Flownath Terms

Privacy

Privacy Policy

Effective 3 May 2026

This Privacy Policy explains what information Flownath ("we", "us") collects when you use our service, what we do with it, and the choices you have. We try to keep this short and in plain English. If anything is unclear, please contact us.

1. Who we are

Flownath is a dynamic QR code and link management service operated by Flownath, based in Australia. We are the data controller for the information described below.

2. Information we collect

You give us:

  • Your email address and password when you create an account.
  • Your Google account name, email, and profile picture if you choose "Sign in with Google".
  • The names you give your organization, collections, and links, plus any files you upload (PDFs, images).

We collect automatically when someone scans your QR code or clicks a link:

  • IP address
  • Browser, operating system, and device type (parsed from the user-agent header)
  • Preferred language (from the Accept-Language header)
  • Referring URL, if any
  • UTM parameters (utm_source, utm_medium, utm_campaign) when present in the link
  • A session identifier and timestamp
  • Whether the visitor appears to be a bot

We do not use cross-site advertising trackers and we do not run third-party analytics SDKs on the public scan pages.

3. How we use it

  • To run and secure your account, including login, password reset, and email verification.
  • To deliver the content behind your QR codes and links.
  • To show you analytics about how your collections are performing.
  • To prevent abuse, fraud, and bot traffic.
  • To respond when you contact us.

We do not sell your personal information, and we do not share visitor analytics with advertisers.

4. Who we share it with

We share data only with service providers who help us run Flownath:

  • Cloudflare R2 — stores files you upload (PDFs, images). Files are served via signed URLs that expire after one hour.
  • Google — only if you choose to sign in with Google. Google sees that you signed into Flownath.
  • Hosting and email providers we use to operate the service.

We may also disclose information if required by law, or to protect the rights, safety, or property of Flownath, our users, or the public.

5. How long we keep it

We keep your account information for as long as your account is active. Scan and click events are kept so you can see analytics over time. If you delete your account, we delete or anonymize your personal information within a reasonable period, except where we are required to retain it.

6. Your rights

Depending on where you live, you may have the right to access, correct, export, or delete the personal information we hold about you, and to object to or restrict certain processing. To exercise any of these rights, email us at [email protected]. We will respond within a reasonable time.

7. Cookies

We use a small number of cookies that are necessary for the service to work — for example, to keep you logged in and to remember session state. We do not set advertising or cross-site tracking cookies.

8. International transfers

Flownath is operated from Australia. If you access the service from elsewhere, your information will be processed in the country where our servers and providers are located. By using Flownath, you consent to that transfer.

9. Children

Flownath is not directed at children under 13, and we do not knowingly collect information from them. If you believe a child has given us information, please contact us so we can remove it.

10. Changes

We may update this Privacy Policy from time to time. If the changes are material, we will let you know — for example, by email or by a notice in the app — before they take effect.

11. Contact

Questions about this policy? Email us at [email protected].

Home Terms of Service