Effective date: May 2, 2022
This Privacy Policy describes how flowres.io collects, uses, and discloses information, and what choices you have concerning the information.
When we refer to “flowres.io,” we mean the myMRPlace Inc. entity that acts as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.
This Privacy Statement applies to flowres.io‘s platform, as well as addon services (collectively, the “Services”), and other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with flowres.io. If you do not agree with the terms, do not access or use the Services, Website or any other aspect of flowres.io‘s business.
This Privacy Statement does not apply to any third party applications or software that integrate with the Services through the flowres.io platform (“Third Party Services”), or any other third party products, services or businesses. Also, a separate agreement governs delivery, access and use of the Services (the “Customer Agreement”), including the processing of any audio, video, files, transcriptions or other content.
Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, Customers are the controller of Interview Data while flowres.io is the controller of Other Information.
flowres.io may collect and receive Interview Data and other information and data (“Other Information”) in a variety of ways:
Interview Data will be used by flowres.io in accordance with Customers’ instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. flowres.io is a processor of Customer Data and Customers are the controller. Customers may, for example, use the Services to grant and remove access to a project, schedule interviews, access, detect positive, neutral, or negative sentiment in the responses given by the Participants, export, share and remove Interview Data and otherwise apply its policies to the Services.
flowres.io uses Other Information in furtherance of our legitimate interests in operating our Services, website, and business. More specifically, flowres.io uses Other Information:
flowres.io operates as a Closed Garden, meaning that any customer data shared with flowres.io is not used to train our large language models (LLMs). We do not use interview data or other customer-provided content for any purpose other than providing our Services. When customers conduct focus groups, depth interviews, or other data collection activities on flowres.io, we assume that permission has been obtained from participants to process their data on the platform.
If customers request services such as transcription or qualitative data analysis, flowres.io may share information with our approved subprocessors. All subprocessors comply with flowres.io's stringent data security protocols, which are consistent with our commitments.
myMRPlace Inc. adheres to the highest standards of data security, holding ISO 27001:2022 certification and ensuring full GDPR compliance. Furthermore, myMRPlace Inc. complies with statutory obligations such as HIPAA, ensuring the secure handling of sensitive information. By using our platform, market research agencies confirm they have obtained respondent permission to share data with flowres.io, and by using the platform, they acknowledge agreement to this responsibility.
flowres.io is not liable if a respondent seeks legal action as a result of data being shared without appropriate permissions.
This section describes how flowres.io may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and flowres.io does not control how they choose to share or disclose Information.
For personal information collected via our website, we share personal data with service providers, to carry out our services and other supporting activities, such as technical assistance, marketing, analytics, or customer service.
For personal information collected via our products and services, flowres.io shares personal data with trusted businesses or persons to process it for us, based on our instructions and in compliance with this Privacy Statement and any other appropriate confidentiality and security measures.
Individuals located in certain countries, including the European Economic Area (EEA), have certain statutory rights about their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information.
If you are an Authorized User, you can usually do this using the settings and tools provided in your account. If you are an unregistered Participant and you wish to update, delete, or correct your Information, please email [email protected]. If desired, we will destroy all data associated with the entire interview and alert our partners and Customers to do the same (this right is limited to data which according to law and regulation may only be processed with your consent, if you withdraw your consent for processing). Please note that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations. When technically feasible, flowres.io will -at your request- provide your personal data to you or transmit it directly to another controller (this right is limited to data provided directly by you).
Our Services are intended for use by individuals and organizations. Where the Services are made available to you through an organization (e.g., your employer), that organization is the administrator of the Services and is responsible for the accounts. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an organization, which may be different than the ones described in this Privacy Statement.
To the extent that flowres.io’s processing of your Personal Data is subject to the General Data Protection Regulation, flowres.io relies on its legitimate interests, described above, to process your data. flowres.io may also process Other Information that constitutes your Personal Data for direct marketing purposes, and you have a right to object to flowres.io’s use of your Personal Data for this purpose at any time.
flowres.io takes reasonable precautions to safeguard the information we collect in an effort to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction.
If you use our Services, responsibility for securing your account rests with you and not flowres.io. For example, it is your responsibility to keep your password confidential, and not share your credentials with others.
The video and audio of the interviews, the transcripts, and the Zoom chat room transcripts are made available to our Customers so they can better understand their customers.
Information such as participant tech check data, including name, tech check videos, IPs, emails, phone numbers, and city location will be deleted three (3) months after the scheduled session ends.
Interview Data (recordings and transcripts) will be deleted after three (3) months or in accordance with Customer’s instructions, including any applicable terms in the Contracts, or as required by applicable law.
flowres.io may retain other Information for as long as necessary for the purposes described in this Privacy Statement such as pursuing legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal and regulatory obligations, resolve disputes and enforce our agreements.
To the extent prohibited by applicable law, flowres.io does not allow the use of our Services and Websites by anyone younger than 18 years old. If you learn that anyone younger than 18 has unlawfully provided us with personal data, please contact us and we will take steps to delete such information.
flowres.io follows market research industry standards regarding the management of studies involving children and young adults younger than 18 years of age. When recruiting potential participants, the point of first communication is always with a parent or legal guardian, at which time we will inform that responsible adult of the type of data collected and how it is processed, used, and stored, as well as their right to be present during the interview. Parental or guardian consent is required prior to the collection of any personal data from a child.
We collect information globally and primarily store that information in the United States. We may transfer, process and store your information outside of your country of residence, to wherever we, flowres.io or our third-party service providers operate for the purpose of providing you the Services. Whenever we transfer your information, we take steps to protect it.
flowres.io has released a Data Processing Agreement (“DPA”) that contains contractual commitments from us to help you respond to requests to correct, amend or delete personal data, detect and report personal data breaches and demonstrate your compliance with the GDPR. flowres.io also offers Standard Contractual Clauses (“SCC”) for those customers that operate in the European Union and in the United Kingdom to meet the adequacy and security requirements. The DPA as well as the SCC are available upon request via [email protected].
Subject to applicable law, you also have the right to (i) restrict flowres.io’s use of Other Information that constitutes your Personal Data and (ii) lodge a complaint with your local data protection authority. If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to the lead supervisory authority in your country, link provided below for your convenience:
http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
GOVERNING LANGUAGE
For all purposes, this English language version of this Privacy Statement shall be the original, governing instrument and understanding of the parties. In the event of any conflict between this English language version of this Privacy Statement and any subsequent translation into any other language, this English language version shall govern and control.
flowres.io may change this Privacy Statement from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review our Privacy Statement to stay informed. If we make changes that materially alter your privacy rights, flowres.io will provide additional notice, such as via email or through the Services.
If you disagree with any changes to this Privacy Statement, you will need to stop using the Services or contact your organization’s administrator, as outlined above.
Please also feel free to contact flowres.io if you have any questions about this Privacy Statement or flowres.io’s practices, or if you are seeking to exercise any of your statutory rights. You may contact us at [email protected], by using our Contact form (please include Data Compliance in the subject line), or at our mailing address below:
myMRPlace INC
16192 COASTAL HIGHWAY LEWES, DELAWARE 19958-9776
Data protection officer
Kawalpreet Juneja