← Back

Privacy Policy

Last updated: 19 March 2026

1. Who We Are

Blake Rowlands-Mowle (ABN: 11 419 399 093), trading as Flow-Through, builds bespoke websites and custom software for small businesses. We operate from Canberra, ACT, Australia.

For privacy inquiries: service@flow-through.com.au

2. What We Collect

We collect only what is necessary to deliver our services and communicate with you:

  • Contact details: Name, email address, phone number, and business name — provided when you reach out via our contact form, phone, or email.
  • Intake form submissions: Business details, website preferences, content, images, and design direction you provide through our project intake form.
  • Project information: Details about your business and website requirements shared during our conversations.
  • Payment data: Processed entirely via Stripe. We never see or store your credit card number, CVV, or banking details.
  • Phone call data: Inbound calls to our business line may be handled by an AI assistant. Call audio is processed in real time and is not recorded or stored. Only the substance of the conversation (your name, enquiry details, callback preferences) is retained.
  • Domain registration: If we register a domain on your behalf, we collect the details required by the registrar (name, email, business name). The domain is registered under your ownership.
  • Website analytics: We do not use third-party tracking cookies, analytics platforms, or session recording tools. Our site does not track your browsing behaviour.

3. How We Use Your Data

  • To respond to your enquiry and understand your project needs.
  • To design, build, and deliver your website or software.
  • To process payments for completed work and hosting subscriptions.
  • To register and manage domain names on your behalf, where requested.
  • To communicate project updates, hosting status, or support.
  • To send follow-up correspondence related to your enquiry. You can opt out at any time by replying “stop” or contacting us directly.

We do not sell, rent, or share your personal information with third parties for marketing purposes. Ever.

4. AI-Assisted Services

Flow-Through uses artificial intelligence to assist with certain operational tasks, including handling inbound phone enquiries and processing contact form submissions. Key points:

  • No audio retention: Voice interactions are processed in real time. Audio is not recorded, stored, or used for any purpose beyond the immediate conversation.
  • No model training: Your data is never used to train AI models. We use commercial API services with zero-data-retention agreements in place.
  • Human oversight: All AI-assisted outputs (responses, scheduling, enquiry summaries) are reviewed by a human before any commitment is made on your behalf. No pricing, timelines, or agreements are finalised without direct human involvement.

5. Third-Party Services

Your data touches only the infrastructure required to deliver our services:

  • Stripe (USA) — Payment processing. We never handle your card details directly.
  • Cloudflare (Global) — Domain registration, DNS management, network security, and content delivery.
  • Railway (USA) — Website and application hosting.
  • Resend (USA) — Transactional email delivery (enquiry confirmations, project updates). Processes your email address only.
  • Anthropic (USA) — AI language model provider for phone and form handling. Zero-data-retention API usage.
  • ElevenLabs (USA/EU) — Voice synthesis for phone interactions. Audio is processed in real time and not stored.
  • Google Sheets (USA) — Internal project tracking only. Your contact details and project status may be recorded in a secure, access-controlled spreadsheet.

We do not use Google Analytics, Facebook Pixel, Hotjar, or any similar tracking service.

6. Data Storage & Security

Your project files and contact details are stored on encrypted, access-controlled infrastructure. All data in transit uses HTTPS/TLS encryption. Access to client information is restricted to Blake Rowlands-Mowle and authorised operational systems only.

7. Data Retention

  • Enquiry data: Retained for up to 12 months after last contact, then deleted unless an active project or hosting agreement exists.
  • Intake form submissions: Retained for the duration of the project, plus 12 months after completion.
  • Client project data: Retained for the duration of any active agreement, plus 12 months after completion or termination.
  • Payment records: Retained as required by Australian tax law (currently 5 years).
  • Phone call content: Not stored. Only structured notes (name, callback details) are retained.

8. Cookies

This website does not use cookies. No tracking cookies, no analytics cookies, no “essential” cookie banners. Your browser stores nothing from our site.

9. Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access your personal information we hold.
  • Correct inaccurate or outdated information.
  • Request deletion of your personal information, subject to legal retention requirements.
  • Complain to the Office of the Australian Information Commissioner (OAIC) if you believe your data has been mishandled.

To exercise any of these rights, email service@flow-through.com.au. We aim to respond within 24 business hours.

10. Cross-Border Data

Some of our third-party service providers operate outside of Australia (primarily the United States). Where your data is processed overseas, we take reasonable steps to ensure those providers handle your information in accordance with the Australian Privacy Principles. All providers listed in Section 5 maintain data protection standards consistent with or exceeding Australian requirements.

11. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email to active clients. The “last updated” date at the top of this page will always reflect the most recent revision.

12. Contact

Questions about this policy? Reach out at service@flow-through.com.au.