MacFileFlow

Privacy Policy

Last updated: January 2026

1. Introduction

MacFileFlow ("Company," "we," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and purchase our products and services. Please read this policy carefully. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

Information You Provide Directly:

  • Account registration data: name, email address, password, phone number, and billing address.
  • Payment information: credit card details processed securely through third-party payment processors (never stored by us).
  • Communication data: when you contact us via email, phone, or support channels, we retain your messages and any responses.
  • Product usage data: files you organize using our templates, folder names, and organizational preferences you share with us for customization.

Information Collected Automatically:

  • Log data: IP address, browser type, operating system, referring URL, pages visited, and timestamps.
  • Device data: hardware model, OS version, unique device identifiers.
  • Cookies: small files stored on your device to remember preferences and track site usage.
  • Analytics: aggregate data about how users interact with our website and products through tools like Google Analytics.

3. How We Use Your Information

We use collected information for the following purposes:

  • Providing, maintaining, and improving our Services.
  • Processing transactions and sending related confirmations and invoices.
  • Sending transactional emails (account notifications, password resets, order updates).
  • Responding to your inquiries and providing customer support.
  • Conducting research, analytics, and improving user experience.
  • Complying with legal obligations and preventing fraud.
  • Marketing communications (with your opt-in consent) about new features, special offers, and promotions.

4. Legal Basis for Processing (GDPR)

For users in the European Union, we process personal data under the following legal bases:

  • Consent: when you explicitly agree to marketing or optional data collection.
  • Contract performance: to fulfill your purchase and provide Services.
  • Legal obligation: to comply with laws and regulations.
  • Legitimate interests: to improve our Services, prevent fraud, and ensure security.

5. Sharing Your Information

We do not sell your personal data. We share information only in these circumstances:

  • Service Providers: Third parties who assist us (payment processors, email services, hosting providers, analytics platforms) under confidentiality agreements.
  • Legal Compliance: When required by law, regulation, court order, or to protect our rights and safety.
  • Business Transfers: In the event of merger, acquisition, or asset sale, your data may transfer as part of that transaction.
  • Aggregated Data: We may share anonymized, aggregated analytics that cannot identify individuals.

6. Data Retention

We retain personal data for as long as necessary to provide Services and fulfill the purposes outlined in this policy. Retention periods vary by data type:

  • Account data: retained while account is active and for 30 days after account deletion.
  • Transactional data: retained for 7 years to comply with tax and accounting regulations.
  • Support communications: retained for 2 years after the last interaction.
  • Marketing data: retained until you unsubscribe.
  • Log and analytics data: deleted after 180 days unless required for security or legal purposes.

7. Security Measures

We implement industry-standard security practices to protect your information:

  • End-to-end encryption for sensitive communications.
  • SSL/TLS encryption for all data in transit.
  • Secure password storage using bcrypt hashing.
  • Regular security audits and vulnerability assessments.
  • Restricted access to personal data (only authorized personnel).
  • Firewalls, intrusion detection, and monitoring systems.

While we employ robust security, no system is 100% secure. We cannot guarantee absolute security of your data.

8. Your Rights and Choices

For All Users:

  • Access: request a copy of your personal data in a portable format.
  • Correct: update or correct inaccurate information.
  • Delete: request deletion of your account and associated data (subject to legal retention requirements).
  • Opt-out: unsubscribe from marketing emails via the link in every message or your account settings.
  • Cookie preferences: manage or disable cookies in your browser settings.

For EU/GDPR Users (Additional Rights):

  • Right to be forgotten: request erasure under certain circumstances.
  • Data portability: receive your data in a structured, portable format.
  • Restrict processing: limit how we use your data.
  • Object to processing: oppose certain processing activities.
  • Lodge complaints: file complaints with your local data protection authority.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: required for core functionality (session management, security).
  • Preference Cookies: remember your choices (language, theme, cookie preferences).
  • Analytics Cookies: track site usage and user behavior to improve Services.
  • Marketing Cookies: used for retargeting and personalized advertising (with consent).

You can manage cookie preferences via our Cookie Banner or browser settings. Disabling cookies may affect functionality.

10. Third-Party Links and Services

Our website may contain links to third-party sites. We are not responsible for the privacy practices of external sites. We encourage you to review their privacy policies before providing personal information.

11. Children's Privacy

Our Services are not directed to individuals under 13 years old. We do not knowingly collect personal data from children. If we become aware that a child under 13 has provided us with information, we will immediately delete it and notify the parent or guardian.

12. International Data Transfers

Your data may be transferred to, stored in, and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. By using our Services, you consent to such transfers. We implement safeguards including Standard Contractual Clauses and ensure adequate data protection.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes via email or prominent notice on our website. Your continued use of Services after updates constitutes acceptance of the revised policy.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or want to report a data breach, please contact us:

Email: privacy@macfileflow.com

Phone: +1-202-555-0147

Address: 1600 Pennsylvania Ave NW, Washington, DC 20500

Data Protection Officer: dpo@macfileflow.com

We will respond to access and privacy requests within 30 days as required by applicable law.