Privacy Policy

• Account and profile data, such as name, email, password hash, locale, authentication status, OAuth provider identifiers, and legal consent records.
• User-entered address, ZIP, city, approximate relocation context, moving, service, custom-provider, provider recommendation, task, checklist, document metadata, note, and budget or expense records you enter. LocateFlow does not use device GPS location in the mobile app.
• Support tickets, support messages, billing-support requests, privacy requests, security reports, and related communications.
• Subscription and billing data, such as plan, trial, renewal, cancellation, Stripe customer/subscription identifiers, store purchase status, receipt metadata, invoice status, and refund status.
• Device, app, mobile, push notification, IP address, user-agent, session, cookie consent, CCPA opt-out, consent-gated analytics events such as screen views, taps, and search length, crash/error, rate-limit, admin, audit, and security log data.
• Optional sensitive profile information only when the product asks for explicit consent and you choose to provide it.

LocateFlow uses data to provide account access, organize relocation workflows, store records, generate local checklists, support provider research, process subscriptions, send notices and reminders, answer support requests, maintain security, prevent abuse, debug errors, satisfy legal obligations, and improve product reliability.

Recommendations, reminders, and checklist suggestions are informational and depend on the data you enter, location context, seed data, public sources, and product rules.

LocateFlow does not sell user-entered relocation data for commercial advertising or broker-style resale. We transfer limited data to service providers and processors acting on LocateFlow's instructions when needed to operate the product.

Processors may include Stripe for web payments, Apple App Store and Google Play for mobile purchases, email providers such as Resend, hosting/database providers, Cloudflare R2 or other object storage, Google Analytics or Google Tag Manager when consented and configured, Google Maps/address autocomplete when configured, push notification providers such as Expo, and error-monitoring providers such as Sentry or GlitchTip when configured.

Third-party providers operate under their own terms and privacy policies. LocateFlow may also disclose data when required by law, to protect rights or security, to investigate abuse, or in connection with a business transaction.

Web analytics is consent-gated. If Google Analytics or Google Tag Manager is configured, it should not load until analytics consent is accepted. Internal signed-in usage tracking also respects analytics consent. See the Cookie Policy.

Mobile apps may collect device, app version, push token, consent, crash/error, and analytics event data when enabled. Push notifications can be controlled through app settings, device settings, and notification preferences.

Data is generally retained while your account is active, while needed to provide the service, or while required for security, billing, tax, legal, audit, dispute, backup, or fraud-prevention purposes.

Export and deletion tools are available in account settings. A deletion request may remove active account records, but some data may remain in backups, audit logs, legal records, billing records, security logs, processor records, or records we must retain to comply with law or protect the service.

Depending on where you live, you may have rights to access, correct, delete, export, or object to certain processing of personal information. California residents should also review the California Privacy Notice.

EEA/UK rights may apply if LocateFlow offers the service to users in those regions or otherwise processes personal data subject to applicable law. LocateFlow does not claim a privacy certification or legal compliance approval on this page.

LocateFlow is not intended for children under 13, and users must satisfy the age and authority requirements in the Terms. Do not submit information about children unless you have the authority and lawful basis to manage it.

For privacy requests, email [email protected] or use the account settings tools when available.