← Back

Privacy Policy

Last updated: 17 April 2026

1. Who We Are

Flow Through Logic Pty Ltd (ACN 697 017 842, ABN 15 697 017 842), trading as Flow-Through, builds software products and websites for small businesses. We operate from Canberra, ACT, Australia.

This policy sets out how we handle your personal information in accordance with the Australian Privacy Principles (APPs 1–13) under the Privacy Act 1988 (Cth).

For privacy inquiries: service@flow-through.com.au

2. What We Collect

We collect only what is necessary to deliver our services and communicate with you:

  • Contact details: Name, email address, phone number, and business name — provided when you reach out via our contact form, phone, or email.
  • Intake form submissions: Business details, project preferences, content, images, and design direction you provide through our project intake form.
  • Project information: Details about your business and project requirements shared during our conversations.
  • Payment data: Processed entirely via Stripe. We never see or store your credit card number, CVV, or banking details.
  • Phone call data: Inbound calls to our business line may be handled by an AI assistant. Call audio is processed in real time and is not recorded or stored. Only the substance of the conversation (your name, enquiry details, callback preferences) is retained.
  • Domain registration: If we register a domain on your behalf, we collect the details required by the registrar (name, email, business name). The domain is registered under your ownership.
  • Website analytics: We do not use third-party tracking cookies, analytics platforms, or session recording tools. Our site does not track your browsing behaviour.

3. How We Use Your Data

  • To respond to your enquiry and understand your project needs.
  • To design, build, and deliver your software, website, or application.
  • To process payments for completed work and hosting subscriptions.
  • To register and manage domain names on your behalf, where requested.
  • To communicate project updates, hosting status, or support.
  • To send follow-up correspondence related to your enquiry. You can opt out at any time by replying “stop” or contacting us directly.

We do not sell, rent, or share your personal information with third parties for marketing purposes. Ever.

4. AI-Assisted Services

Flow-Through uses artificial intelligence to assist with certain operational tasks, including handling inbound phone enquiries and processing contact form submissions. Key points:

  • No audio retention: Voice interactions are processed in real time. Audio is not recorded, stored, or used for any purpose beyond the immediate conversation.
  • No model training: Your data is never used to train AI models. We use commercial API services with zero-data-retention agreements in place.
  • Human oversight: All AI-assisted outputs (responses, scheduling, enquiry summaries) are reviewed by a human before any commitment is made on your behalf. No pricing, timelines, or agreements are finalised without direct human involvement.

5. Third-Party Services

Your data touches only the infrastructure required to deliver our services:

  • Stripe (USA) — Payment processing. We never handle your card details directly.
  • Cloudflare (Global) — Domain registration, DNS management, network security, and content delivery.
  • Railway (USA) — Application and website hosting.
  • Resend (USA) — Transactional email delivery (enquiry confirmations, project updates). Processes your email address only.
  • Anthropic (USA) — AI language model provider for phone and form handling. Zero-data-retention API usage.
  • ElevenLabs (USA/EU) — Voice synthesis for phone interactions. Audio is processed in real time and not stored.
  • Twilio (USA) — Telephony for inbound phone enquiries. Processes caller phone number and audio in transit only; call recordings are not retained.

We do not use Google Analytics, Facebook Pixel, Hotjar, or any similar tracking service.

6. Data Storage & Security

Your project files and contact details are stored on encrypted, access-controlled infrastructure. All data in transit uses HTTPS/TLS encryption. Access to client information is restricted to authorised personnel of Flow Through Logic Pty Ltd and its operational systems only.

7. Data Breach Notification

If we experience a data breach that is likely to result in serious harm to any individual, we will comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth).

  • We assess suspected breaches promptly.
  • If a notifiable data breach is confirmed, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable.
  • Notifications will describe what happened, what information was involved, what we are doing to contain and remediate, and what steps you can take in response.

8. Data Retention

  • Enquiry data: Retained for up to 12 months after last contact, then deleted unless an active project or hosting agreement exists.
  • Intake form submissions: Retained for the duration of the project, plus 12 months after completion.
  • Client project data: Retained for the duration of any active agreement, plus 12 months after completion or termination.
  • Payment records: Retained as required by Australian tax law (currently 5 years).
  • Phone call content: Not stored. Only structured notes (name, callback details) are retained.

9. Cookies

This website does not use cookies. No tracking cookies, no analytics cookies, no “essential” cookie banners. Your browser stores nothing from our site.

10. Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access your personal information we hold.
  • Correct inaccurate or outdated information.
  • Request deletion of your personal information, subject to legal retention requirements.
  • Complain to the Office of the Australian Information Commissioner (OAIC) if you believe your data has been mishandled.

To exercise any of these rights, email service@flow-through.com.au. We aim to respond within 24 business hours.

11. Cross-Border Data

Some of our third-party service providers operate outside of Australia (primarily the United States). Where your data is processed overseas, we take reasonable steps to ensure those providers handle your information in accordance with the Australian Privacy Principles. All providers listed in Section 5 maintain data protection standards consistent with or exceeding Australian requirements.

12. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email to active clients. The “last updated” date at the top of this page will always reflect the most recent revision.

13. Contact

Questions about this policy? Reach out at service@flow-through.com.au.