Privacy Policy
Last updated: Nov 24, 2025
Omniflow (“we,” “us,” “our”) provides a productized onboarding design service for SaaS teams. This Privacy Policy explains what personal data we collect, how we use it, and your rights under the EU General Data Protection Regulation (GDPR).
1. Data We Collect
We only collect the minimum data required to deliver our service:
a. Contact & Business Information
Name
Email
Company name
Role
Product URL
Intake answers (activation goal, ICP notes, constraints)
b. Project Materials
Assets you share with us (screenshots, videos, text, documents)
Staging/demo/production access you provide strictly for design and audit work
c. Communication Data
Slack messages and files exchanged in the shared channel
Loom call recordings (optional)
Emails and notes related to your project
d. Website Data
Basic analytics from Framer (no tracking outside what Framer collects)
No advertising cookies, behavioral ads, or cross-site tracking
2. How We Use Your Data
We use your data solely for:
Delivering the onboarding design service
Preparing audits, flows, copy, events, and documentation
Scheduling and communicating with you
Billing and invoicing
Improving our internal processes (never sharing raw data outside the project)
We do not sell, rent, or trade your data.
3. Legal Basis (GDPR)
We process your data under:
Contractual necessity — to deliver the service you purchase
Legitimate interest — to operate and protect our business
Consent — when you voluntarily provide materials or access credentials
You may withdraw consent at any time.
4. Where Your Data Lives
We store project materials in:
Figma
Google Drive
Notion
All are hosted on secure, industry-standard infrastructure.
We do not list subprocessors on this page, because we keep data usage minimal and transparent; however, the tools above naturally process the information you upload into them.
5. Access to Customer Environments
If required for the project, we may access:
Demo or staging environments
Production environments only if explicitly granted
We do not store or export production data outside the tools you provide.
6. Data Retention
We keep project files for up to 24 months to support future iterations unless you request earlier deletion.
You may request deletion at any time.
7. Your Rights (EU)
You have the right to:
Access your data
Correct inaccurate data
Request deletion
Restrict processing
Request data portability
Lodge a complaint with your local data authority
Contact: hello@omniflow.so
8. Data Security
We take reasonable technical and organizational measures to protect your data, including access controls, limited retention, and secure storage.
9. Changes to This Policy
We may update this policy as needed. The “Last updated” date will always reflect the latest version.