Privacy
Policy.
Who we are
Flōu is a personal task manager built for web, iOS, and Android. This policy explains what data we collect, why we collect it, and how we handle it. We believe in plain language — if something is unclear, email us at flou@darshil.tech.
What we collect
Information you give us directly
- 01.Your name and email address when you create an account.
- 02.Tasks, notes, subtasks, and any other content you add to Flōu.
- 03.Account preferences and settings you configure.
Information collected automatically
- 01.Device type, operating system, and browser version.
- 02.App version and feature usage patterns (e.g. which parts of the app you use most).
- 03.Crash reports and error logs when something goes wrong.
- 04.IP address and approximate location (country or city level only).
Information from third-party services (Pro users)
If you connect Google Calendar or Microsoft Outlook, we access only your calendar events — we do not read your emails, contacts, or any other data from those accounts. You can disconnect either integration at any time from Settings.
What we do not collect
- We do not read the content of your tasks to serve you advertising.
- We do not sell your data to anyone, ever.
- We do not build advertising profiles.
- We do not use third-party ad networks inside Flōu.
How we use your data
We use it to:
- • Provide the Flōu service
- • Sync tasks in real time
- • Send your set reminders
- • Transactional emails
- • Fix bugs & crashes
- • Improve product usage
We do NOT use it to:
- • Targeted advertising
- • Share with marketers
- • Train AI models (unconsented)
Data storage and security
Your data is stored using Google Firebase, with servers located in the Mumbai region (asia-south1), India.
All data is encrypted in transit using TLS and encrypted at rest using AES-256 encryption, in line with Google Cloud's security standards. Firebase is operated by Google LLC and is compliant with ISO 27001, SOC 1, SOC 2, and SOC 3 certifications.
We retain data only as long as your account is active. Deletion occurs within 30 days of request.
Your rights
Depending on where you live, you have specific legal protections:
Users in India (DPDPA 2023)
Your rights are governed by the Digital Personal Data Protection Act, 2023. You have the right to access, correct, and erase your personal data, and to nominate a representative to exercise these rights on your behalf.
EEA & UK (GDPR)
Your rights include data portability and the right to lodge a complaint with your local supervisory authority.
* Export features available for Pro users in Settings.
Third-party services
| Service | Purpose | Provider |
|---|---|---|
| Firebase | Auth, Firestore, Messaging | Google LLC |
| Firebase Hosting | Web App Delivery | Google LLC |
| Google Calendar API | Calendar Sync (Pro) | Google LLC |
| Microsoft Graph API | Outlook Sync (Pro) | Microsoft Corp. |
Cookies
Flōu uses a small number of essential cookies to keep you logged in and to maintain your session. We do not use tracking or analytics cookies, hence no cookie banners are required.
Children
Flōu is not directed at children under 13. We do not knowingly collect data from anyone under 13.
Changes to this policy
If we make material changes, we will notify you by email. Continued use means acceptance of the updated policy.
Contact
For inquiries under DPDPA or GDPR:
We aim to respond to all privacy requests within 30 days.