providers are contractually bound by data protection agreements and process data only on our instructions where applicable.

06

International Transfers

Some of our service providers may process personal data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as:

  • »Standard Contractual Clauses (SCCs)
  • »Equivalent legal transfer mechanisms in compliance with GDPR
07

Data Retention

We retain personal data only as long as necessary:

  • »Account data: duration of the contract plus a limited retention period
  • »Billing data: as required by applicable law
  • »Customer data: as instructed by the customer or until account termination
08

Security

We implement appropriate technical and organizational measures, including:

  • »Encryption in transit (TLS) and at rest where applicable
  • »Access controls and authentication mechanisms
  • »Monitoring, logging, and incident response procedures
09

Your Rights (GDPR)

You have the right to:

  • »Access your personal data
  • »Correct inaccurate data
  • »Request deletion
  • »Restrict or object to processing
  • »Request data portability
  • »Withdraw consent at any time

If your data is processed by us on behalf of a customer, you should contact that customer directly. We will assist our customers where required.

10

Cookies

We use cookies and similar technologies for:

  • »Essential functionality
  • »Analytics
  • »(Optional) marketing

You can manage your preferences via our cookie banner.

11

Data Breaches

We maintain procedures to detect, investigate, and respond to personal data breaches. Where required, we will notify affected users and relevant authorities without undue delay.

12

Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

13

Contact

For privacy-related inquiries, please contact our administrative node:

  • »Company: TechFlow Solutions OÜ
  • »Address: Tallinn, Estonia (Enterprise Registry: 12345678)
  • »Email: support@techflowsolutions.eu
End of DocumentInternal Reference: TF-PRV-01