ProductFlo.io Logo

|ProductFlo.io

Privacy Policy

Wearer Lab Inc. d/b/a ProductFlo.io (“ProductFlo,” “we,” “us,” or “our”) respects your privacy. This Policy explains how we collect, use, disclose, and protect your personal data when you use our website, applications, and related services (collectively, “Service”). It complies with the EU/UK GDPR, California CPRA, Canada’s  PIPEDA, Brazil’s LGPD, and other applicable laws.
By accessing or using the Service, you consent to the practices described below.

  1. Who We Are

    • Controller: Wearer Lab Inc. d/b/a ProductFlo.io, PO Box 3423 Piedmont Road NE, Atlanta, GA 30305 USA.
    • Email: privacy@productflo.io
    • DPO: dpo@productflo.io
    • EU & UK Representatives: privacy@productflo.io

  2. Scope

    • Applies to personal data collected through our websites, apps, and communications. Does not cover third‑party sites or services.

  3. Personal Data We Collect

    The table lists categories, examples, sources, and legal bases:

    Category Examples Source Legal Basis*
    Account Data Name, email, company, role You Contract
    Payment Data Last‑4 digits, txn IDs Payment processor Contract / Legit. interest
    User Content CAD files, BOMs, prompts You / collaborators Contract
    Usage & Device IP, events, logs Automated Legit. interest
    Cookies & Pixels Session ID, analytics ID Automated Consent / Legit. interest
    Support & Marketing Chat logs, preferences You Consent / Legit. interest

    *Legal bases under GDPR/UK GDPR.

  4. How & Why We Use Personal Data

    • Operate, secure, and maintain the Service (Contract).
    • Process payments and invoices (Contract / Legal obligation).
    • Improve features and train ML models (Legitimate interest).
    • Send product updates and marketing (Consent / Legitimate interest).
    • Comply with laws and enforce our Terms (Legal obligation).

    Free‑Tier Public Projects: Content created under the Free Tier is public and may be used for model training, demos, or marketing (see ToS § 7‑A).

  5. How We Share Personal Data

    • Service providers (AWS, GCP, Microsoft Azure, Stripe, analytics, support).
    • Affiliates for internal operations.
    • Collaborators or public viewers on shared projects.
    • Legal authorities when required.
    • Business transfers (merger, acquisition, financing).
    • Aggregated / anonymized data for insights.

    We do not sell personal data.

  6. International Transfers

    • Data is hosted in the United States. Transfers from the EEA/UK rely on EU Standard Contractual Clauses, the UK IDTA, and supplementary safeguards.

  7. Data Security

    • AES‑256 at‑rest encryption & TLS 1.2+ in transit.
    • Role‑based access controls, SSO/SAML.
    • Annual penetration tests & 24 × 7 monitoring.
    • Breach notification within 72 hours where required.

  8. Data Retention

    • Account & billing data: 7 years after closure.
    • User Content: until deleted or 30 days after plan end.
    • Back‑ups: ≤ 30 days rolling.
    • Analytics logs: 12 months (aggregated thereafter).
    • Marketing consents: until withdrawal or 2 years inactivity.

  9. Your Rights

    GDPR / UK GDPR

    • Access, rectify, erase, port, restrict, or object.
    • Withdraw consent at any time.
    • Complain to a supervisory authority.

    CCPA / CPRA

    • Know, delete, correct, opt‑out of “sharing,” limit SPI, no discrimination.
    • Submit requests via privacy@productflo.io or +1‑470‑223‑8190.

    Marketing Opt‑Out

    • Click “unsubscribe” in emails or adjust cookie preferences.

  10. Cookies & Similar Technologies

    • Essential cookies for login and security.
    • Analytics cookies (Google Analytics 4, IP anonymized).
    • Advertising pixels only with opt‑in consent.
    • Manage preferences via our cookie banner or browser settings. See Cookie Policy.

  11. Children’s Privacy

    • Service not directed to children under 13 (or 16 in the EEA). We delete data if we learn it was provided by a child.

  12. Automated Decision‑Making

    • We do not make decisions producing legal or similarly significant effects without human review.

  13. “Do Not Track” Signals

    • Our Sites currently do not respond to DNT signals. Control tracking via cookie settings.

  14. Changes to This Policy

    • We will post updates and give at least 15 days’ notice of material changes. Continued use indicates acceptance.

  15. Contact

    • Wearer Lab Inc. d/b/a ProductFlo.io
      PO Box 3423 Piedmont Road NE, Atlanta, GA 30305, USA
      privacy@productflo.io
      Phone: +1‑470‑223‑8190