1. Who we are
FlowOps AI ("FlowOps AI", "we", "us") is a UK consultancy based in Stafford, UK. We are the data controller for the personal data described in this policy. Questions: Hello@flowops.uk.
2. What we collect
Enquiry data — name, email, company, team size and message content when you submit our contact form or email us.
Engagement data — if you proceed to a discovery call or project, information about your business processes needed to deliver the work, governed by a separate engagement agreement.
Usage data — basic, privacy-respecting website analytics (pages visited, referral source, device type), configured to minimise personal data and comply with UK GDPR.
3. Cookies
We use minimal cookies — only what’s strictly necessary for the site to function. No tracking cookies, no advertising. You can control cookies in your browser settings without affecting the site.
4. Legal basis
Responding to your enquiry — legitimate interests. Delivering services — contract performance. Improving the website — legitimate interests (anonymised data). Compliance — legal obligation.
5. How we use data
Only to respond to you, schedule and run discovery calls, deliver agreed services, send information you’ve requested and meet legal obligations. We never sell your data or share it for marketing.
6. Who we share it with
- Netlify — our website host and form processor. See Netlify’s privacy policy.
- Microsoft — email and, where used, booking/scheduling within our Microsoft 365 tenant.
- Plausible Analytics — privacy-friendly, cookieless website analytics. No personal data or cross-site tracking; fully GDPR-compliant. See Plausible’s data policy.
- Anthropic — powers our FlowBot chat widget; messages are processed in real time and not persistently stored. See Anthropic’s privacy policy.
All processors are subject to appropriate data-processing agreements and UK GDPR-compliant safeguards (including Standard Contractual Clauses where data leaves the UK/EEA).
7. Retention
Enquiry data: up to 2 years from last contact. Client engagement data: up to 6 years (standard UK retention for business records). You can ask us to delete sooner.
8. Your rights
Under UK GDPR you can request access, rectification, erasure, restriction, portability, object to processing, and withdraw consent. Email Hello@flowops.uk — we respond within one calendar month. You may also complain to the ICO (0303 123 1113).
9. Security
HTTPS everywhere, access controls and appropriate technical and organisational measures. If a breach poses a risk to your rights, we’ll notify you and the ICO as required by law.
10. Changes
We’ll update this page when the policy changes; the date above shows the latest revision.