Effective Date: 9 June 2025

Thank you for choosing Flowstate. Your privacy is important to us. This Privacy Policy explains how Flowstate Labs ("Flowstate," "we," "our," or "us") collects, uses, shares, and safeguards information when you interact with our website (https://www.flowstate.cc), browser extensions, mobile and desktop applications, and any related services (collectively, the "Services").

1. Who We Are

Flowstate is a digital‑well‑being company headquartered in Bangalore, India, committed to helping people take control of their online consumption through client‑side AI filters and distraction‑blocking tools.

2. Information We Collect

2.1 Information You Voluntarily Provide

• Account Information. Email address or social‑login token when you create an account or sign in.
  
  
• Feedback & Support. Content of messages, screenshots, or other materials you send to us.
  
  

2.2 Information We Collect Automatically

• Usage & Diagnostic Data. Anonymous, aggregated events such as feature toggles, crash logs, and session lengths. Where possible, this data is processed locally and only high‑level, non‑identifiable metrics are synced to our servers.
  
  
• Device Information. Browser type, operating system, language, and basic device identifiers (hashed) to ensure compatibility and prevent fraud.
  
  
• Website Cookies & Similar Technologies. Small text files used solely for website analytics, account authentication, and remembering user settings.
  
  

2.3 Information We Do Not Collect

• We do not collect or store your social‑media passwords, full browsing history, ad‑click data, or the complete content of videos and posts you view.
  
  
• We do not tailor or sell advertising based on your personal data.
  
  

3. How We Use Your Information

1. Deliver & Maintain the Services. To operate core features such as hiding UI elements, applying AI filters, and syncing your preferences across devices.
   
   
2. Improve & Develop New Features. Aggregate analytics help us understand performance and inform future development.
   
   
3. Customer Support & Communication. Respond to inquiries, troubleshoot issues, and send transactional messages (e.g., security alerts, policy updates).
   
   
4. Legal & Compliance. Enforce our Terms of Service, prevent fraud, and comply with applicable laws.
   
   

4. Legal Bases for Processing (EEA/UK Users)

We process your data under one or more of the following legal bases:

• Contractual Necessity (Art. 6 (1)(b) GDPR) – to provide the Services you request.
  
  
• Legitimate Interests (Art. 6 (1)(f) GDPR) – to improve our Services, detect abuse, and secure our platform.
  
  
• Consent (Art. 6 (1)(a) GDPR) – for optional features such as marketing emails, which you may withdraw at any time.
  
  
• Legal Obligation (Art. 6 (1)(c) GDPR) – to comply with laws that apply to us.
  
  

5. Sharing & Disclosure of Information

We only share data as described below:

• Service Providers. Trusted vendors who host infrastructure, process anonymized analytics, or provide customer‑support software, bound by strict confidentiality agreements.
  
  
• Business Transfers. In connection with mergers, acquisitions, or similar transactions, subject to your privacy rights.
  
  
• Legal Requirements. If required by law or in response to valid legal process.
  
  

We do not sell or rent your personal data.

6. International Data Transfers

Your information may be processed outside your home jurisdiction (e.g., on servers in the United States, European Union, or India). We rely on recognized legal mechanisms such as Standard Contractual Clauses to protect cross‑border data.

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, or resolve disputes. Aggregated, non‑identifiable analytics may be retained indefinitely.

8. Security

We employ industry‑standard administrative, technical, and physical safeguards, including encrypted transit (HTTPS) and at‑rest encryption for any stored data. Despite our efforts, no transmission or storage system is guaranteed 100% secure.

9. Your Rights & Choices

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
  
  
• Rectify inaccurate or incomplete data.
  
  
• Delete your data ("right to be forgotten").
  
  
• Restrict or Object to certain processing.
  
  
• Data Portability – receive data in a structured format.
  
  
• Opt‑out of marketing communications.
  
  

Exercising Your Rights

Email us at team@flowstate.cc. We may ask you to verify your identity before fulfilling requests.

California Residents (CCPA/CPRA)

We do not "sell" personal information as defined by the CCPA. You may exercise your privacy rights via the methods described above.

India – Digital Personal Data Protection Act (2023)

Indian users have the rights of notice, consent, grievance redressal, and data erasure under the DPDP Act. Contact details for our Grievance Officer are below.

10. Children’s Privacy

Flowstate is not intended for children under 13 (or equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us for deletion.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page and, where appropriate, we will notify you via email or in‑app notice. Please review periodically.

12. Contact Us

• Data Protection Officers / Grievance Officers: Rohith M Athreya, Raghuvamsi Velagala
  
  
• Email: rohith@flowstate.cc, raghu@flowstate.cc 

‍