Privacy Policy

Last updated: May 25, 2026

1. Introduction

This Privacy Policy explains how EngageFlow ("we", "our", "us") collects, uses, stores, and protects personal data when you visit engageflow.tech, join our waitlist, contact us, or use EngageFlow services.

We aim to collect only the data needed to operate the product, support customers, secure the service, and improve EngageFlow.

2. Data We Collect

• Account and contact data, such as name, work email, company name, role, and support messages.
• Product usage data, such as feature usage, device type, operating system, application version, logs, and diagnostic events.
• Billing and subscription data, handled by our payment providers where applicable.
• Customer-provided workspace data, such as connected account metadata, knowledge base content, message drafts, prompts, and configuration settings.
• Website data, such as IP address, browser type, referral source, pages visited, and essential cookie status.

3. How We Use Data

• To provide, operate, secure, and maintain EngageFlow.
• To generate AI-assisted drafts, translations, summaries, analytics, and workflow suggestions requested by users.
• To respond to support requests and communicate service updates.
• To prevent abuse, fraud, unauthorized access, and security incidents.
• To understand product performance and improve reliability, usability, and customer experience.
• To comply with legal, tax, accounting, and regulatory obligations.

4. AI Processing

EngageFlow may process user-provided text, message context, language settings, and connected workspace data through AI infrastructure providers such as Google Cloud/Vertex AI to produce requested outputs.

• AI outputs are suggestions and should be reviewed by the user before sending to third parties.
• We do not sell customer message data.
• We do not intentionally use one customer's private message content to train models for another customer.
• Some processing may occur outside your country, subject to appropriate contractual and technical safeguards.

5. Legal Bases

Where UK GDPR or EU GDPR applies, we rely on one or more of the following legal bases: performance of a contract, legitimate interests, consent, and compliance with legal obligations.

6. Service Providers

We may use trusted providers for hosting, AI infrastructure, authentication, analytics, payments, email delivery, error monitoring, and customer support. These providers process data only as needed to deliver their services to us.

7. Data Retention

We keep personal data only for as long as reasonably necessary for the purposes described above. Account records are normally retained while the account is active and for a limited period after closure. Security logs, billing records, and legal records may be retained longer where required.

8. Security

We use reasonable technical and organizational safeguards, including encryption in transit, access controls, least-privilege practices, secure cloud infrastructure, and monitoring. No online service can be guaranteed to be completely secure.

9. International Transfers

Your data may be processed in the United Kingdom, European Economic Area, United States, or other locations where our providers operate. Where required, we use appropriate safeguards such as Standard Contractual Clauses or equivalent transfer mechanisms.

10. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, withdraw consent, or request portability of your personal data. You can contact us at founder@engageflow.tech to exercise these rights.

11. Cookies

Our website uses essential cookies and local storage needed for site functionality, such as language, theme, and cookie consent preferences. If analytics or marketing cookies are added later, we will update this policy and request consent where required.

12. Children's Privacy

EngageFlow is not intended for children under 16, and we do not knowingly collect personal data from children.

13. Changes

We may update this Privacy Policy from time to time. Material changes will be posted on this page and, where appropriate, communicated by email or in-product notice.

14. Contact