This policy describes personal data processing for the ClientFlow website and service, in accordance with GDPR.
Data controller
Volade — SAS, France
Privacy contact: vordrack@gmail.com
Data collected
- Account data: name, email, organization
- Client data you enter (contacts, projects, quotes)
- Billing data via Stripe
- Technical data: logs, IP address, browser
- Support exchanges and waitlist email
Purposes
- Providing and improving the service
- Billing and subscription management
- Security and fraud prevention
- Aggregated audience measurement (with consent)
- Transactional communication and support
Legal bases
- Contract performance (Terms)
- Legitimate interest (security, improvement)
- Consent (analytics, marketing)
- Legal obligation (accounting)
Retention
Account data is kept for the duration of the contract then archived per legal requirements. Technical logs are kept up to 12 months.
Subprocessors
- Supabase — database (EU)
- Stripe — payments
- Vercel — application hosting
- Resend — transactional email
- Plausible — privacy-friendly analytics (if consented)
Your rights
Access, rectification, erasure, restriction, portability, objection: contact vordrack@gmail.com. You may lodge a complaint with your supervisory authority.
Transfers outside the EU
Some subprocessors (Stripe, Vercel) may process data in the US with appropriate safeguards (standard contractual clauses).
Security
TLS encryption, access controls, EU hosting. Report any incident to privacy@volade.com.