Back to Home

Privacy Policy

Last Updated: December 27, 2025

1. Introduction

PodFlow Studio ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using PodFlow Studio, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

  • Google Account Information: Email, name, and profile picture from Google OAuth
  • RSS.com API Key: Encrypted and stored to sync your podcasts
  • Podcast Data: Titles, descriptions, episodes, and metadata you sync
  • Payment Information: Processed by Stripe (we never store credit card details)
  • Content You Generate: AI-generated content, style guides, preferences

2.2 Information Automatically Collected

  • Usage Data: Features used, pages visited, time spent
  • Device Information: Browser type, device type, operating system
  • Log Data: IP address, access times, error logs
  • Cookies: Authentication tokens, preferences, analytics

2.3 Information from Third Parties

  • Google: Profile information via OAuth
  • RSS.com: Podcast and episode data
  • Stripe: Payment status and subscription information

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Authenticate and manage your account
  • Sync and process your podcast data
  • Generate AI-powered content enhancements
  • Process payments and manage subscriptions
  • Send transactional emails (receipts, notifications)
  • Provide customer support
  • Analyze usage patterns to improve the Service
  • Detect and prevent fraud and abuse
  • Comply with legal obligations

4. Data Storage and Security

4.1 Data Storage

Your data is stored in:

  • PocketBase Database: Account info, podcasts, episodes, generations
  • Encrypted Storage: Sensitive data like API keys are encrypted
  • Cloud Servers: Hosted on secure infrastructure

4.2 Security Measures

We implement security measures including:

  • HTTPS/SSL encryption for data transmission
  • Encrypted storage of sensitive data (API keys)
  • Google OAuth 2.0 for authentication (no passwords stored)
  • Regular security audits and updates
  • Access controls and monitoring
  • Secure payment processing via Stripe

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Third-Party Services

We use the following third-party services:

5.1 Google OAuth

For authentication. Subject to Google's Privacy Policy.

5.2 RSS.com

For podcast data synchronization. Subject to RSS.com's privacy policy.

5.3 Anthropic Claude

For AI content generation. Your content is processed according to Anthropic's Privacy Policy. We do not train models on your data.

5.4 Stripe

For payment processing. We do not store credit card information. Subject to Stripe's Privacy Policy.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data:

6.1 With Your Consent

When you explicitly authorize us to share information.

6.2 Service Providers

With third-party vendors who help us provide the Service (Google, RSS.com, Anthropic, Stripe). These providers are contractually obligated to protect your data.

6.3 Legal Requirements

When required by law, court order, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent fraud or security issues
  • Protect user safety

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

7. Data Retention

We retain your information:

  • Account Data: While your account is active
  • Usage Data: For analytics purposes (typically 2 years)
  • Payment Records: As required by law (typically 7 years)
  • Support Tickets: For quality and legal purposes

After account deletion, we may retain some data for legitimate business purposes or legal requirements, but we will anonymize or delete personal identifiers.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

8.1 Access and Portability

Request a copy of your personal data in a portable format.

8.2 Correction

Update or correct inaccurate information through your account settings.

8.3 Deletion

Request deletion of your account and data. Note that some data may be retained for legal or legitimate business purposes.

8.4 Opt-Out

Opt out of marketing communications (transactional emails are still required).

8.5 Restriction

Request restriction of processing in certain circumstances.

To exercise these rights, contact us at privacy@podflowstudio.com. We will respond within 30 days.

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential: Authentication, security, service functionality
  • Analytics: Understanding usage patterns (anonymous)
  • Preferences: Remembering your settings

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

10. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. By using our Service, you consent to such transfers.

We ensure appropriate safeguards are in place to protect your data during international transfers.

12. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale (we do not sell personal information)
  • Right to deletion
  • Right to non-discrimination for exercising CCPA rights

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under GDPR:

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

Our legal basis for processing: contract performance, legitimate interests, and consent.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes indicates acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy:

Email: privacy@podflowstudio.com
Legal Email: legal@podflowstudio.com
Website: https://podflowstudio.com

We will respond to your inquiry within 30 days.

© 2025 PodFlow Studio. All rights reserved.

Privacy PolicyTerms of Service
    Privacy Policy - PodFlow Studio