🔒 Legal Document

Privacy Policy

Effective Date: January 1, 2025 · Last Updated: January 25, 2026

At Flowstate Engineering™, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with our cognitive development platform. By using our services, you consent to the practices described herein.

1

Information We Collect

We collect information to provide better services to our users and to improve the Flowstate Engineering™ platform. The types of information we collect depend on how you interact with our services.

Information You Provide Directly

  • Account Information: Name, email address, username, password, and profile information when you create an account.
  • Contact Information: Email address, phone number, and mailing address when you contact us or subscribe to communications.
  • Payment Information: Billing address and payment card details (processed securely through our payment processors).
  • User Content: Code, projects, documentation, comments, and other content you create or upload to our platform.
  • Communications: Information you provide when you contact our support team or participate in surveys.

Information Collected Automatically

  • Device Information: Hardware model, operating system, unique device identifiers, and mobile network information.
  • Log Data: IP address, browser type, pages visited, time and date of visits, time spent on pages, and other diagnostic data.
  • Usage Information: Features used, actions taken, and interaction patterns within our platform.
  • Location Data: General geographic location based on IP address (we do not collect precise GPS location).

Information from Third Parties

  • Authentication Providers: Information from services like GitHub, Google, or Microsoft when you choose to sign in using these providers.
  • Analytics Partners: Aggregated and anonymized data about platform usage and performance.
  • Business Partners: Information from partners when you use integrated services or participate in joint offerings.
2

How We Use Your Information

We use the information we collect for various purposes, all aimed at providing, maintaining, and improving our services while ensuring a secure and personalized experience.

Purpose Description
Service Delivery To provide, operate, and maintain the Flowstate Engineering™ platform and its features.
Account Management To create and manage your account, process transactions, and provide customer support.
Personalization To customize your experience and deliver content and features relevant to your interests.
Communication To send service updates, security alerts, and administrative messages.
Analytics To understand usage patterns, measure performance, and improve our services.
Security To detect, prevent, and respond to fraud, abuse, and security incidents.
Legal Compliance To comply with applicable laws, regulations, and legal processes.
Research & Development To develop new products, features, and services that enhance the cognitive development paradigm.

AI Training Disclosure: We do not use your personal code, projects, or private content to train machine learning models without your explicit consent. Any AI-powered features within our platform operate on anonymized and aggregated data patterns only.

3

Information Sharing & Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

Service Providers

We engage trusted third-party companies and individuals to perform services on our behalf, such as hosting, analytics, payment processing, and customer support. These providers have access only to information necessary to perform their functions and are obligated to protect your data.

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies). We may also disclose information to:

  • Comply with legal obligations and enforce our terms of service
  • Protect the rights, property, or safety of Flowstate Engineering™, our users, or others
  • Detect, prevent, or address fraud, security, or technical issues

With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as when you choose to connect third-party integrations or participate in collaborative features.

4

Data Security

We implement robust security measures designed to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

  • Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.3. Data at rest is encrypted using AES-256 encryption.
  • Access Controls: Strict role-based access controls limit employee access to personal data on a need-to-know basis.
  • Infrastructure Security: Our systems are hosted on enterprise-grade cloud infrastructure with SOC 2 Type II certification.
  • Regular Audits: We conduct regular security assessments, penetration testing, and vulnerability scans.
  • Incident Response: We maintain a comprehensive incident response plan to address any security breaches promptly.
  • Employee Training: All employees receive regular training on data protection and security best practices.

Security Commitment: While no method of transmission over the Internet or electronic storage is 100% secure, we strive to use commercially acceptable means to protect your personal information and continuously improve our security posture in alignment with the Flowstate principle of continuous evolution.

5

Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information. We respect these rights and provide mechanisms for you to exercise them.

Access

Request a copy of the personal information we hold about you.

Correction

Request correction of inaccurate or incomplete personal information.

Deletion

Request deletion of your personal information, subject to legal retention requirements.

Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing of your personal information for certain purposes.

Restriction

Request restriction of processing under certain circumstances.

Withdraw Consent

Withdraw consent where processing is based on your consent.

Non-Discrimination

Not receive discriminatory treatment for exercising your rights.

Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within 30 days (or sooner if required by applicable law). We may need to verify your identity before processing certain requests.

Regional Privacy Rights

California Residents (CCPA/CPRA): You have the right to know what personal information is collected, request deletion, opt out of sales (we do not sell personal information), and access information about our data practices.

European Economic Area (GDPR): You have rights including access, rectification, erasure, restriction, data portability, and objection. You may also lodge a complaint with your local supervisory authority.

Other Jurisdictions: We comply with applicable privacy laws in all jurisdictions where we operate. Please contact us if you have questions about your specific rights.

6

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our services.

Types of Cookies We Use

  • Essential Cookies: Required for the operation of our website and services. They enable core functionality such as security, authentication, and accessibility.
  • Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously.
  • Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.
  • Performance Cookies: Collect information about how you use our services to help us improve performance and user experience.

Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or alert you when cookies are being sent. However, some features of our services may not function properly without cookies.

Do Not Track

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. We currently respond to DNT signals by limiting tracking to essential operational purposes only.

7

Third-Party Services

Our services may contain links to third-party websites, applications, or services that are not operated by us. We are not responsible for the privacy practices of these third parties.

Integrated Services

When you choose to use third-party integrations (such as GitHub, GitLab, or cloud providers), those services may collect information about you in accordance with their own privacy policies. We encourage you to review their privacy practices before enabling integrations.

Third-Party Service Providers

We work with the following categories of service providers:

  • Cloud Infrastructure: Microsoft Azure for hosting and data storage
  • Analytics: Privacy-focused analytics to understand service usage
  • Payment Processing: Stripe for secure payment handling
  • Communication: SendGrid for transactional emails
  • Authentication: OAuth providers for secure sign-in options
8

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Criteria

We determine the appropriate retention period based on:

  • The nature and sensitivity of the information
  • The purposes for which we process the information
  • Applicable legal, regulatory, tax, accounting, or other requirements
  • Whether you have an active account or ongoing relationship with us

Account Deletion

When you delete your account, we will delete or anonymize your personal information within 90 days, except for information we are required to retain for legal, regulatory, or security purposes. Certain information may persist in encrypted backups for a limited period before being permanently deleted.

9

International Data Transfers

Flowstate Engineering™ is based in the United States. If you access our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our servers are located.

Transfer Mechanisms

When we transfer personal information internationally, we implement appropriate safeguards to protect your information, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all service providers
  • Compliance with applicable data protection frameworks

Data Localization

For enterprise customers with specific data residency requirements, we offer options to store data in specific geographic regions. Please contact us to discuss your requirements.

10

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to delete that information promptly.

Parental Notice: If you believe a child under 16 has provided personal information to us, please contact us at privacy@fstate.dev and we will promptly investigate and remove any such information from our systems.

11

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on our website with a new "Last Updated" date
  • Sending you an email notification (for registered users) if the changes are significant
  • Displaying a prominent notice on our services before the changes take effect

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

12

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please don't hesitate to contact us.

Flowstate Engineering™ Privacy Team

Email: privacy@fstate.dev

General Inquiries: scott@fstate.dev

Website: fstate.dev

For privacy-related requests, please include "Privacy Request" in the subject line and provide sufficient information for us to verify your identity and respond to your request. We aim to respond to all legitimate inquiries within 30 days.

← Return to Manifesto