Privacy Policy
FlowyPrompt prioritizes user privacy above all else. Analytics data is collected only with your explicit consent, and we use PostHog for product analytics. We clearly explain what data we collect, what we don't collect, and how you can control it.
Data We Collect
We collect analytics data only with your explicit consent, using PostHog to improve product quality. No prompt content, titles, variable values, or sensitive personal data are sent.
- Basic usage statistics (page views, session counts)
- Feature usage events (usage flags only)
- Authentication events (login success/failure counts)
- Error events (for stability improvement)
- Feature flag evaluations (on/off state only)
Data We Don't Collect
- Template content, titles, variable values
- Flow builder node details and connections
- Form field contents and sensitive user inputs
- Precise location (GPS-level)
- Session replay or screen recordings
- Device fingerprinting or unique hardware identifiers
Company Information
FlowyPrompt
- Privacy Officer: Sanghee Lee
- Email: futurecodeleaf@gmail.com
Data Controller
FlowyPrompt is the data controller responsible for processing personal information in accordance with privacy laws.
Purpose and Legal Basis
We collect analytics data solely to improve the product and only with your explicit consent. Processing is based on consent, which you may withdraw at any time.
Data Retention and Third Parties
Analytics data is retained only for as long as necessary for product improvements and is never sold. We may use trusted processors like PostHog under strict agreements.
Third Party Provision
We do not provide personal information to third parties, except as required by law.
Processing Entrustment
We may entrust personal information processing to the following companies for service provision.
- PostHog (Analytics Service)Data processing for product analytics (only with user consent)
- Sentry (Error Monitoring)Error data processing for service stability improvement (only with user consent)
Data Subject Rights
Data subjects have the following rights under privacy laws.
Rights can be exercised by contacting the Privacy Officer.
Personal Information Destruction
Personal information is destroyed without delay when it becomes unnecessary due to expiration of retention period or achievement of processing purpose.
Cookie Usage
This service does not use cookies. All data is encrypted and stored in local storage.
Personal Information Breach Notification
In case of personal information breach, we will notify the data subject without delay and take necessary measures.
Device Identifier (pf_device_id)
FlowyPrompt generates a device identifier used solely for security purposes.
Device Identifier (pf_device_id)
- Purpose: Security enhancement through device binding of encrypted master keys
- Generation method: Random UUID generated using browser's built-in crypto.randomUUID() function
- Storage location: Stored only in browser localStorage (not transmitted to servers)
- Not personal data: No collection of hardware information or actual device identifiers
- Not fingerprinting: No collection of MAC addresses, CPU IDs, hardware serial numbers, etc.
- Security only: Used exclusively for encryption key management, not for other purposes
- User control: Deleted when browser data is cleared
Important Note
pf_device_id is not personal data. It is a software identifier used solely for security purposes, with no relation to actual hardware information or device fingerprinting. It is generated using the browser's random UUID generation function and stored only locally.
GitHub Integration
- GitHub integration is an optional feature that users can configure themselves.
- GitHub tokens are temporarily stored only in browser memory and are not transmitted to servers.
- GitHub tokens or repository information are not stored on servers.
- GitHub-related information is not stored in web storage (localStorage, sessionStorage).
- GitHub repository content or commit information is not collected.
- We use minimal information to provide integration functionality.
- Repository files or code are not stored locally.
Policy Changes
This Privacy Policy may be modified due to changes in relevant laws or service policies.
Effective Date: 2025-10-11
Your Choices and Control
- Opt in/out of analytics at any time from Settings
- Request access or deletion of analytics data by contacting support
Data Retention Policy
FlowyPrompt retains data for appropriate periods in accordance with relevant laws and regulations. Below is our retention policy by data type.
Data Retention Policy Matrix
| Category | Retention Period | Reason for Retention | Legal Basis |
|---|---|---|---|
| General Personal Data | 30 days | Prevention of misuse, complaint handling | Personal Information Protection Act |
| E-commerce Records | 5 years | Consumer protection, dispute resolution | E-commerce Act |
| Log Records | 3 months | Communication secrecy protection, malicious user tracking | Communication Secrecy Protection Act |
| Deleted User Records | 5 years | E-commerce Act compliance | E-commerce Act |
Last Updated: 2025-10-11