FLOWROUTE
Legal

Privacy Notice

Last updated: May 17, 2026

1. Who we are

FlowRoute is operated by Sinsa LLC ("Sinsa", "we", "us"). Sinsa is the data controller responsible for personal data processed through the FlowRoute application and website (the "Service"). You can reach us at privacy@flowroute.io.

2. Personal data we collect

  • Account data: name, email address, phone number, company name, password (hashed).
  • Profile and team data: role, profile image, team membership.
  • Business data: information you enter about units, customers, routes, jobs, events, invoices, photos, and signatures.
  • Driver/field data: device location while on duty, completed checklists, capture timestamps, photos of units.
  • Communications: support tickets, emails, chat messages.
  • Usage / telemetry: pages viewed, features used, device type, browser, IP address, approximate location.
  • Cookies and similar technologies: see our Cookie Notice.

Payment information (card numbers, billing addresses) is collected and processed by Paddle as our Merchant of Record — Sinsa does not store full payment card details.

3. Why we use your data

  • Create and manage your account (contract performance).
  • Provide the Service, including unit tracking, routing, and billing (contract performance).
  • Communicate with you about your account, the Service, and support (contract performance and legitimate interests).
  • Protect the Service from fraud, abuse, and security incidents (legitimate interests / legal obligation).
  • Improve our product, fix bugs, and analyze usage (legitimate interests).
  • Send marketing emails — only with your consent, and you can unsubscribe at any time.
  • Comply with legal obligations (e.g., tax, accounting, lawful requests).

4. Who we share data with

  • Service providers / subprocessors who help us run the Service, including cloud hosting, database, email delivery, error monitoring, customer support tooling, and analytics.
  • Paddle.com, our Merchant of Record, for sale of subscriptions, payments, tax compliance, and invoicing.
  • Professional advisers such as lawyers and accountants when reasonably necessary.
  • Authorities when required by law, court order, or to protect the rights, safety, and property of Sinsa or others.
  • Acquirers in connection with a merger, acquisition, or sale of assets, subject to appropriate confidentiality protections.

We do not sell your personal data.

5. International transfers

Sinsa is based in the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US and other countries where our subprocessors operate. Where required, we use appropriate safeguards such as Standard Contractual Clauses.

6. Retention

We retain personal data for as long as your account is active and for a reasonable period afterward to comply with legal obligations, resolve disputes, and enforce agreements. Customer Data is deleted within 90 days of account termination, except where retention is required by law.

7. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, port, or object to processing of your personal data, and to withdraw any consent you have given. You may also lodge a complaint with your local data protection authority. To exercise these rights, contact privacy@flowroute.io; we will respond within one month.

8. Security

We use appropriate technical and organizational measures to protect personal data, including encryption in transit and at rest, role-based access controls, audit logs, and regular reviews. No system is 100% secure — please use a strong, unique password and notify us immediately if you suspect unauthorized access.

9. Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from children.

10. Changes

We may update this notice from time to time. Material changes will be communicated through the Service or by email.

11. Contact

Sinsa LLC · privacy@flowroute.io