Back to Home

Privacy Policy

Last updated: December 28, 2025

        Summary: TeamFlow is committed to protecting your privacy. We collect only the data necessary to provide our work management services, store it securely, and never sell your personal information to third parties.
      

1. Introduction

TeamFlow ("we," "our," or "us") operates the TeamFlow mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union. By using the App, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

The data controller responsible for your personal data is:

TeamFlow
For privacy inquiries, please contact us at the email address provided in the Contact section below.

3. Data We Collect

3.1 Information You Provide

Account Information: Name, email address, phone number, password (encrypted), profile photo
Work Data: Projects, tasks, time logs, calendar events, team updates, and messages you create
Communication Data: Messages sent through the App, including AI assistant conversations
WhatsApp Integration: Phone number for authentication, messages sent via WhatsApp for team notifications (if enabled)

3.2 Information Collected Automatically

Device Information: Device type, operating system, unique device identifiers
Usage Data: Features accessed, time spent in the App, interaction patterns
Push Notification Tokens: To send you notifications about tasks and updates

3.3 Information from Third Parties

WhatsApp: If you use WhatsApp login or bot features, we receive your phone number and message content from group chats where notifications are enabled

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

Purpose	Legal Basis
Providing the App services	Performance of contract (Article 6(1)(b))
Account management and authentication	Performance of contract (Article 6(1)(b))
Push notifications about your tasks	Legitimate interest (Article 6(1)(f))
AI-powered features and insights	Consent (Article 6(1)(a))
WhatsApp integration	Consent (Article 6(1)(a))
Security and fraud prevention	Legitimate interest (Article 6(1)(f))
Legal compliance	Legal obligation (Article 6(1)(c))

5. How We Use Your Data

To provide and maintain the App's core functionality
To manage your account and provide customer support
To send notifications about tasks, projects, and team updates
To provide AI-powered insights and task recommendations
To enable team collaboration features
To process time tracking and generate reports
To improve and optimize the App
To ensure security and prevent fraud

6. Data Sharing

We do not sell your personal data. We may share your data with:

Your Organization: Team members and managers within your organization can see work-related data you create
Service Providers: Third-party services that help us operate the App:
- Cloud hosting providers (data storage)
- OpenAI (for AI assistant features - only conversation content)
- WhatsApp/Meta (for WhatsApp integration features)
- Push notification services
Legal Requirements: When required by law or to protect our rights

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions by the European Commission
Other lawful transfer mechanisms under GDPR

8. Data Retention

We retain your personal data for as long as necessary to provide our services and fulfill the purposes described in this policy. Specifically:

Account data: Until you delete your account
Work data (tasks, projects): Retained while your organization uses the App
Time logs: Retained for the period required by applicable employment laws
WhatsApp OTP codes: Deleted after 10 minutes or upon successful verification
Session tokens: 30 days from creation

After account deletion, we may retain anonymized data for analytics purposes.

9. Your Rights Under GDPR

As an EU resident, you have the following rights:

Right of Access: Request a copy of your personal data
Right to Rectification: Request correction of inaccurate data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing: Request limitation of data processing
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us using the details in the Contact section. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption of data in transit (HTTPS/TLS)
Encryption of sensitive data at rest
Password hashing using industry-standard algorithms (bcrypt)
Regular security assessments
Access controls and authentication
Secure cloud infrastructure

11. Children's Privacy

The App is not intended for users under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us.

12. Cookies and Tracking

The App does not use cookies in the traditional sense. We may use local storage on your device to maintain your session and preferences. This data remains on your device and is not transmitted to our servers unless necessary for App functionality.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new Privacy Policy in the App
Sending a notification through the App
Updating the "Last updated" date at the top of this policy

14. Contact Us

Privacy Inquiries

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@teamflow.app

You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with applicable data protection laws.

15. Supervisory Authority

If you are located in the EU and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members_en