Privacy Policy

01

Information We Collect

When you use WatchFlow, we collect information necessary to provide and improve our services. This includes:

Account Information

Name, email address, and phone number provided during registration
Business name and billing address
Password (stored in hashed form; we never store plaintext passwords)

Business Data

Inventory records, listings, and associated images you create within the platform
Deals, contacts, invoices, and notes managed through the CRM and pipeline features

Usage & Analytics Data

Log data such as IP address, browser type, pages visited, and timestamps
Device information including operating system and screen resolution
Diagnostics such as error reports, performance signals, and security events used to keep the service reliable

Payment Information

Billing details required to process your subscription
Payment card information is handled entirely by Stripe and is never stored on our servers

Communication Data

When distributing listings via WhatsApp or Telegram, message content passes through their respective infrastructure

Photos, Camera, and Files

If you upload watch photos, logos, invoices, or other files, we store and process those files only to provide the product features you request
If you use camera-based scanning or capture features in a browser or mobile wrapper, camera access is used only after you grant permission and is not used in the background

02

How We Use Your Information

We use the information we collect for the following purposes:

To operate, maintain, and improve the WatchFlow platform
To process transactions and manage your subscription
To distribute your listings to the platforms and channels you select
To generate AutoCaption listing captions (processed securely)
To provide dealer storefront functionality
To send transactional emails such as billing receipts and account notifications
To provide customer support and respond to your inquiries
To detect and prevent fraud, abuse, or security incidents
To analyze aggregated usage trends and improve our product

We will never sell your personal information to third parties. We do not use your listing data or inventory information for any purpose other than delivering the services you have requested.

03

Legal Basis for Processing

We process your personal data under the following legal bases:

Contract Performance -- Processing necessary to provide the WatchFlow service you signed up for, including account management, listing distribution, and deal tracking
Legitimate Interest -- Platform security, fraud prevention, service improvement, and aggregated analytics
Consent -- Marketing communications and optional third-party integrations. You may withdraw consent at any time
Legal Obligation -- Tax records, regulatory compliance, and responding to lawful data requests

04

Administrative Access Disclosure

WatchFlow administrators may access your account under strictly controlled conditions for customer support, troubleshooting, and security purposes. All administrative access is:

Logged and auditable -- Every access is recorded with timestamp, reason, and duration
Time-limited -- Sessions are capped at 15 minutes and auto-expire
Read-only by default -- Administrators can view your data but cannot modify it unless write access is explicitly justified and approved
Requires documented reason -- A minimum 10-character justification must be provided before any access
Notified to you -- You receive an in-app notification after every administrative access session, including the reason provided

You can view your complete account activity log at any time from Settings > Account Activity. We will never access your account without a legitimate business or support reason.

05

Data Sharing & Third Parties

WatchFlow shares data only with a small set of carefully selected sub-processors that are essential to operating the platform. Each service receives the minimum data necessary to perform its function on your behalf. We do not sell your data to third-party advertising networks or data brokers.

Third-Party Service Providers

The table below enumerates every third party that may process data on our behalf, the data they receive, and where they are located. Each provider operates under its own privacy policy and a Data Processing Agreement (DPA) with WatchFlow where applicable.

Provider	Purpose	Data Received	Region
Stripe	Payment processing & subscription billing	Name, email, billing address, tokenized payment card details. WatchFlow never stores raw card numbers.	US / EU
AWS S3 (and compatible object storage)	Storage of uploaded photos, invoice PDFs, and exported files	Listing images, watch photos, generated invoice PDFs, document attachments.	Per configured AWS region
Cloudflare	CDN, DDoS mitigation, TLS termination	IP address, request headers, user-agent, request metadata.	Global edge network
Sentry (when enabled)	Error reporting & diagnostics	Anonymized stack traces, user-agent strings, browser/device metadata. IP addresses may be captured incidentally. No business data is sent intentionally.	US / EU
SendGrid / Postmark / SMTP provider	Transactional email delivery (receipts, account notices, invoice delivery, deletion confirmations)	Recipient email address, message content, delivery metadata.	US / EU
Twilio (when SMS is enabled)	SMS notifications	Recipient phone number, message content, delivery metadata.	US / EU
Playwright / Chromium	Server-side rendering of invoice PDFs and previews	Runs on WatchFlow-controlled infrastructure. No data leaves our servers.	WatchFlow infrastructure
Google Fonts CDN	Typography delivery (Cormorant Garamond, DM Sans, DM Mono)	IP address may be logged by Google when fonts are fetched. No personal account data is sent.	Global (Google)
Apple (App Store / In-App Purchase, when applicable)	If WatchFlow is distributed via Apple platforms, Apple processes purchase, download, device, crash and account data under Apple's own terms.	Purchase status, Apple ID identifier, device metadata, crash logs.	Apple infrastructure
WhatsApp (Meta) -- optional integration	Outbound listing distribution to WhatsApp groups you select	Message content and media you choose to distribute.	Meta global
Telegram -- optional integration	Outbound listing distribution to Telegram channels/groups you select	Message content and media you choose to distribute.	Telegram global
Shopify -- optional integration	Inventory synchronization when you connect a Shopify store	Inventory records (SKU, title, price, photos, status) for items you sync.	Shopify global
Intuit QuickBooks -- optional integration	Invoice and accounting synchronization when connected	Invoice line items, customer name, amount, tax fields.	US

We share only the minimum data necessary for each service to perform its function. We do not sell your data to advertising networks or data brokers, and we do not use third-party trackers for advertising. See the providers' own privacy policies for details: Stripe, AWS, Cloudflare, Sentry, Twilio, WhatsApp, Telegram, Shopify, Intuit, Google.

06

Data Retention

We retain your data only as long as necessary to deliver the WatchFlow service, meet legal and tax obligations, and protect against fraud. The table below sets out the retention schedule for each category of data we hold.

Data Retention Schedule

Data Category	Retained While	After Account Deletion
Account credentials (email, password hash, profile)	Account is active	Hashes and profile records purged within 30 days
Listings, inventory, contacts, deals	Account is active	Purged within 30 days of deletion request
Invoices & payment records	Account is active + 7 years (legal & tax retention)	Anonymized; financial records retained per applicable tax law
Uploaded photos & documents	Account is active	Purged within 30 days; S3 lifecycle rule enforces deletion
Audit logs (admin access, security events)	2 years rolling	Purged with the account
Server access logs	90 days rolling	N/A (no PII retained)
Email delivery logs (via provider)	Per provider policy (typically 30 days)	N/A
Backups	30 days rolling	Deleted data may persist in encrypted backups for up to 30 days before being overwritten
Session data	Until session expiry	Cleaned up automatically
Notifications	Read: 90 days. Unread: up to 1 year.	Purged with the account

You may request early deletion at any time via Settings > Privacy > Delete Account or by emailing privacy@watchflow.com. After deletion is confirmed, your data follows the schedule above. We honor a 30-day grace period during which deletion can be cancelled by signing in again.

07

International Transfers

Your data may be transferred and processed in jurisdictions outside your own:

Data is primarily stored and processed in secure data centers
If data is transferred internationally, we ensure adequate protection through standard contractual clauses and equivalent safeguards
We will always inform you if your data is processed outside your jurisdiction

08

Data Storage & Security

We take the security of your data seriously and implement industry-standard measures to protect it:

All data is encrypted in transit using TLS/SSL protocols
Sensitive data is encrypted at rest using AES-256 encryption
Access to production systems is restricted and audited
We perform regular backups to prevent data loss
Our infrastructure is hosted on secure, reputable cloud providers

While we employ rigorous security practices, no method of transmission or storage is 100% secure. We encourage you to use a strong, unique password for your WatchFlow account and to notify us immediately if you suspect any unauthorized access.

09

Your Rights (GDPR & CCPA)

You have the following rights regarding your personal data:

Right of Access (GDPR Art. 15) -- Request a copy of all personal data we hold about you
Right to Rectification (GDPR Art. 16) -- Update or correct your information from your dashboard or by contacting us
Right to Erasure (GDPR Art. 17) -- Request deletion of your account and data via the in-app feature or email; processed within 30 days
Right to Restriction (GDPR Art. 18) -- Request restriction of processing while a complaint is being investigated
Right to Data Portability (GDPR Art. 20) -- Export your data in a standard machine-readable JSON format via Settings
Right to Object (GDPR Art. 21) -- Object to processing based on legitimate interests

How to Exercise Your Rights

Export your data -- Go to Settings > Privacy > Export My Data to download a machine-readable JSON archive of your account, or email privacy@watchflow.com. Exports are typically delivered within 7 days.
Delete your account -- Go to Settings > Privacy > Delete Account. You will receive a confirmation email; a 30-day grace period applies during which you can cancel deletion by signing in again. After the grace period, your data is purged according to the retention schedule above.
Rectify or access -- Most data can be updated directly in the app. For data not editable in-app, email privacy@watchflow.com.
Object or restrict processing -- Email privacy@watchflow.com with the specific processing activity you wish to object to.
Lodge a complaint -- You have the right to lodge a complaint with your local data protection supervisory authority (for EU/UK users) at any time.

We will respond to all verified data subject requests within 30 days. Identity verification may be required to protect your data.

CCPA Rights

California residents have additional rights including the right to know what data is collected, the right to delete, the right to opt-out of sale (we do not sell your data), and the right to non-discrimination for exercising your privacy rights.

App Store Privacy Summary

For Apple App Store privacy disclosures, WatchFlow may collect contact information, account identifiers, user content, purchase or billing status, usage data, diagnostics, and uploaded photos or files. This data is used for app functionality, account management, payments, customer support, security, analytics, and product improvement. WatchFlow does not use IDFA, does not sell personal data, and does not track users across third-party apps or websites for advertising.

Automated Decision-Making

We do not make any automated decisions that have significant legal effects on you.

You may lodge a complaint with your local data protection supervisory authority at any time. To exercise any of these rights, please contact us at the address provided below. We will respond to all requests within 30 days.

10

Cookies

WatchFlow uses a limited number of cookies and local storage entries to operate the platform:

Authentication cookies -- Required to keep you logged in and maintain your session
Preference storage -- Used to remember your settings such as theme preference (light/dark mode)
Analytics -- We may use privacy-respecting analytics to understand how the platform is used in aggregate

We do not use third-party tracking cookies or advertising cookies. You can manage cookies through your browser settings, though disabling essential cookies may affect your ability to use WatchFlow.

11

Contact & Data Protection

If you have any questions about this Privacy Policy, your data, or your rights, please reach out to us:

Privacy email: privacy@watchflow.com
Contact page: mywatchflow.com/contact

If you are in the EU or UK, you have the right to lodge a complaint with your local Data Protection Authority / supervisory authority.

We are committed to resolving any concerns about your privacy promptly and transparently. We aim to respond to all data protection requests within 30 days.

Privacy Policy Summary