Privacy Policy

Effective date: May 26, 2026

FlowManual(“FlowManual,” “we,” “us,” or “our”) provides a document analysis platform for construction contractors. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

By creating an account or using FlowManual, you agree to this Privacy Policy. If you are using FlowManual on behalf of an employer or other organization, you represent that you have authority to bind that organization to this policy.


1. Data We Collect

Account Information

When you register, we collect your name, email address, and a hashed (one-way encrypted) password. We never store your password in plaintext.

Uploaded Documents

FlowManual processes PDF documents you upload. How these are stored depends on your deployment:

  • Hosted cloud (flowmanual.com): Files are stored on DigitalOcean, on an encrypted volume, and are encrypted in transit (HTTPS). File bytes are also encrypted at the application layer with AES-256-GCM before they are written to disk. FlowManual staff do not access your document contents.
  • Self-hosted (on-premise Docker): Files are stored encrypted on your own server using AES-256-GCM encryption. FlowManual has no access to your server, your files, or your data after initial installation. Your documents never leave your network.

Extracted Text

FlowManual extracts plain text from your uploaded documents. This text is stored encrypted in our database and is used to power document analysis features. Raw document files are never transmitted to the analysis provider. Only the extracted plain text is sent.

Analysis Results

Annotations, comparison discrepancies, scope gaps, cost estimates, RFI entries, equipment schedules, vendor price history, and GC pattern observations you generate are stored in our database, encrypted at the field level.

Usage Metadata

We maintain an audit log of document analysis calls that includes: timestamp, user ID, document ID, operation type, bytes transmitted, and a keyed HMAC-SHA-256 hash of the prompt (when an audit key is configured). Full prompt text is never stored. This log is visible only to you at /admin/security and is used to maintain an audit trail of analysis usage.


2. How We Use Your Data

  • To provide, operate, and improve the FlowManual service
  • To authenticate your account and maintain session security
  • To perform automated document analysis using the Anthropic API (extracted text only)
  • To store and display your annotations, comparisons, and analysis results
  • To send service-related emails (account confirmation, material changes to this policy)
  • To respond to your support requests

We do not sell your data. We do not use your document content for advertising. We do not share your data with third parties except as described in Section 3.

Service improvement (optional)

You can choose to let FlowManual use the documents you upload and the corrections you make to improve extraction quality for all customers. This is off by default and applies only if you turn it on from your account settings. You can turn it off at any time from the same setting, which immediately stops any future use of your data for this purpose; it does not undo improvements already made. Data used this way is never sold and never shared with third parties. This setting never applies to on-premise deployments, where your data stays on your own server and FlowManual has no access to it.


3. Third-Party Service Providers

We share data with the following processors only as necessary to provide the service:

DigitalOcean (Hosting and Storage)

For accounts on flowmanual.com, the application, the database, and uploaded files are hosted on DigitalOcean. Files are kept on an encrypted volume. DigitalOcean processes this data on our behalf under a data processing agreement. This does not apply to self-hosted (on-premise) deployments, where all data stays on your own infrastructure.

Anthropic (Document Analysis)

When you run document analysis, extracted plain text from your documents is sent to Anthropic’s API. Anthropic operates under a zero-data-retention policy: prompts and responses are not stored and are not used to train models. Raw document files are never transmitted. See Anthropic’s Privacy Policy.

Resend (Email)

We use Resend to send service-related emails such as account confirmation, sign-in verification codes, and material changes to this policy. Resend processes the recipient email address and message contents on our behalf under a data processing agreement.

Google (Sign-In)

If you sign in with Google, Google authenticates you and shares your name and email address with us. This is governed by Google’s Privacy Policy.

We have no marketing or advertising vendors. The hosted service at flowmanual.com uses one privacy-preserving analytics provider (PostHog) to understand product usage: which features are used, how far new accounts get in setup, and where errors happen. These are server-side event counts tied to an account identifier. They never include document content, filenames, or client and vendor names, and we do not use analytics cookies or session recording (see Cookies below). On-premise deployments send no analytics at all (see On-Premise Deployments below).


4. On-Premise Deployments

For customers running FlowManual on their own infrastructure via Docker, we have a strict no-access policy after installation:

  • All files are stored encrypted on your own server. FlowManual never receives them.
  • Document analysis calls transmit extracted text only. Your original documents never leave your network.
  • There is no telemetry, no phone-home mechanism, and no remote access in the container.
  • Your encryption key is generated by you at install time and never shared with FlowManual.

In practice, FlowManual cannot access on-premise customer data even if legally compelled. We simply do not have it.


5. Cookies

FlowManual uses strictly necessary session cookies to keep you authenticated. We do not use tracking, advertising, or analytics cookies. No cookie consent banner is required because we do not place any non-essential cookies.


6. Data Retention

  • Cloud accounts: Your data is retained until you delete it or request account deletion. Deleted data is removed within 30 days.
  • On-premise accounts: Retention is entirely under your control. You manage your own database and file storage.

7. Security

We implement industry-standard safeguards including AES-256-GCM encryption for sensitive data, HTTPS-only transport, hashed passwords (scrypt, memory-hard), and no plaintext storage of credentials. No security measure is perfect; please notify us immediately if you suspect unauthorized access to your account.

For a technical overview of how we protect your data, see our Security page.


8. Your Rights

You have the right to:

  • Access: Request a copy of the data we hold about you.
  • Correction: Request correction of inaccurate data.
  • Deletion: Request deletion of your account and associated data. We will complete the deletion within 30 days.
  • Portability: Request an export of your data in a machine-readable format.

To exercise any of these rights, email us at legal@flowmanual.com.


9. Children’s Privacy

FlowManual is intended for professional use by adults. We do not knowingly collect personal data from anyone under 18. If we learn we have collected data from a minor, we will delete it promptly.


10. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you by email at least 30 days before the new policy takes effect. Continued use of FlowManual after the effective date constitutes acceptance of the updated policy.


11. Contact

Questions, requests, or concerns about this Privacy Policy should be directed to:

FlowManual
legal@flowmanual.com