Skip to content
← flowe.cc

Privacy Policy

Effective: March 26, 2026~8 min read

TL;DR

We don't sell your data. You own your content. You can delete everything anytime.

1. Introduction

Welcome to FlowE ("FlowE," "we," "us," or "our"). FlowE is a productivity and task management application designed for college students, graduate students, and adult learners. Our app helps you organize tasks, sync academic calendars, coordinate with family or household members, and stay motivated through gamification.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the FlowE mobile application and related services (collectively, the "Service"). Please read this policy carefully. By using FlowE, you consent to the data practices described in this policy.

If you have any questions or concerns about this policy, please contact us at support@flowe.cc.

2. Information We Collect

We collect information in the following categories:

a) Account Information

When you create an account, we collect:

  • Email address
  • Full name
  • Profile information (e.g., school level, role selection)
  • Authentication credentials managed through our authentication provider (Clerk)

b) Canvas Integration Data

If you choose to connect your Canvas LMS account, FlowE may use one or more of the following connection methods depending on what your school supports:

  • Institution-managed Canvas OAuth
  • Personal Canvas API token
  • Canvas ICS calendar feed fallback

Depending on the connection method, we may access:

  • Course names, sections, and course metadata
  • Assignments, due dates, scheduling details, and calendar events
  • Submission status and related assignment state
  • Grade summaries, score information, and assignment grouping metadata

This data is used to power academic planning features inside FlowE, including task creation, calendar views, due date tracking, course organization, and grade-awareness features. The exact data available depends on the connection type you use and your institution's Canvas configuration.

c) Task and Productivity Data

As you use FlowE, we store:

  • Tasks, projects, and events you create
  • Tags, categories, and organizational preferences
  • Focus timer session data
  • Schedule and routine preferences

d) Family Coordination Data

If you use family features, we collect:

  • Shared tasks and events between family members
  • Family member display names and roles
  • Family group membership information

e) Gamification Data

  • FlowPoints earned and spent
  • Achievement and badge progress
  • Levels, streaks, and leaderboard standings

f) Usage Analytics

With your consent, we collect anonymized usage data through PostHog, including:

  • Feature usage patterns (e.g., which screens you visit, which features you use)
  • App performance metrics (e.g., load times, error rates)
  • Session duration and frequency

This data is anonymized and cannot be used to identify you personally. You may opt out of analytics at any time through Settings → Privacy & Data → Data Collection.

g) Institutional Onboarding Data

If a school administrator submits Canvas OAuth details through our admin onboarding portal, we collect:

  • Institution name and Canvas domain
  • Administrator contact details and role
  • Canvas OAuth client ID, redirect URI, and encrypted client secret
  • Verification and review metadata needed to approve the integration

h) Device Information

We automatically collect limited device information for debugging and compatibility purposes, including operating system version, device type (e.g., iPhone model), and app version.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Core Functionality: To operate FlowE, including task management, calendar views, and focus timers.
  • Sync Canvas Academic Data: To import and update course, assignment, due date, calendar, submission-state, and grade-summary information supported by your Canvas connection.
  • Activate School OAuth Integrations: To verify, review, approve, and maintain institution-submitted Canvas OAuth configurations.
  • Enable Family Coordination: To allow shared tasks and events between family members.
  • Track Gamification Progress: To calculate FlowPoints, achievements, levels, streaks, and leaderboard positions.
  • Improve the App: To analyze anonymized usage patterns and fix bugs.
  • Send Notifications: With your permission, to send reminders and updates.
  • Provide AI-Powered Features: To offer task suggestions, time estimates, and schedule optimization.
  • Authenticate Your Identity: To verify your account and manage sessions.
  • Communicate With You: To respond to support requests and service announcements.

4. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We only share information in limited circumstances:

a) Family Members

If you join a family group, members can see shared tasks, events, and your display name. Family data sharing is opt-in and revocable.

b) Service Providers

  • Convex (backend database and real-time sync)
  • Clerk (authentication)
  • PostHog (analytics, opt-out available)
  • OneSignal (push notifications)

c) Legal Requirements

We may disclose information if required by law or to protect rights and safety.

d) Business Transfers

In the event of a merger or acquisition, we will notify you of ownership changes.

5. Data Storage & Security

  • Backend: Convex with encryption at rest and access controls.
  • Encryption in Transit: HTTPS (TLS 1.3).
  • Canvas Admin Credentials: Institution client secrets submitted through the admin portal are encrypted at rest before storage.
  • Secure Local Storage: Personal Canvas API tokens, ICS feed URLs, and locally managed app credentials are stored in iOS Keychain where applicable.
  • Canvas Connection Data: We may store Canvas connection records, OAuth state, and sync metadata in our backend and on your device as needed to support the integration.
  • Authentication: Clerk with session management and OAuth 2.0.
  • Access Controls: Server-side authentication required for all requests.

No method is 100% secure, but we use commercially reasonable safeguards.

6. Your Rights

You have the following rights regarding your personal data:

a) Access Your Data

View all data via Settings → Privacy & Data.

b) Delete Your Data

Request deletion via Settings → Account → Delete Account. 30-day grace period, permanent deletion within 90 days.

c) Export Your Data

Export via Settings → Privacy & Data → Export My Data, or contact support@flowe.cc.

d) Opt Out of Analytics

Disable via Settings → Privacy & Data → Data Collection.

e) Correct Your Data

Update profile in-app or contact support@flowe.cc.

7. Data Retention

  • Active accounts: Retained for account duration.
  • Deleted accounts: Personal data deleted within 30 days, backups within 90 days.
  • Analytics: Anonymized data retained indefinitely.
  • Legal obligations: Certain data retained as required by law.

8. Children's Privacy

FlowE is rated 17+ and intended for users 18+. FlowE is not directed to children under 18. We do not knowingly collect information from anyone under 18.

If we discover information from a minor, we will delete it immediately. Contact support@flowe.cc to report.

9. Changes to This Policy

We may update this policy. For material changes:

  • We will update the effective date.
  • We will notify you via push notification or in-app notice.
  • We will provide at least 30 days' notice.

Continued use after changes constitutes acceptance.

10. Contact Information

We respond to privacy inquiries within 30 days.

Terms of Service →Back to top ↑