Privacy Policy

Last updated: April 2025

Wordflow AI ("we", "our", or "us") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website wordflow.site or use our AI agent services. We comply with the General Data Protection Regulation (GDPR) and applicable privacy laws across the 50+ countries we serve.

1. Information We Collect

We may collect the following types of personal information:

• Contact Information: Name, email address, WhatsApp number, business name, and business type when you fill out our contact or order forms.
• Communication Data: Messages and conversations sent via WhatsApp, email, or our website chat widget.
• Usage Data: IP address, browser type, pages visited, time spent on pages, and other analytics data collected via Google Analytics and Google Tag Manager.
• Business Data: Information about your business that you provide to train your custom AI agent (products, pricing, FAQs, policies).

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve our AI agent services.
• Build, train, and deploy your custom AI agent.
• Communicate with you regarding your account, orders, and support requests.
• Send service updates, new feature announcements, and promotional content (you may opt out at any time).
• Comply with legal obligations and enforce our Terms of Service.
• Analyze usage patterns to improve our website and services.

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, our legal bases for processing personal data include:

• Contract: Processing necessary to fulfill our service agreement with you.
• Legitimate Interests: Improving our services and communicating with you about relevant updates.
• Consent: Where you have given explicit consent (e.g., marketing communications).
• Legal Obligation: Where we are required to process data by law.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party vendors who assist in operating our services (e.g., hosting providers, AI infrastructure providers). All are bound by strict data processing agreements.
• Legal Authorities: When required by applicable law, court order, or governmental authority.
• Business Transfers: In connection with any merger, sale, or acquisition of Wordflow AI, with appropriate confidentiality protections.

5. Data Retention

We retain your personal data only as long as necessary to provide our services and fulfill the purposes outlined in this policy. Contact and form data is retained for a maximum of 3 years. You may request deletion of your data at any time by contacting us at wordflow.ai285@gmail.com.

6. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your personal data ("right to be forgotten").
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests.
• Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at wordflow.ai285@gmail.com. We will respond within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to analyze website traffic and improve your experience. These include:

• Google Analytics: Tracks website usage (anonymized IP addresses).
• Google Ads (Tag Manager): Conversion tracking for advertising campaigns.

You may disable cookies in your browser settings. This may affect some functionality of the website.

8. International Data Transfers

As a service operating in 50+ countries, your data may be transferred to and processed in countries outside your own. We ensure all international transfers are protected by appropriate safeguards including Standard Contractual Clauses (SCCs) as approved by the European Commission.

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete it immediately.

10. Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website. Your continued use of our services after changes constitutes acceptance of the updated policy.