Your Privacy Matters in OneFlow
This Privacy Policy explains how OneFlow collects, uses, and protects your information when you use our comprehensive business management platform, including BudgetFlow (finance & budgeting), TimeFlow (project & time management), and BranchFlow (inventory & POS).
Last updated: January 8, 2026
Overview
Information we collect
OneFlow collects information necessary to provide our comprehensive business management services across all three modules:
Account Information
- Name, email address, and password for account creation
- Company name, billing address, and contact information
- Profile information and preferences
- Team member information and roles across all modules
BudgetFlow Data
- Financial budgets, forecasts, and actual spending data
- Expense categories, transactions, and financial reports
- Budget allocations and financial planning information
- Financial goals and performance metrics
TimeFlow Data
- Project definitions, timelines, and milestones
- Time tracking data, work logs, and productivity metrics
- Task assignments, status updates, and completion data
- Team collaboration and project management information
BranchFlow Data
- Inventory items, stock levels, and product information
- Point of sale transactions and customer data
- Purchase orders, suppliers, and vendor information
- Sales reports and inventory analytics
Payment Information
- Billing details and subscription information
- Payment method information (processed securely by Paddle)
- Transaction history and invoice data
- Module-specific billing and usage data
Usage Analytics
- Feature usage patterns across all modules
- Performance metrics and system logs
- Device information and browser details
- IP addresses and session data
How we use your information
- Service Delivery: Provide and maintain OneFlow business management services across BudgetFlow, TimeFlow, and BranchFlow
- Account Management: Manage user accounts, subscriptions, and billing for all modules
- Module Processing: Process financial data (BudgetFlow), project data (TimeFlow), and inventory/POS data (BranchFlow)
- Data Integration: Enable data sharing and reporting across all three modules
- Customer Support: Respond to inquiries and provide technical assistance for all modules
- Service Improvement: Analyze usage patterns to enhance features and performance across all modules
- Security: Monitor for abuse, fraud, and security threats across the entire platform
- Compliance: Meet legal obligations and enforce our terms of service
- Communication: Send service updates, notifications, and marketing (with consent)
Legal bases (EEA/UK)
For users in the European Economic Area and UK, we process personal data under these legal bases:
- Contract: To provide OneFlow services as agreed in our terms of service
- Legitimate Interests: To operate, secure, and improve our services
- Consent: For optional activities like marketing communications
- Legal Obligation: To comply with applicable laws and regulations
Data Storage & Security
We implement industry-standard security measures to protect your data:
- Data encryption in transit and at rest
- Secure cloud infrastructure with regular security audits
- Access controls and authentication mechanisms
- Regular backups and disaster recovery procedures
- Employee training on data protection and privacy
Payment Processing
OneFlow uses Paddle as our payment processor. When you make payments:
- Payment information is processed securely by Paddle
- We receive transaction confirmations and billing details
- We do not store credit card numbers or sensitive payment data
- Paddle's privacy policy applies to payment processing
Data Retention
We retain your information for as long as necessary to:
- Provide OneFlow services to your account
- Comply with legal and regulatory requirements
- Resolve disputes and enforce our agreements
- Improve our services and develop new features
When you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
Your Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your personal data
- Portability: Receive your data in a structured format
- Restriction: Limit how we process your data
- Objection: Object to certain types of processing
- Withdraw Consent: Withdraw consent for optional processing
To exercise these rights, contact us at hello@iqtholding.solutions
International Transfers
OneFlow may process and store your data in countries other than your own. When we transfer personal data internationally, we implement appropriate safeguards including standard contractual clauses and adequacy decisions to ensure your data is protected.
Security
We take security seriously and implement multiple layers of protection:
- End-to-end encryption for sensitive workflow data
- Regular security audits and penetration testing
- Multi-factor authentication options
- Secure API endpoints with rate limiting
- Employee access controls and monitoring
While we strive to protect your data, no system is 100% secure. We cannot guarantee absolute security and recommend you also take steps to protect your account.
Changes to this Policy
We may update this Privacy Policy from time to time. When we make changes:
- We will post the updated policy on this page
- We will update the "Last updated" date
- For material changes, we will notify you via email or in-app notification
- Continued use of OneFlow after changes constitutes acceptance
Contact Us
If you have questions about this Privacy Policy or our data practices, contact us:
- Email: hello@iqtholding.solutions
- Address: Bindastraat #68, Paramaribo, Suriname
- Phone: +(597) 430296
For data protection inquiries, please include "Privacy Inquiry" in your subject line.
