Privacy Policy
FlowHarbor is the controller for the personal information described below. We follow the Personal Information Protection Act (PIPA) of the Republic of Korea. This policy explains what we collect, why, how long we keep it, and how to exercise your rights.
1. How we use your data
We use the personal information we collect to operate your account, deliver the platform and advisory services described in your contract, run the public community, send service-related communications, comply with our legal obligations, and improve the product based on aggregate usage. We do not sell your personal information. We do not pass community signup contact details to a sales team.
2. What we collect
For platform customers: account credentials, contract details, user identifiers within your organisation, and platform telemetry necessary to operate the service. For community members: the email and display name you register with, your posts, and basic activity logs. For website visitors: server logs and (if you accept) analytics cookies. We do not collect special-category personal information unless you choose to publish it in a community post, in which case we will remove it on request.
3. Sharing with third parties
We use a small number of processors: a cloud infrastructure provider for platform hosting, an email delivery service for transactional emails, and a payment processor for invoices. Each is contractually bound to use the data only on our instructions. We list these processors on request. We do not share community member data with advertising networks, and we do not embed third-party trackers in member-only areas.
4. Your rights
Under PIPA you have the right to access your personal information, correct inaccuracies, request deletion (subject to limitations such as our obligation to retain invoices), restrict certain processing, and object to processing. You also have the right to lodge a complaint with the Personal Information Protection Commission of the Republic of Korea. We respond to rights requests within thirty days.
5. How long we keep your data
Account data is retained for the duration of your contract plus the period required by tax and accounting law. Community member data is retained while your account is active and for ninety days after closure, after which posts are anonymised rather than deleted to preserve thread integrity. Server logs are retained for thirty days. Analytics data, where permitted, is retained for twenty-six months at most.
6. How to contact us
Privacy questions, rights requests, and complaints can be sent to contact@prime-flow.one or by post to our Seoul office. Our designated personal information protection officer reads these messages directly. We do not require you to fill in a specific form before we will respond.
7. Scope of this policy
This policy covers FlowHarbor-controlled services: the platform, the website at prime-flow.one, and the public community. It does not cover services operated by third parties that link to ours, including events held jointly with partner organisations on those partners' platforms — those have their own policies, which we will name when we co-host an event.
8. Changes to this policy
We update this policy when our practices change, when a new processor is added, or when the law changes. Material changes are notified by email to account holders and posted in the community at least thirty days before they take effect. The version date at the top of this page reflects the current version.