Privacy Policy

Introduction

Cratoflow, Inc. ("Cratoflow," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

We process personal data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. By using our services, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Information You Provide

We collect information you voluntarily provide when you:

• Create an account or register for our services
• Request a demo or contact our sales team
• Subscribe to our newsletter or marketing communications
• Complete forms on our website
• Communicate with our support team
• Participate in surveys, promotions, or events

This information may include your name, email address, phone number, company name, job title, and any other information you choose to provide.

Information Collected Automatically

When you visit our website, we automatically collect certain information, including:

• Device information (browser type, operating system, device type)
• IP address and approximate location
• Pages visited and time spent on our website
• Referring website or source
• Clicks, scrolls, and other interactions

Information from Third Parties

We may receive information about you from third parties, including business partners, marketing partners, and publicly available sources. This helps us enhance and personalize our services and communications.

How We Use Your Information

We use the information we collect for the following purposes:

• Provide and improve our services: To deliver, maintain, and enhance our platform and features
• Communication: To respond to inquiries, send service updates, and provide customer support
• Marketing: To send promotional materials, newsletters, and information about our services (with your consent where required)
• Analytics: To understand how users interact with our website and services, enabling us to improve user experience
• Security: To detect, prevent, and address technical issues, fraud, or security threats
• Legal compliance: To comply with applicable laws, regulations, and legal processes
• Business operations: To manage our business, including billing, account management, and internal administration

Legal Basis for Processing (GDPR)

Under the GDPR, we rely on the following legal bases to process your personal data:

• Consent: Where you have given explicit consent for specific processing activities, such as receiving marketing communications
• Contract: Where processing is necessary to perform a contract with you or take steps at your request before entering into a contract
• Legitimate interests: Where processing is necessary for our legitimate business interests, provided these do not override your rights and freedoms
• Legal obligation: Where processing is necessary to comply with a legal obligation

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your browsing activities. Cookies are small data files stored on your device that help us improve your experience on our website.

Types of Cookies We Use

Managing Cookie Preferences

You can manage your cookie preferences at any time by clicking "Cookie Preferences" in the footer of our website. You can also configure your browser to refuse cookies or alert you when cookies are being sent. Note that disabling certain cookies may affect website functionality.

How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Service providers: With trusted third-party vendors who assist us in operating our business (hosting, analytics, email services, customer support)
• Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction
• Legal requirements: When required by law, regulation, legal process, or governmental request
• Protection of rights: To protect our rights, privacy, safety, or property, and that of our users and the public
• With your consent: When you have given us explicit permission to share your information

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

The retention period depends on the context of our relationship with you, the nature of the data, and applicable legal requirements. When data is no longer needed, we securely delete or anonymize it.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right to access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data ("right to be forgotten")
• Right to restrict processing: Request that we limit how we use your data
• Right to data portability: Request a copy of your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at privacy@cratoflow.com. We will respond to your request within 30 days.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your jurisdiction.

When we transfer data internationally, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure your data receives adequate protection.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication requirements
• Employee training on data protection
• Incident response procedures

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

If you are in the European Union and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority.