StockFlow - Inventory Management

1. Introduction

StockFlow is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and your rights as a data subject.

2. Legal Basis for Processing

We process your personal data under the following legal bases:

Contract Performance: Processing necessary to provide our Service to you
Legitimate Interest: For improving our Service, security, and fraud prevention
Consent: For marketing communications and optional features
Legal Obligation: When required by law

3. Your GDPR Rights

Under GDPR, you have the following rights:

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure (“Right to be Forgotten”)

You can request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or for direct marketing.

Rights Related to Automated Decision-Making

You have rights regarding automated decisions that significantly affect you.

4. How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

Email us at gdpr@stockflow.com
Use the data management tools in your account settings
Contact our Data Protection Officer directly

We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.

5. Data Protection Officer

Our Data Protection Officer (DPO) is responsible for overseeing our data protection strategy and GDPR compliance. You can contact our DPO at:

Email: dpo@stockflow.com
Address: StockFlow Data Protection Officer, 123 Main St, San Francisco, CA 94102

6. Data Transfers

When we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or transfers to countries with adequacy decisions.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When data is no longer needed, we securely delete or anonymize it.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encryption of data in transit and at rest
Regular security assessments and audits
Access controls and authentication
Employee training on data protection
Incident response procedures

9. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

10. Children's Data

Our Service is not directed to children under 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

11. Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. However, we encourage you to contact us first so we can address your concerns.

12. Updates to This Page

We may update this GDPR compliance page from time to time. We will notify you of any material changes and update the "Last updated" date at the top of this page.

13. Contact Information

For any questions about GDPR compliance or to exercise your rights, please contact us at gdpr@stockflow.com

GDPR Compliance