Flowbox respects your privacy and is committed to maintaining a high level of security and integrity regarding your personal data. The company is also committed to ensuring that processing is carried out in accordance with the general data protection regulation (GDPR).

Our full Privacy policy can be found on our website.


What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). The regulation was approved by the EU Parliament in 2016 and came into effect on 25 May 2018. The GDPR's primary aim is to give individuals control over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

What is personal data?

Personal data denotes any information that allows for the directly or indirect identification of a person. This includes name, an email address, bank details, an IP address or a social media post.

Art. 4 GDPR: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Source: https://gdpr-info.eu/art-4-gdpr/


Data collected by Flowbox

What type of data do you collect and process?

We collect and process the following user data from social media: user name, images and captions. From our platform users we collect name, email addresses and phone numbers. The data that is collected in our platform and rights granted through functionality in our platform is used by platform users to create content feeds, Flows, that can be distributed online. We only collect public content that is already available on social platforms and that the original uploader has agreed to be used for marketing purposes.

Who has access to the data you collect?

Your data is only accessible by the Flowbox employees that need to process the information collected in order to manage and deliver our products and services. We also use third-party services to give you a better experience and ensure that all of our clients receive the information that is relevant in order to use our services.

How does Flowbox ensure data is processed according to GDPR?

Since 25 May 2018, our platform is entirely compliant with GDPR requirements. As a client, you can trust that your customers’ data privacy is protected and that their data is handled and processed with high standards according to the GDPR. We have procedures for how to handle the data and have functions in the platform that make it possible to find all data that can be traced to a physical person.

What do we do to secure data?

Data security is our highest priority and we apply high-standard intrusion protection mechanisms to prevent infringement on our platform and our database. We keep all passwords as well as our database safe through advanced encryption mechanisms.

Do you have a privacy policy that we can send to customers in our social media community, which specifies how their personal data, images, and videos will be used?

In our Rights Request template, we ask you to include an URL. This is where we recommend you to link to your own legal page with terms & conditions that your customers accept whenever they give consent to your request.

Flowbox does not offer a standard template, because ultimately these t&cs need to come from your organization, and you are responsible for upholding them.


However, we can share these examples:

If you want inspiration on how you can phrase your Rights Request templates, check out #yesCasall, #yesRoyalDesign and #yesFootway directly on Instagram and the posts comment sections to see various examples.

Did this answer your question?