FloWorxIQ Privacy Policy

At FloWorxIQ, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we look after your personal data when you visit our website or otherwise work or communicate with us. It also tells you about your privacy rights and how Canadian and international law protects you.

1. Important Information and Who We Are

1.1 Purpose of This Privacy Policy This privacy policy provides information on how FloWorxIQ collects and processes your personal data through your use of our website, our services, or otherwise when you communicate or interact with us in the course of business.

1.2 Controller If you are a registered customer of FloWorxIQ, we act as the data controller of personal data about you and your use of our services. However, we act as a data processor of personal data that you submit into FloWorxIQ’s platform (such as information about your calendar, emails, or email accounts). If we are acting as a data processor of your personal data (and not the controller), you should first contact the controller party to exercise your rights with respect to such data.

1.3 Contact Details We are: FloWorxIQ Inc., based in Alberta, Canada. If you need to contact us regarding your personal data, please email us at: 📧 info@floworxiq.com You have the right to make a complaint at any time to the Office of the Privacy Commissioner of Canada (OPC) or the relevant provincial privacy regulator. We would, however, appreciate the chance to resolve your concerns directly, so please contact us first.

1.4 Changes to This Policy This version was last updated on 30 September 2025 If you continue using our website or services after any changes are posted, that means you agree to all updates. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

2. The Data We Collect About You We may collect, use, store, and transfer different kinds of personal data, grouped as follows: • Contact Data: name, role, email address, phone number. • Financial Data: billing details, payment card information. • Correspondence Data: emails, notes of conversations. • Usage Data: information about how you use our website or services. • Technical Data: IP address, login data, browser type and version, time zone, device information, operating system, and platform. We may also create aggregated, de-identified, or anonymized data for business analysis and improvement.

3. How We Collect DataDirect interactions: via our website, services, email, phone, or meetings. • Automated interactions: cookies, analytics, and other technologies when you use our website. • Third-party sources: analytics providers like Google or HubSpot.

4. How We Use Your Personal Data We will only use your data when the law allows us to, including: • To deliver our services under a contract with you. • Where it is necessary for our legitimate business interests (and where your rights do not override those interests). • To comply with legal or regulatory obligations.

5. Data Shared with Third-Party AI Models

5.1 Data Shared To provide categorization, draft replies, and audio transcription, our services may share limited data with third-party AI models. These models process (but do not retain) data such as: • Email Content and Data: subject, body text, sender/recipient details. • Calendar Data: event titles, times, and dates. • Audio Recording Data: participants, timestamps, and content of recordings. We require that our AI providers do not use your data to train their models.

5.2 User Consent Before sharing data with AI models, we seek explicit user consent.

5.3 Third-Party Data Retention We operate under a Zero Data Retention policy with our AI providers: they do not store customer API data.

6. Disclosures of Your Personal Data We may share data with: • Service providers (account management, IT, cloud hosting, data storage, AI language models). • Analytics and advertising providers. • Business transfer partners (in case of merger, sale, or acquisition). We require all third parties to respect your privacy and process your data only as instructed.

7. International Transfers If we transfer your data outside of Canada (e.g., to US-based service providers), we ensure safeguards are in place such as contractual clauses or adherence to recognized privacy frameworks.

8. Data Security We implement appropriate technical and organizational measures to prevent unauthorized access, loss, misuse, or disclosure of your data.

9. Data Retention We retain personal data only as long as necessary for business, legal, or regulatory purposes. In some cases, we may anonymize data for research and retain it indefinitely in that form.

10. Your Legal Rights You have the right to: • Request access, correction, or deletion of your data. • Object to or restrict certain processing. • Request transfer of your data. Requests can be made at any time by contacting us at info@floworxiq.com.