AccessiFlow
Start free

Privacy policy

Last updated: 2026-04-22

Draft notice: these terms are a working draft authored by the AccessiFlow team. They have not yet been reviewed by a lawyer qualified in your jurisdiction. Before production launch we will publish reviewed versions and notify existing customers of any material changes. Questions: legal@accessiflowfiji.com.

The short version

AccessiFlow is designed to need as little personal data as possible. The embedded widget on your site sets no cookies and stores no identifiable data about your visitors. Our dashboard collects the minimum needed to operate your account.

What we collect in the dashboard

  • Account: email, name (optional), Argon2id-hashed password, 2FA secret encrypted at rest. Google OAuth users additionally have their Google account email and profile picture URL.
  • Site configuration: site names, domain allowlists, feature flags, theme choices, custom CSS you enter.
  • Billing: the subscription state and invoice metadata mirrored from Paddle. Paddle, not us, is the merchant of record; Paddle holds payment methods.
  • Telemetry: IP address for login / password-reset rate limiting (kept 90 days, used only for abuse prevention).
  • Audit log: timestamps and action descriptions for admin-level events (role changes, plan changes, domain add/remove). Kept 1 year.

What the widget collects about your visitors

Each time the widget loads and each time a visitor toggles a feature, we send one fire-and-forget beacon containing:

  • The site key (public, identifies which of your sites it is)
  • Event type: load or feature
  • The feature name, if applicable
  • A hashed session id generated in the visitor’s browser (SHA-256 of a random token; not reversible)
  • A coarse 2-letter country code from edge headers — never the IP address itself

Visitor preferences (font size, contrast, etc.) are stored in localStorage on the visitor’s device only. They never reach our servers.

What we never collect

  • Visitor IPs beyond the edge-header country code
  • Visitor names, emails, or any PII of your end-users
  • Third-party analytics cookies on the widget
  • Cross-site tracking of any kind

Who we share it with

  • Paddle (merchant of record) receives your purchase details — name, email, payment method. Paddle’s privacy policy applies.
  • Resend handles transactional email (sign-up confirmation, password reset). Content of those emails, plus your email address.
  • Neon (database host), Vercel (app host), Cloudflare (CDN + DNS). Each under a standard data-processing agreement.
  • Sentry receives anonymised error traces. PII is scrubbed by a redaction list.

Your rights

You can export your account data, rename your organisation, or delete the account at any time from the dashboard. Deletion soft-deletes immediately (access revoked) and hard-deletes 30 days later (so we can recover from an accidental deletion). To request an early hard-delete, email privacy@accessiflowfiji.com.

Data storage

Data is stored in Neon’s AWS ap-southeast-2 (Sydney) region. Backups are handled by Neon with point-in-time recovery. TLS in transit; AES-256 at rest via the provider.

Contact

Data controller: DevPulse Fiji. Email privacy@accessiflowfiji.com for any data-protection request.