Privacy Policy

Last update : 1 month ago

---

This Privacy Policy sets out how Smartby LLC (“we”, “us”, or “our”) collects, processes, and safeguards personal data in connection with the Smartflow platform. We treat the protection of personal data as a core operational responsibility and apply rigorous technical and organizational measures to secure the platform.

1. Data Controller and Scope

Smartby LLC is the data controller responsible for the processing of personal data in connection with Smartflow. This policy applies to all users of the platform, including visitors, registered users, and subscribers.

2. Principles Governing Data Processing

Personal data is processed in accordance with the principles of lawfulness, fairness, transparency, data minimization, purpose limitation, accuracy, integrity, and confidentiality, as required under the General Data Protection Regulation (GDPR).

3. Categories of Personal Data Processed

Depending on how you interact with Smartflow, we may process the following categories of personal data:

• Identification and contact details (such as name and email address)
• Account, authentication, and subscription-related information
• Technical and security data (including IP address, timestamps, device and browser information)
• Usage and interaction data necessary to operate and secure the platform

4. Payment and Financial Data

Payment transactions are handled exclusively by authorized third-party payment providers, including Paddle (merchant of record) and, where applicable, direct bank transfer facilitators such as Wise. Smartby LLC does not store, process, or have access to your full payment card or banking details.

5. Purposes and Legal Bases for Processing

Personal data is processed strictly for the following purposes:

• Provision, administration, and support of Smartflow services
• Subscription management, billing, and access control
• Platform security, fraud prevention, and abuse detection
• System monitoring, maintenance, and performance optimization
• Compliance with legal and regulatory obligations

The legal bases for processing include the performance of a contract, compliance with legal obligations, and our legitimate interests in ensuring platform security, reliability, and integrity.

6. Platform Security and Technical Safeguards

Smartby LLC applies a defense-in-depth security strategy designed to protect personal data against unauthorized access, alteration, disclosure, or destruction.

Security measures include, without limitation:

• Algorithmic, rule-based, and behavioral mechanisms to detect anomalous or malicious activity
• Continuous system monitoring and automated incident alerting
• Regular security reviews, vulnerability assessments, and service audits
• Scheduled system updates, patches, and preventive maintenance
• Strict access controls and authentication policies for internal systems

These measures are designed to proactively identify risks and maintain a high level of operational resilience. While no system can be entirely immune to security risks, we continuously adapt our safeguards to evolving threats.

7. Data Confidentiality and Internal Access Controls

Access to personal data is limited to authorized personnel who require such access for operational, security, or compliance purposes. All access is governed by internal policies and confidentiality obligations.

8. Data Sharing and Use of Processors

Personal data is never sold or shared for advertising purposes. Data may be disclosed to carefully selected service providers acting as data processors under binding contractual obligations, solely for hosting, infrastructure, security, or payment processing needs.

9. Data Retention and Deletion

Personal data is retained only for as long as necessary to fulfill the purposes described in this policy or to comply with applicable legal, accounting, or security requirements. Data is securely deleted, anonymized, or archived once retention is no longer justified.

10. Rights of Data Subjects

In accordance with GDPR, you have the right to request access to your personal data, request rectification or erasure, restrict or object to processing, and request data portability, subject to applicable legal limitations.

11. Policy Updates and Continuous Improvement

This Privacy Policy may be updated periodically to reflect improvements in security practices, changes in platform functionality, or evolving legal requirements. Continued use of the platform constitutes acceptance of the updated policy.