Privacy Policy

Last updated: March 2026

1. Information We Collect

When you use StreamFlows, we collect information you provide directly, including your name, email address, and organization details when you create an account. We also collect usage data such as pipeline configurations, sync metrics, and error logs to operate and improve the service.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve StreamFlows
• Process your data sync operations
• Send transactional emails (run notifications, account updates)
• Respond to support requests
• Monitor service health and performance

3. Data Security

All connector credentials are encrypted at rest using AES-256-GCM encryption. OAuth tokens are stored encrypted and refreshed automatically. We use TLS for all data in transit. Your source data passes through StreamFlows during sync operations but is not stored beyond the destination you configure.

4. Third-Party Services

We use third-party services to operate StreamFlows, including cloud infrastructure providers (Google Cloud Platform, Railway), payment processing (Stripe), and email delivery (Mailgun). These services have their own privacy policies and data handling practices.

5. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

6. Data Retention

Account data is retained while your account is active. Sync run history and metrics are retained for operational purposes. You can request deletion of your account and associated data by contacting support@stream-flows.io.

7. Your Rights

You may access, correct, or delete your personal information at any time through your account settings or by contacting us. If you are in a jurisdiction with specific data protection rights (such as GDPR or CCPA), we will honor those rights.

8. Contact

For questions about this privacy policy, contact us at support@stream-flows.io.