Privacy Policy
Last updated: 23 juin 2026
Company: Flowdake
Website: https://www.flowdake.com
Flowdake is an AI-powered marketing automation platform designed to help businesses create, manage, and optimize marketing campaigns across multiple channels. Protecting your personal data is a priority. This Privacy Policy explains how we collect, use, and protect your data in accordance with the General Data Protection Regulation (GDPR).
1. Data Controller
Flowdake
SAS — French simplified joint-stock company
60 rue François 1er, 75008 Paris, France
SIREN 999 528 854 · SIRET (head office) 999 528 854 00014
Intra-EU VAT number: FR63 999 528 854
privacy@flowdake.com
2. Data Collected
We may collect the following data:
Account data
- Name, email address
- Company name
- Professional role
- Login credentials (encrypted)
Usage data
- IP address
- Device and browser information
- Platform usage logs
Marketing & campaign data
- Campaign briefs
- Advertising creatives
- Targeting parameters
- Performance metrics retrieved from connected platforms
Billing data
- Subscription information
- Invoices and payment status
(Payment details are processed by Stripe. Flowdake does not store credit card data.)
Flowdake does not collect so-called "special category" data (racial or ethnic origin, political or religious opinions, health data, sexual orientation, etc.) and its service is not intended for minors under the age of 15.
3. Purpose of Processing
Data is processed to:
- Provide and operate the Flowdake platform
- Create and manage marketing campaigns
- Connect to third-party platforms
- Improve product performance
- Ensure platform security
- Comply with legal obligations
4. Legal Basis
Processing is based on:
- Contract performance
- Legitimate interest
- User consent (when applicable)
- Legal obligations
5. Third-Party Platforms
Flowdake integrates with:
- Meta (Facebook, Instagram)
- Google (Google Ads, Analytics)
- TikTok
- Snap
- Other advertising and social platforms
When connected, Flowdake acts as a data processor, accessing only the data necessary to operate the service.
Each platform processes data according to its own privacy policies.
Google User Data
Data obtained through Google APIs (Google Ads, Google Analytics, etc.) is used solely to display your advertising performance and generate recommendations within Flowdake. Flowdake does not share, sell, transfer, or disclose Google user data to third parties, except as strictly necessary to provide the service (secure hosting) or as required by law.
Meta Data (Facebook & Instagram)
Data obtained through Meta APIs (Facebook Ads, Instagram) is used solely to display your advertising performance and generate recommendations within Flowdake. Flowdake does not share, sell, transfer, or disclose Meta user data to third parties, except as strictly necessary to provide the service or as required by law.
LinkedIn Data
Data obtained through the LinkedIn API is used solely to display your advertising performance within Flowdake. It is not shared, sold, or transferred to third parties.
TikTok Data
Data obtained through the TikTok API is used solely to display your advertising performance within Flowdake. It is not shared, sold, or transferred to third parties.
Snapchat Data
Data obtained through the Snapchat API is used solely to display your advertising performance within Flowdake. It is not shared, sold, or transferred to third parties.
Hosting and technical sub-processors
To provide the service, Flowdake relies on the following sub-processors, which process data on our behalf and under our instructions:
- Vercel — hosting of the website and application
- Supabase — database and account authentication
- Hostinger — servers hosting the AI agents
- Google (Gemini API) — AI-based content generation and recommendations
- Resend — transactional emails and notifications
- PostHog — analytics, hosted in the European Union (see the "Cookies and analytics" section)
6. Cookies and analytics
With your consent, we use an analytics tool to understand how our product is used and to improve it.
- Tool: PostHog, with an instance hosted in the European Union (Frankfurt). No data is transferred outside the EU for this tool.
- Purpose: audience measurement, product usage analysis and session recording (session replay) to understand user journeys and fix issues.
- Data collected: page views, events and actions within the app, device and browser type, technical identifiers (cookies and local storage). For session replay, on-screen interactions are recorded, but input fields are masked: your emails, passwords and other inputs are not recorded.
- Legal basis: your consent (art. 6(1)(a) GDPR). No analytics data is collected without your consent.
- Retention: session recordings are kept for about 1 month and event data for up to 12 months.
- Withdrawal: you can accept, decline or change your choice at any time via the "Manage cookies" link in the page footer, or by contacting us at privacy@flowdake.com.
- Strictly necessary cookies: some cookies are essential for the service to work (login, security, language preference). Being essential, they do not require your consent.
7. Artificial intelligence and automated processing
Flowdake uses artificial intelligence models to help you create marketing content (copy, visuals) and generate recommendations to optimize your campaigns.
For this purpose, the elements you provide (briefs, descriptions, campaign settings) may be processed by our AI providers, strictly for the purpose of delivering the service.
These features assist your decisions but do not constitute solely automated decision-making producing legal effects concerning you: you retain control and final approval of your campaigns.
8. Data Retention
Data is retained:
- Account data: deleted within 30 days after the account is closed
- Billing data: kept for 10 years, in accordance with legal and accounting obligations
- Technical logs: kept for 6 to 12 months
- Campaign data may be anonymized after account deletion
9. Security
We implement appropriate technical and organizational measures including:
- Encryption
- Secure authentication
- Access control
- Monitoring and logging
10. Your Rights
You have the right to:
- Access your data
- Rectify inaccuracies
- Request deletion
- Object to processing
- Request data portability
- Request restriction of processing
- Withdraw your consent at any time, without affecting the lawfulness of processing carried out before such withdrawal
privacy@flowdake.com
You may also lodge a complaint with the CNIL (the French data protection authority, www.cnil.fr) if you believe your rights are not being respected.
11. International Transfers
Most data is hosted in the European Union. Some sub-processors may, however, process data outside the EU (for example in the United States); in such cases, appropriate safeguards are applied, such as the European Commission's Standard Contractual Clauses or the EU-US Data Privacy Framework.
12. Changes
We may update this policy. Material changes will be communicated to users.