FlowLinks

Personal Information We Collect
How We Use Your Personal Information
1. Purpose of Use
2. Lawful Basis for Processing (EEA & UK Residents)
Third-Party Sharing and Disclosure
Data Retention
1. Retention Schedules by Data Type
2. Legal and Compliance Retention Requirements
Cookies, Tracking, and Marketing
User Rights
Data Security
International Data Transfers
1. Transfers Outside Your Country
2. Adequacy Decisions and Standard Contractual Clauses
AI Analytics, Automated Decision-Making, and Profiling
Industry-Specific Use Cases
Children’s Privacy
Changes to This Privacy Policy
Contact Information

1. Personal Information We Collect

1.1 Categories of Personal Information

Category	Examples	Source
Contact Information	Name, email, phone, address, company	Direct, Third Parties
Account Information	Login credentials, user ID, admin privileges	Direct
Billing & Payment	Credit/debit card info, invoices, billing address	Direct, Third Parties
AI & Camera Data	Video footage, facial recognition metadata, behavioral analytics, attendance, zone activity	AI Surveillance, Automatic
Device & Technical	IP address, device type, browser, OS, cookies, GPS/location	Automatic
Telemetry & Usage	Product usage, feature engagement, reports accessed	Automatic
Marketing Preferences	Newsletter subscriptions, opt-in/opt-out preferences	Direct, Third Parties
Employment Information	Role, title, department, staff activity logs	Direct, Third Parties

1.2 Sources of Personal Information

Direct Collection: Registration, demo requests, purchases, support, account management.
Third Parties: Affiliates, business customers, social media, marketing partners, public sources.
Automatic Collection: Cookies, tracking pixels, AI analytics, device identifiers, IP addresses, geolocation.

1.3 Special Data Collected via AI Surveillance

Visual Data: Facial recognition, body measurements, uniforms, distinctive features.
Behavioral Patterns: Queue times, movement tracking, task completion, interactions.
Audio Data: Alarms, announcements, safety sounds (where permitted).
Device Metadata: Camera serial numbers, software versions, timestamps, logs.

2. How We Use Your Personal Information

2.1 Purpose of Use

Purpose	Personal Data Used	Legal Basis
Deliver Services	Contact info, account info, AI data	Contract, Legitimate Interest
Security & Safety	AI & camera data, telemetry, account info	Legitimate Interest, Legal Obligation
Billing & Transactions	Billing/payment info, contact info	Contract, Legal Obligation
Analytics & Reporting	Telemetry, usage data, AI insights	Legitimate Interest
Marketing & Communication	Contact info, preferences	Consent, Legitimate Interest
Compliance & Legal	All relevant personal data	Legal Obligation, Legitimate Interest
Research & AI Optimization	AI data, telemetry	Legitimate Interest

2.2 Lawful Basis for Processing (EEA & UK)

Consent: Explicit user agreement for processing.
Legitimate Interests: Necessary for services, security, or operations.
Contract Performance: Fulfillment of service agreements.
Legal Compliance: Regulatory or statutory obligations.

3. Third-Party Sharing and Disclosure

3.1 Vendors, Partners, and Service Providers

Recipient Type	Data Shared	Purpose
Cloud Hosting & Storage	AI, camera, telemetry, billing	Service delivery
Analytics & AI Vendors	Aggregated AI data, telemetry	Model improvement, reporting
Marketing Partners	Contact info, preferences	Communication, advertising
Legal & Auditing	Billing, AI logs, telemetry	Compliance, audit
Law Enforcement & Regulators	AI data, contact info	Legal obligation

3.2 Legal and Regulatory Requirements

Disclosure may occur under court orders, subpoenas, or legal mandates.

3.3 Mergers, Acquisitions, and Business Transfers

Personal information may transfer during mergers, acquisitions, or business sales to ensure continuity of services.

4. Data Retention

4.1 Retention Schedules by Data Type

Data Type	Retention Period	Reason
AI Camera Footage	30–180 days (configurable)	Operational & legal
Billing & Payment	7 years	Tax/Accounting compliance
Account Info	Duration of account + 2 years	Service continuity
Telemetry & Analytics	2 years	Reporting & AI optimization
Cookies & Tracking	1–13 months	Functional & marketing

4.2 Legal and Compliance Retention Requirements

Data may be retained longer if legally required or for dispute resolution.

5. Cookies, Tracking, and Marketing

5.1 Types of Cookies and Tracking Technologies

Essential Cookies: Platform functionality.
Analytical Cookies: Usage tracking, error reporting.
Marketing Cookies: Personalized campaigns.
Third-Party Cookies: Partner integrations.

5.2 Managing Cookies and Opt-Out Options

Users can adjust browser settings or platform Cookie Settings to customize preferences.

5.3 Targeted Advertising and AI Analytics

Cookies, SDKs, and other tools deliver interest-based ads; users can opt-out anytime.

6. User Rights

6.1 EEA & UK Residents (GDPR)

Access, correct, delete, restrict processing, data portability, object to profiling.
Withdraw consent anytime.
Lodge complaints with supervisory authorities.

6.2 California Residents (CCPA/CPRA)

Right to know, delete, correct, opt-out of sale/sharing, limit use of sensitive data.
Non-discrimination for exercising rights.

6.3 Canada Residents (PIPEDA)

Right to access and correct information.
Consent required for collection, use, and disclosure.

6.4 Other U.S. States and International Users

Rights vary by jurisdiction; Flowlinks.ai complies with local laws.

7. Data Security

7.1 Technical Measures

Encryption at rest and in transit (AES-256, TLS 1.2+).
Multi-factor authentication for admin access.
Anonymization of AI logs where feasible.

7.2 Organizational Measures

Restricted access by role.
Vendor contracts requiring confidentiality.

7.3 Employee Access and Training

Privacy training for employees.
Access only to data necessary for roles.

7.4 Breach Notification Procedures

Notification within 72 hours where legally required.
Coordination with regulators and affected users.

8. International Data Transfers

Data may be transferred globally.
Transfers rely on EU adequacy, Standard Contractual Clauses (SCCs), or equivalent safeguards.

9. AI Analytics, Automated Decision-Making, and Profiling

Automated alerts for safety, staff monitoring, and customer behavior.
Human review ensures fairness, accuracy, and minimization.
AI outputs used for operational and security purposes only.

10. Industry-Specific Use Cases

10.1 Retail Locations

Customer behavior analysis, virtual lines, queue times, zone tracking.
Staff monitoring, attendance, uniform compliance, refund/discount alerts.

10.2 Cafes & Restaurants

Kitchen safety, hygiene alerts, queue monitoring, customer experience insights.
Staff productivity and compliance tracking.

10.3 Fitness Centers

Restricted area monitoring, equipment usage, cleanliness.
Member traffic analysis, safety alerts.

10.4 Tutoring Centers

Attendance tracking via AI facial recognition.
Classroom activity reporting and incident alerts.

11. Children’s Privacy

Services not directed at children under 13 (or local age of consent).
No deliberate collection of children’s personal data.

12. Changes to This Privacy Policy

Updates may occur anytime; users should review regularly.
Changes posted with updated effective dates.

13. Contact Information

Email: info@flowlinks.ai

Mail: 3840 Park Avenue, STE C-205, Edison, NJ 08820

Phone: +1 (732) 354-1541

Privacy Policy

Table of Contents