Privacy Policy
How PortaliaFlow collects, processes, stores, and protects personal data in line with GDPR and SaaS best practices.
Last updated: February 23, 2026
1. Controller and processor roles
PortaliaFlow is Data Controller for prospect, account-owner, and billing-contact data. For customer workspace content, PortaliaFlow acts as Data Processor under customer instructions.
2. Personal data categories
We may process identity and contact data, login/authentication data, billing metadata, support communications, account activity logs, and technical telemetry required for service security and continuity.
3. Purposes and legal bases
Processing is based on contract performance (service delivery), legitimate interest (security and abuse prevention), legal obligations (tax/accounting), and consent where required (optional analytics/marketing).
4. Retention periods
Data is retained during the active subscription and, unless legally required otherwise, for up to 24 months after account closure for contractual, security, and record-keeping purposes.
6. International transfers
Primary hosting is in the EU (Frankfurt region). If data is transferred outside the EEA, PortaliaFlow applies Standard Contractual Clauses and supplementary technical and organizational safeguards.
7. Data subject rights
You may request access, rectification, erasure, restriction, portability, objection, and consent withdrawal by contacting privacy@portaliaflow.com. We may request identity verification before execution.
8. Security measures
Security controls include encryption in transit, role-based permissions, least-privilege administration, audit trails, backup policies, and vulnerability patching cycles.
9. Children and minors
PortaliaFlow is designed for business use and is not intended for children under 16. We do not knowingly collect personal data from children for consumer use cases.
10. Policy updates and complaints
We may update this policy to reflect legal or service changes. Material updates will be published on this page. You may lodge a complaint with your supervisory authority (AEPD in Spain).