← Back to home

Privacy Policy

Last updated: March 2026

1. Information We Collect

When you use FlowEasy, we collect:

  • GitHub profile data: username, email, avatar URL (via OAuth)
  • Repository metadata: repo names, branches, workflow run status
  • Pipeline configurations: selected gates, targets, schedule
  • Usage data: pipeline runs count, timestamps, duration
  • Payment data: processed by Stripe; we store only customer ID and plan status

2. How We Use Your Data

  • Generate and manage CI/CD pipelines on your behalf
  • Display pipeline status, logs, and analytics in the dashboard
  • Enforce usage limits based on your subscription plan
  • Send in-app notifications about pipeline events
  • Improve the Service through aggregated, anonymized usage patterns

3. Data Storage & Security

Your data is stored in Supabase (hosted in EU). We use Row Level Security (RLS) to ensure users can only access their own data. API keys are stored as SHA-256 hashes, never in plaintext. All connections use HTTPS/TLS.

4. Third-Party Services

We share data with the following services as necessary to operate:

  • GitHub: repository access, workflow management (via your OAuth token)
  • Vercel: deployment integration (via your Vercel token)
  • Stripe: payment processing
  • Anthropic / OpenAI: AI pipeline generation (repo context sent for analysis)

We do not sell your data to third parties.

5. AI Data Processing

When generating pipelines or analyzing failures, we send repository context (file names, package.json, workflow logs) to AI providers. This data is used solely for generating responses and is not used to train AI models.

6. Cookies

We use essential cookies for authentication (Supabase session) and Vercel integration. We do not use tracking or advertising cookies.

7. Data Retention

Pipeline run history is retained for the duration of your account. If you delete a pipeline, the run history is preserved (with nullified pipeline reference) for billing accuracy. Account deletion can be requested via Support.

8. Your Rights

You may: (a) access your data via the dashboard and API; (b) export your pipeline configurations; (c) request account deletion via Support; (d) revoke GitHub OAuth access at any time via GitHub settings.

9. Changes to This Policy

We may update this policy as needed. Changes will be posted on this page with an updated date.

10. Contact

For privacy questions, contact us via Support or at privacy@floweasy.dev.