Effective date: May 2, 2022

This Privacy Policy describes how flowres.io collects, uses, and discloses information, and what choices you have concerning the information.

When we refer to “flowres.io,” we mean the myMRPlace Inc. entity that acts as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.

TABLE OF CONTENTS:

  • Applicability of this Privacy Statement
  • Information we collect and receive
  • What we do with your information
  • Closed system policy and third-party services
  • How we share and disclose your information
  • Your rights
  • Security
  • Data retention
  • Age Limitations, Children and Young Adult’s Privacy and Consent
  • Data Protection Officer
  • Data Protection Authority
  • Changes to this Privacy Statement
  • Contacting flowres.io

APPLICABILITY OF THIS PRIVACY STATEMENT

This Privacy Statement applies to flowres.io‘s platform, as well as addon services (collectively, the “Services”), and other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with flowres.io. If you do not agree with the terms, do not access or use the Services, Website or any other aspect of flowres.io‘s business.
This Privacy Statement does not apply to any third party applications or software that integrate with the Services through the flowres.io platform (“Third Party Services”), or any other third party products, services or businesses. Also, a separate agreement governs delivery, access and use of the Services (the “Customer Agreement”), including the processing of any audio, video, files, transcriptions or other content.

IDENTIFYING THE DATA CONTROLLER AND PROCESSOR

Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, Customers are the controller of Interview Data while flowres.io is the controller of Other Information.

INFORMATION WE COLLECT AND RECEIVE

flowres.io may collect and receive Interview Data and other information and data (“Other Information”) in a variety of ways:

  • INFORMATION YOU PROVIDE TO US – INTERVIEW DATA
    Customers (“Customers”) individuals granted access to a Project by a Customer, and Service Providers (“Authorized Users”) routinely submit Interview Data to flowres.io when using the Services, as do prospective and qualified participants (collectively, “Participants”). We may ask Customers and Authorized Users for identifying information such as name, phone number, email address, company name, and/or similar account details to create an account to organize and execute online market research. In the course of using our Services, Customers and Authorized Users may be required to provide Interview Data to avail services.
  • INFORMATION WE COLLECT AUTOMATICALLY WHEN YOU USE THE SERVICES – OTHER INFORMATION
    Certain Information is collected automatically when you access or use our Website or Services, we automatically collect Other Information about you, including:
    • Log information:
      We log information about your use of the Website and/or the Services, including the type of browser you use, clickstream data, date/time stamp, pages and files viewed on our site (e.g., HTML pages, graphics, etc.), your IP address, and your bandwidth.
    • Device information:
      We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers, mobile network information, and connected audio and video devices.
    • Information collected by cookies and other tracking Technologies:
      We use cookies or similar technologies to collect information, analyze trends, administer the website, and track users’ movements around the website.

WHAT WE DO WITH YOUR INFORMATION

Interview Data will be used by flowres.io in accordance with Customers’ instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. flowres.io is a processor of Customer Data and Customers are the controller. Customers may, for example, use the Services to grant and remove access to a project, schedule interviews, access, detect positive, neutral, or negative sentiment in the responses given by the Participants, export, share and remove Interview Data and otherwise apply its policies to the Services.
flowres.io uses Other Information in furtherance of our legitimate interests in operating our Services, website, and business. More specifically, flowres.io uses Other Information:

  • To provide, update, maintain and protect our Services, website, and business. This includes the use of Other Information to support delivery of the Services under a Customer Agreement, prevent or address service errors, security or technical issues, analyze and monitor usage and trends.
  • As required by applicable law, legal process or regulation.
  • To communicate with you by responding to your requests, comments, and questions. If you contact us, we may use your Other Information to respond.
  • To develop and provide research and insights-building tools and additional features. flowres.io tries to make the Services as useful as possible for Customers and users across.
  • To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services, and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news about flowres.io. These are marketing messages so you can control whether you want to receive them.
  • For billing, account management, and other administrative matters. flowres.io may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.
  • To investigate and help prevent security issues and abuse.
If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, flowres.io may use it for any business purpose. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Statement as “Personal Data.”

CLOSED SYSTEM POLICY AND THIRD-PARTY SERVICES

flowres.io operates as a Closed Garden, meaning that any customer data shared with flowres.io is not used to train our large language models (LLMs). We do not use interview data or other customer-provided content for any purpose other than providing our Services. When customers conduct focus groups, depth interviews, or other data collection activities on flowres.io, we assume that permission has been obtained from participants to process their data on the platform.

If customers request services such as transcription or qualitative data analysis, flowres.io may share information with our approved subprocessors. All subprocessors comply with flowres.io's stringent data security protocols, which are consistent with our commitments.

myMRPlace Inc. adheres to the highest standards of data security, holding ISO 27001:2022 certification and ensuring full GDPR compliance. Furthermore, myMRPlace Inc. complies with statutory obligations such as HIPAA, ensuring the secure handling of sensitive information. By using our platform, market research agencies confirm they have obtained respondent permission to share data with flowres.io, and by using the platform, they acknowledge agreement to this responsibility.

flowres.io is not liable if a respondent seeks legal action as a result of data being shared without appropriate permissions.

HOW WE SHARE AND DISCLOSE YOUR INFORMATION

This section describes how flowres.io may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and flowres.io does not control how they choose to share or disclose Information.

  • Customer’s instructions. flowres.io will solely share and disclose Interview Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and in compliance with applicable law and legal process.
  • Displaying the services. When an Authorized User or Participant submits Interview Data, it may be displayed to Customers and Authorized Users in the same interview. For example, a Participant’s name may be displayed with their video stream.
  • Customers access. Owners, administrators, Customers, Authorized Users and other Customers representatives and personnel may be able to access, modify or restrict access to Other Information. This may include, for example, your employer using Service features to export logs of Services activity, or accessing or modifying any project artifacts.
  • During a change to flowres.io’s business. If flowres.io engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of flowres.io’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some or all Information may be shared or transferred, subject to standard confidentiality arrangements.
  • Aggregated or de-identified data. We may disclose or use aggregated or de-identified Information for any purpose. For example, we may share aggregated or de-identified Information with prospects or partners for business or research purposes, such as telling a prospective flowres.io customer the average amount of time saved organizing a Project.
  • To comply with laws. If we receive a request for information, we may disclose Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.
  • To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, property or safety of flowres.io or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
  • With consent. flowres.io may share Information with third parties when we have consent to do so.

THIRD PARTIES THAT RECEIVE PERSONAL DATA

For personal information collected via our website, we share personal data with service providers, to carry out our services and other supporting activities, such as technical assistance, marketing, analytics, or customer service.
For personal information collected via our products and services, flowres.io shares personal data with trusted businesses or persons to process it for us, based on our instructions and in compliance with this Privacy Statement and any other appropriate confidentiality and security measures.

YOUR RIGHTS

Individuals located in certain countries, including the European Economic Area (EEA), have certain statutory rights about their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information. If you are an Authorized User, you can usually do this using the settings and tools provided in your account. If you are an unregistered Participant and you wish to update, delete, or correct your Information, please email [email protected]. If desired, we will destroy all data associated with the entire interview and alert our partners and Customers to do the same (this right is limited to data which according to law and regulation may only be processed with your consent, if you withdraw your consent for processing). Please note that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.  When technically feasible, flowres.io will -at your request- provide your personal data to you or transmit it directly to another controller (this right is limited to data provided directly by you).
Our Services are intended for use by individuals and organizations. Where the Services are made available to you through an organization (e.g., your employer), that organization is the administrator of the Services and is responsible for the accounts. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an organization, which may be different than the ones described in this Privacy Statement.
To the extent that flowres.io’s processing of your Personal Data is subject to the General Data Protection Regulation, flowres.io relies on its legitimate interests, described above, to process your data. flowres.io may also process Other Information that constitutes your Personal Data for direct marketing purposes, and you have a right to object to flowres.io’s use of your Personal Data for this purpose at any time.

SECURITY

flowres.io takes reasonable precautions to safeguard the information we collect in an effort to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction.
If you use our Services, responsibility for securing your account rests with you and not flowres.io. For example, it is your responsibility to keep your password confidential, and not share your credentials with others.

DATA RETENTION

The video and audio of the interviews, the transcripts, and the Zoom chat room transcripts are made available to our Customers so they can better understand their customers.
Information such as tech check data, including name, tech check videos, IPs, and city location will be deleted three (3) months after the scheduled session ends. Participant’s emails and phone numbers will be deleted six (6) months after their scheduled session ends.
Participant’s profiles (screener answers) as well as the Interview Data will be deleted after three (3) years or in accordance with Customer’s instructions, including any applicable terms in the Contracts, or as required by applicable law. flowres.io may retain Other Information for as long as necessary for the purposes described in this Privacy Statement such as pursuing legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal and regulatory obligations, resolve disputes and enforce our agreements.

AGE LIMITATIONS, CHILDREN’S, YOUNG ADULT’S PRIVACY AND CONSENT

To the extent prohibited by applicable law, flowres.io does not allow the use of our Services and Websites by anyone younger than 18 years old. If you learn that anyone younger than 18 has unlawfully provided us with personal data, please contact us and we will take steps to delete such information.
flowres.io follows market research industry standards regarding the management of studies involving children and young adults younger than 18 years of age. When recruiting potential participants, the point of first communication is always with a parent or legal guardian, at which time we will inform that responsible adult of the type of data collected and how it is processed, used, and stored, as well as their right to be present during the interview. Parental or guardian consent is required prior to the collection of any personal data from a child.

INTERNATIONAL TRANSFER OF DATA

We collect information globally and primarily store that information in the United States. We may transfer, process and store your information outside of your country of residence, to wherever we, flowres.io or our third-party service providers operate for the purpose of providing you the Services. Whenever we transfer your information, we take steps to protect it.
flowres.io has released a Data Processing Agreement (“DPA”) that contains contractual commitments from us to help you respond to requests to correct, amend or delete personal data, detect and report personal data breaches and demonstrate your compliance with the GDPR. flowres.io also offers Standard Contractual Clauses (“SCC”) for those customers that operate in the European Union and in the United Kingdom to meet the adequacy and security requirements. The DPA as well as the SCC are available upon request via [email protected].

DATA PROTECTION AUTHORITY

Subject to applicable law, you also have the right to (i) restrict flowres.io’s use of Other Information that constitutes your Personal Data and (ii) lodge a complaint with your local data protection authority. If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to the lead supervisory authority in your country, link provided below for your convenience:
http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

GOVERNING LANGUAGE
For all purposes, this English language version of this Privacy Statement shall be the original, governing instrument and understanding of the parties. In the event of any conflict between this English language version of this Privacy Statement and any subsequent translation into any other language, this English language version shall govern and control.

CHANGES TO THIS PRIVACY STATEMENT

flowres.io may change this Privacy Statement from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review our Privacy Statement to stay informed. If we make changes that materially alter your privacy rights, flowres.io will provide additional notice, such as via email or through the Services.
If you disagree with any changes to this Privacy Statement, you will need to stop using the Services or contact your organization’s administrator, as outlined above.

CONTACTING flowres.io

Please also feel free to contact flowres.io if you have any questions about this Privacy Statement or flowres.io’s practices, or if you are seeking to exercise any of your statutory rights. You may contact us at [email protected], by using our Contact form (please include Data Compliance in the subject line), or at our mailing address below: myMRPlace INC
16192 COASTAL HIGHWAY LEWES, DELAWARE 19958-9776

Data protection officer
Kawalpreet Juneja