Back to home

Privacy Policy

Last updated: January 2025

Overview

Firmflow ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our client portal software and related services.

Information We Collect

Account Information

When you register for Firmflow, we collect your name, email address, business name, and phone number (optional). If you sign in with Google, we receive your name and email from Google.

Client Data

As an accountant using Firmflow, you may upload client information including names, email addresses, business names, and documents. You are responsible for ensuring you have appropriate consent to share this information with us.

Usage Data

We automatically collect information about how you interact with our service, including pages visited, features used, and time spent on the platform.

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number. Stripe's privacy policy governs their handling of payment data.

How We Use Your Information

  • To provide and maintain our service
  • To process your subscription and payments
  • To send you important updates about your account
  • To respond to your support requests
  • To improve our service based on usage patterns
  • To detect and prevent fraud or abuse

Data Security

We implement industry-standard security measures to protect your data:

  • 256-bit SSL/TLS encryption for all data in transit
  • Encrypted storage for all data at rest
  • Regular security audits and updates
  • Secure cloud infrastructure hosted on trusted providers
  • Access controls and authentication requirements

Data Retention

We retain your account data for as long as your account is active. If you cancel your subscription, your data remains accessible for 30 days before deletion. You may request immediate deletion of your data at any time by contacting us.

Third-Party Services

We use the following third-party services:

  • Stripe - Payment processing
  • Cloudflare R2 - Document storage
  • Supabase - Database hosting
  • Vercel - Application hosting
  • Resend - Transactional emails

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of marketing communications

California Privacy Rights

If you are a California resident, you have additional rights under the CCPA, including the right to know what personal information we collect and how it is used, the right to delete your information, and the right to opt out of the sale of your information. We do not sell your personal information.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our website.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

hello@usefirmflow.com