FlowDraw

Privacy & Policy

Effective Date: December 12, 2025

Bytek LLC ("Bytek," "we," "our," or "us") respects your privacy. This Policy describes what information we collect when you register for and use the FlowDraw website, web/mobile apps, APIs, and related services ("FlowDraw" or the "Service"), why we collect it, and how we protect it. By creating an account or using FlowDraw, you acknowledge that you have read and understood this Policy.

1. What We Collect

We gather the minimum data required to let you register, log in, and collaborate:

  • Account details: your email address and a hashed password. Display name is optional.
  • Billing information (Pro/Team plans only): card type and last four digits, billing address, and tax details. Full card numbers are never stored on our servers; our payment processor (Stripe) handles them.
  • Service metadata: generic IP address, browser and device type, timestamps, and crash logs that help us secure and maintain FlowDraw.
  • User content: the diagrams, prompts, comments, and file names you create or upload. Content is encrypted at rest so only you and your invited collaborators can access it.

No model training: Your diagrams and prompts are never used to train or fine-tune any machine-learning model.

2. Cookies and Local Storage

We use only first-party, essential cookies or secure local-storage tokens to:

  • Keep you signed in;
  • Protect against CSRF and other security threats.

We do not use third-party, advertising, or cross-site tracking cookies.

3. How We Use Your Information

We process the information listed above solely to:

  1. Operate, maintain, and improve the Service;
  2. Authenticate users and protect accounts;
  3. Enable collaboration features such as sharing and comments;
  4. Process payments and send invoices (for paid plans);
  5. Detect, investigate, and prevent fraud, spam, or abuse;
  6. Comply with legal obligations such as tax and accounting rules.

We do not profile you, show behaviour-based ads, or sell your data.

4. When We Share Information

We share data only with:

  • Service providers that host our infrastructure, store encrypted backups, offer customer-support tools, or process payments. All are bound by strict confidentiality and security duties.
  • Collaborators you explicitly invite to view, comment on, or edit your diagrams. Access is limited by role-based permissions.
  • Law-enforcement or regulatory bodies if required by law or court order. We will notify you unless legally forbidden.

We never sell, rent, or otherwise disclose your personal information to advertisers.

5. Data Retention

  • Account and billing records: We keep your account profile, authentication tokens, and billing details only until you delete your account or cancel your subscription. Once a deletion request is confirmed, the data is removed from our primary database usually within minutes and no copies remain elsewhere.
  • User content (flowcharts, attachments, comments): Your diagrams are stored until you actively delete them or close your account. Deletion happens immediately and is irreversible, as FlowDraw maintains no backup system.
  • Service logs and metadata: Basic system logs (IP address, error codes, timestamps) are used solely for security and troubleshooting. Logs are anonymised and automatically purged within 30 days.

6. Security Measures

We protect your information with:

  • TLS encryption in transit and AES-256 encryption at rest;
  • Zero-trust, least-privilege access controls;
  • Automated monitoring and regular penetration tests;
  • Password hashing with Argon2;
  • An isolated production network managed as code.

Despite these safeguards, no system is perfectly secure. Please keep your credentials confidential and notify us immediately if you suspect any unauthorised use.

7. Your Rights and Choices

You may, at any time:

  • Access, correct, or delete your account data via Settings;
  • Export diagrams as SVG, PNG, or other formats;
  • Delete individual diagrams or your entire account (this is irreversible);
  • Opt out of non-essential emails by clicking "Unsubscribe."

Residents of the EEA/UK, California, and similar jurisdictions may also request data portability, restriction or objection to processing, and other rights provided by local law. Email legal@bytek.org to exercise any of these rights, we will first verify your identity.

8. International Data Transfers

Data is stored mainly in the United States. When we transfer data across borders, we rely on legally recognised safeguards such as the EU Standard Contractual Clauses or equivalent mechanisms.

9. Children's Privacy

FlowDraw is not directed to children under 13. We do not knowingly collect data from them. If you learn that a child has provided personal information, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Policy to reflect new features or legal requirements. If changes are material, we will:

  1. Post the revised Policy with a new "Effective Date," and
  2. Provide reasonable advance notice, for example via email or an in-app banner.

Continuing to use FlowDraw after the notice period means you accept the updated Policy.

11. Contact

Questions about these Terms?

Bytek LLC

1111B S Governors Ave STE 28322

Dover, DE 19904, USA

Email: legal@bytek.org

 

Privacy is built into FlowDraw by design: we collect only what we must to let you register, log in, and store your diagrams and we never use those diagrams to train AI.