FFlowMaticX

Your GDPR Rights

Last updated: June 6, 2026

FlowMaticX is committed to giving you full control over your personal data. The General Data Protection Regulation (GDPR) grants EU residents specific rights regarding their data. This page explains each right and how to exercise it — most can be done self-service from your account, without contacting us.

Logged-in self-serve
Export all your data, or permanently delete your account.
Go to Settings

1. Right to access (Article 15)

You can request a full export of all personal data we hold about you — account details, workspace memberships, lead jobs, leads, credit transactions, audit logs, and error events. The export is delivered as a machine-readable JSON file.

How: go to Settings → Privacy → Export my data. The download starts immediately and covers everything the DPO would send in response to a manual request.

2. Right to rectification (Article 16)

You can correct inaccurate personal data at any time directly from your account. This includes your name, email, password, workspace name, and billing address.

How: edit fields directly at Settings or Workspace. Changes take effect immediately.

3. Right to erasure / right to be forgotten (Article 17)

You can permanently delete your account and all associated personal data. This cascades to all workspaces you own, all jobs you created, and anonymizes any leads you have scraped (we keep the business contact info but remove the link to your account for legal/compliance purposes).

What is deleted:

  • Account profile (name, email, password hash, session history)
  • Workspaces you own (members get 30 days to transfer ownership)
  • All jobs, leads, credit transactions, and API keys
  • Audit logs and error logs associated with your user ID

What is retained:

  • Anonymized financial records (Stripe invoices) — 7 years for tax compliance
  • Fraud / abuse incident reports — indefinitely, without PII

How: go to Settings → Privacy → Delete account. Deletion is irreversible and takes effect within 90 days (immediate flag, background purge).

4. Right to restrict processing (Article 18)

You can ask us to pause processing of your data while you contest its accuracy or object to our legal basis. Your account remains active but no new jobs can be created and data is frozen.

How: email privacy@flowmaticx.com. We respond within 72 hours and implement the restriction within 10 business days.

5. Right to data portability (Article 20)

You have the right to receive your data in a structured, commonly used, machine-readable format, and to transmit it to another controller. Our export (Article 15) satisfies this right — it's a well-documented JSON format you can import into any other tool.

How: use the same export as Article 15 above.

6. Right to object (Article 21)

You can object to our processing based on legitimate interests (for example, analytics and product improvement). If you object, we stop those specific processing activities unless we demonstrate compelling legitimate grounds to continue.

How: go to Settings → Privacy → Opt out of analytics or email us for broader objections.

7. Rights related to automated decision-making (Article 22)

FlowMaticX does not make automated decisions with legal or significant effects on you. AI is used only to generate outreach copy — no profiling, scoring, or decision-making based on your personal data.

8. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority if you believe your data rights have been violated. A list of EU supervisory authorities is available at edpb.europa.eu. In the UK, you can contact the Information Commissioner's Office (ICO).

We encourage you to contact us first so we can resolve your concern directly.

9. Scraped business contacts — your removal request

If you are a business or individual whose publicly available contact information was scraped by a FlowMaticX customer and you want it removed from our platform, you have two options:

  1. Request platform-wide suppression: email suppression@flowmaticx.com with the domain or email address. We add it to our global suppression list within 10 business days and prevent future scraping of that entity.
  2. Request immediate deletion: for faster removal, provide proof of ownership of the domain/email. We permanently purge all matching records within 5 business days.

10. Our Data Protection Officer

For any question related to GDPR, data processing, or your rights, contact our Data Protection Officer at privacy@flowmaticx.com. We are required to respond within 30 days (Article 12(3)), but we aim for 72 hours.

Not logged in? You can still exercise your rights by emailing privacy@flowmaticx.com with proof of identity. Self-serve tools above are faster if you have an account.