Privacy Policy – Shortflow

Last update: 2025-06-14

Shortflow ("we", "our", or "the app") places a strong emphasis on protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR).

1. Data Controller

App owner:
Léandre Bodin – Sole Proprietor
Address: [to be filled in]
Email: privacy@shortflow.io
SIRET: [to be completed]

2. Data collected

• Name, surname (optional)
• Email address
• OAuth tokens and social account identifiers
• Scheduling and publication data (text, images, dates)
• Anonymous usage logs
• Billing data (via Stripe)

3. Purpose of processing

• Provide and maintain the service
• Handle secure authentication and API access
• Personalize user experience
• Handle billing and support
• Prevent abuse and ensure legal compliance

4. Legal basis

• Contract performance
• User consent (e.g., analytics cookies)
• Legal obligations

5. Data recipients

• Shortflow team
• Technical providers (hosting, analytics, payments)
• Third-party APIs explicitly linked
• Legal authorities if required

6. Retention period

• While the account is active
• Up to 3 years after deactivation (unless erased earlier)

7. Your GDPR rights

You have the right to:

• Access your data
• Correct inaccurate data
• Request deletion
• Object to processing
• Request data portability

Contact: privacy@shortflow.io

8. Security

• Encrypted sensitive data
• Secure infrastructure and backups
• Access restricted to authorized personnel

9. Cookies

• Technical cookies for login/session
• Optional analytics cookies (non-personalized)

10. Changes

We may update this policy at any time. Significant changes will be announced.

11. Governing Law

This Privacy Policy is governed by French law. Disputes shall fall under the jurisdiction of the courts of the publisher’s registered office.