Privacy Policy
Last updated: May 9, 2026
🇪🇸 Versión en español · Support · Terms
MultiFlows (“the app”, “we”) is an iOS mobile application that helps content creators run their social channels, analyze metrics, publish content, and chat with an AI coach. This policy describes what data we collect, how we use it, who we share it with, and the rights you have over it.
For any question, write us at info@multiflows.app.
1. Who is responsible for your data
The data controller is the operator of MultiFlows, reachable at info@multiflows.app.
2. What data we collect
Data you provide directly
- Account: email address, name, profile photo (URL), v1 profile type (creator or streamer), goals selected during onboarding, and notification preferences.
- AI coach messages: the content of conversations you have with the AI assistant (
coach_messages). These are stored to display your chat history. - Social connections through Zernio (optional): if you connect a social network, MultiFlows creates or reuses a managed Zernio profile and stores the mapping between your user and that profile. We do not ask you to paste a personal Zernio API key into the app.
Data generated by your use
- Aggregated network metrics (analytics snapshots): views, new followers, posts, reach, engagement rate — fetched from the providers you connect.
- Content catalog: pieces of content you create, schedule, or publish from the app.
- APNs device tokens: anonymous device identifier so we can deliver push notifications.
- Notification events: an audit log of which notifications were dispatched to your account, when, and whether they were delivered.
Technical data
- Diagnostic and performance data: errors, crashes, and performance metrics, collected anonymously via Sentry.
- Product interaction data: usage events (which screens you visit, which actions you take), collected via PostHog to improve the app.
What we do not do
- ❌ We do not track your activity for advertising purposes. We do not sell or rent your data.
- ❌ We do not collect your location, contacts, photo library, or financial information.
- ❌ We do not use the Advertising Identifier (IDFA).
3. What we use your data for
| Purpose | Data involved |
|---|---|
| App functionality (showing your profile, sending notifications, syncing your social inbox) | Account, APNs tokens, coach messages, metrics |
| Generating personalized AI responses | Profile type, your message, recent conversation context |
| Diagnosing errors and improving stability | Crash and performance data |
| Product improvement (understanding which features get used) | Product interaction data |
| Secure authentication | Email, identity provider credentials (Apple, Google) |
4. Who we share your data with
We use the following third-party providers (subprocessors):
| Provider | What for | Data sent |
|---|---|---|
| Supabase (backend) | Database, authentication, edge function hosting | All of your account and app activity |
| Google Cloud (Gemini) | Generating AI coach replies | Your message + recent conversation history |
| Google Sign-In | Authentication with your Google account | Email and name from your Google account |
| Apple Sign-In | Authentication with Apple ID | Email and name you choose to share with Apple |
| Apple Push Notification service (APNs) | Push delivery | Device token + push content |
| Sentry | Crash & error tracking | Stack traces, device model, iOS version (anonymized) |
| PostHog | Product analytics | Interaction events (no advertising identifiers) |
| Zernio (optional, only if you connect networks) | Connecting social accounts, publishing, metrics, and social inbox | Social profile/account identifiers and data returned by their API |
We do not share your data with advertisers, data brokers, or any third party for marketing purposes.
5. How long we keep your data
- Your account and usage data is kept while your account is active.
- If you delete your account, all of your personal data (profile, coach messages, metrics, network connections, device tokens) is permanently deleted within 30 days.
- Anonymized data no longer linked to your identity may be retained for statistical purposes.
6. Your rights
No matter where you use the app from, you have the right to:
- Access the data we hold about you.
- Correct inaccurate data.
- Delete your account and all associated data by contacting us through the support page or by email.
- Export your data in a readable format.
- Object to or restrict certain uses.
- Withdraw consent at any time (by turning off notifications, disconnecting Zernio, or deleting your account).
To exercise any of these rights, write us at info@multiflows.app and we will respond within 30 days.
If you believe we are mishandling your data, you can also file a complaint with the data protection authority of your country.
7. Children’s privacy
MultiFlows is not directed at children under 13. We do not knowingly collect data from minors. If you discover that a child under 13 has provided us with data, write to info@multiflows.app and we will delete it.
In the European Union and the United Kingdom, the minimum age for consent under GDPR is 16 in some member states.
8. Security
We take reasonable technical and organizational measures to protect your data:
- Encrypted communication (HTTPS / TLS) between your device and our servers.
- Your session is stored in the operating system Keychain (encrypted by iOS).
- The database enforces Row-Level Security so no user can read another user’s data.
- Sensitive backend credentials are stored as server-side secrets and are not exposed to the iOS client.
No system is 100% secure, but we do what is reasonable to minimize risk.
9. International transfers
Our providers (Supabase, Google, Sentry, PostHog) operate servers in different regions. By using the app you accept that your data may be processed in countries other than your own, always with safeguards equivalent to those of your jurisdiction.
10. Changes to this policy
If we update this policy, the new version will be published here with the date at the top updated. If the changes are significant, we will notify you by email or push before they take effect.
11. Contact
MultiFlows — Privacy Email: info@multiflows.app
This policy is available in Spanish (primary version) and English. In case of discrepancy between the two, the Spanish version prevails.