Privacy Policy

1. Who we are

Workflow ("Workflow", "we", "us") provides a task-assignment tool for small businesses. This policy explains what personal data we process when a business and its staff use Workflow, and the choices available to them. For privacy questions, contact privacy@workflow.app.

2. The data we collect

• Account details — name and email address used to create owner, admin, and staff accounts, plus the encrypted password and owner-issued setup codes.
• Task content — the tasks you create or are assigned: titles, assignees, deadlines, re-delegation reasons, completion records, and history.
• Attachments — photos or documents you choose to attach to a task (for example a delivery note, invoice, or proof of completion).
• Notification tokens — device push-notification identifiers needed to send reminders and alerts.
• Usage and analytics — the per-day, per-employee activity counts and completion times shown in the daily review, derived from task activity within your company.

3. Voice input — audio is not stored

When you speak a task, your speech is transcribed and translated into reviewable English text. The raw audio recording is not stored. Only the reviewed text you confirm is saved as the task. Voice is a shortcut for entering text, not a recording feature.

4. How we use data

• To create and operate accounts within your company workspace.
• To deliver tasks, reminders, and overdue alerts to the right people.
• To produce the owner's daily analytics and per-employee review.
• To keep an accurate task history for accountability.
• To secure the service and prevent abuse.

5. Who can see what

Each company is a separate, private workspace. Staff see only the work assigned to them and the work they assigned to others. Owners and admins can see all tasks and analytics within their own company. We do not share data between companies.

6. Sharing and processors

We do not sell personal data. We share data only with service providers that help us run Workflow — such as hosting, transcription/translation, and push-notification delivery — who process it on our instructions. We may disclose data where required by law.

7. Retention

We keep account and task data for as long as the company account is active, and for a reasonable period afterward as needed for legal, security, and backup purposes. When a company is permanently deleted, its associated data is removed in line with our deletion process. Attachments are deleted with the tasks they belong to.

8. Security

Accounts use email-and-password sign-in, with owner-issued setup codes for onboarding staff. Passwords are stored using industry-standard hashing. We apply technical and organizational measures appropriate to the data we process, though no system is perfectly secure.

9. Your rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. Staff should first contact their company owner/admin, who controls the workspace. You can also reach us at privacy@workflow.app.

10. Children

Workflow is a workplace tool intended for use by businesses and their staff. It is not directed at children and is not intended for anyone below the minimum working age in their jurisdiction.

11. Changes to this policy

We may update this policy from time to time. We will revise the "last updated" date above and, where appropriate, notify account owners of material changes.