Privacy Policy

Privacy and data handling

Last updated: 17 June 2026

1. Updates to this policy

We may update this Privacy Policy from time to time. If we do, we will post the updated policy on this page and update the "Last Updated" date. Material changes will be communicated through the website or to your account email if you hold a paid plan.

2. Information we collect

We collect information you provide to us, information collected automatically when you visit the website, and limited information when you create a paid account.

Contact information — name, email address, company, and message when you submit our contact form, request a demo, or email us directly.
Account information — email address and billing details when you create a paid account. Payment card information is processed securely by our third-party payment processors. We never store full card numbers.
Desktop app usage data — feature usage patterns, app version, platform, and error reports collected to improve the product. On by default, can be turned off in app settings. We never collect the content of your recordings, project files, or estimates.
Usage information — pages visited, referring website, browser type, device type, approximate location (derived from IP address), and session interactions (such as scroll depth, clicks, and session replays) collected through web analytics and session recording services (only after consent).
Communications — any information you send to us through email or other direct channels.
Newsletter subscription — email address when you subscribe to product updates from the footer, contact form, or login page.

3. How we use your information

We use personal information for the following purposes:

To respond to your enquiries, demo requests, and support questions.
To create and manage your paid account, process payments, and deliver the Pro or Enterprise plan you have purchased.
To send service-related communications such as payment receipts, account notifications, and licence updates.
To send product updates and marketing emails if you have opted in. You can unsubscribe at any time using the link in each email.
To improve the website and product based on usage patterns and feedback.
To comply with legal obligations and enforce our agreements.
We do not sell personal information. We do not use personal information for targeted advertising. Optional analytics and tracking services are consent-only and default to denied.

4. Third-Party Service Providers

We engage trusted third-party service providers to facilitate necessary website delivery, application infrastructure, account authentication, and payment processing. As a local-first application, your underlying project files and generated estimates remain on your local device and are not shared with these providers.

Hosting and infrastructure providers — to host our website, manage authentication services, secure user accounts, and sync license details.
Payment processors — to securely process subscription payments and handle billing synchronization. We do not store or process raw payment card details; all payments are handled securely by our payment partners.
Analytics and performance partners — to analyze website performance, deliver content via content delivery networks (CDNs), and optional consent-based visitor analytics.
Service providers are strictly restricted from selling your data or using it for their own purposes, and are bound by confidentiality obligations to process data solely to deliver the contracted services.

5. Google user data

Users who choose to sign in with Google and grant Gmail API access can import RFQ emails directly into Kwantflow or send quotes. This section explains how we handle, collect, use, and protect Google user data.

What we collect (Gmail) — With your explicit permission, Kwantflow accesses and collects the following Google user data: the email message bodies, email metadata (sender, date, recipient), and attachment files of selected Gmail messages that you explicitly choose to import.
Why we need it — We use your Google user data solely to identify RFQ-related content, extract estimation details (quantities, materials), and create project records within your local desktop workspace. We also use your data to send quote PDF documents directly to your clients at your request.
Where it stays — Google user data is processed on your local machine and stored in your local Kwantflow workspace. It is not uploaded to any server or cloud. No Google user data — including Gmail message content — is ever stored on Kwantflow servers.
How we protect it — We do not sell Google user data. We do not share, transfer, or disclose it to third parties for purposes other than providing the RFQ email import and quote sending features you requested. We do not use it for advertising, creditworthiness checks, or for training AI models.
Data retention and deletion — Google user data is stored locally in your secure local database. You can delete imported data at any time by deleting the respective RFQ record or resetting your workspace. You can revoke Gmail access at any time through your Google Account Permissions Page.
Limited Use — Kwantflow's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6. Microsoft user data

Users who choose to sign in with Microsoft and grant Outlook API access can import RFQ emails directly into Kwantflow or send quotes. This section explains how we handle, collect, use, and protect Microsoft user data.

What we collect (Outlook) — With your explicit permission, Kwantflow accesses and collects the following Microsoft user data: the email message bodies, email metadata (sender, date, recipient), and attachment files of selected Outlook messages that you explicitly choose to import.
Why we need it — We use your Microsoft user data solely to identify RFQ-related content, extract estimation details (quantities, materials), and create project records within your local desktop workspace. We also use your data to send quote PDF documents directly to your clients at your request.
Where it stays — Microsoft user data is processed on your local machine and stored in your local Kwantflow workspace. It is not uploaded to any server or cloud. No Microsoft user data — including Outlook message content — is ever stored on Kwantflow servers.
How we protect it — We do not sell Microsoft user data. We do not share, transfer, or disclose it to third parties for purposes other than providing the RFQ email import and quote sending features you requested. We do not use it for advertising, creditworthiness checks, or for training AI models.
Data retention and deletion — Microsoft user data is stored locally in your secure local database. You can delete imported data at any time by deleting the respective RFQ record or resetting your workspace. You can revoke Outlook access at any time through your Microsoft Account Privacy Dashboard.
Limited Use — Kwantflow requests only the minimum necessary permissions (principle of least privilege) to deliver the requested functionality, in accordance with the Microsoft APIs Terms of Use.

7. Local-first data and your workspace

Kwantflow is a local-first desktop application. All RFQ files, estimates, quotes, project data, setup libraries, and AI analysis remain in a secure local database and file vault on your machine. This data is stored locally and is not uploaded to our servers.

If you upgrade to a Pro or Enterprise plan, limited account and subscription metadata (such as your workspace name, active seats, and license snapshot) is stored in our secure authentication service to verify your subscription. Even on paid plans, your actual project files, quotes, and estimating databases stay exclusively on your local machine and are never uploaded to the cloud.

The AI engine runs entirely on your device using a local runtime. No project data, files, or prompts are sent to an external AI provider.

8. Data security

We take the security of your personal information seriously. We implement appropriate technical and organisational measures designed to protect your data, including encryption of data in transit (TLS) and access controls on hosted services.

Because the desktop application is local-first, your project data benefits from your own device-level security. Hosted subscription and authentication metadata is stored in secure database environments with row-level security, encrypted connections, and restricted access.

9. Data retention

We retain your account information for as long as you maintain an active paid account. Contact form submissions and related correspondence are retained for a reasonable period to handle follow-up enquiries. Newsletter subscriber email addresses are retained until you unsubscribe or request deletion.

You may request deletion of your personal information at any time by contacting us. Upon receiving a verified deletion request, we will delete the applicable personal information within a reasonable timeframe, unless retention is required or permitted by applicable law.

Free plan users do not create an account, so we hold no personal information about free-tier users beyond any voluntary contact form submissions.

10. Your rights

Depending on your location, you may have the following rights under applicable privacy law (including the Australian Privacy Act 1988):

Access — request a copy of the personal information we hold about you.
Correction — ask us to correct inaccurate or incomplete information.
Deletion — request deletion of your personal information.
Opt-out — unsubscribe from marketing emails using the link in any marketing email we send.
Cookies — manage cookie preferences through your browser settings or our cookie banner.
Do Not Track — our website currently does not respond to Do Not Track (DNT) browser signals.
Contact us — to exercise any of these rights or make a privacy enquiry, email us at hello@kwantflow.com or use our contact page. We will respond within a reasonable timeframe.
Google permissions — to revoke Google API access granted to Kwantflow, visit your Google Account permissions page.
Data deletion (Google data) — to request deletion of any Google user data associated with your Kwantflow account, email hello@kwantflow.com with the subject line "Google Data Deletion Request".
Microsoft permissions — to revoke Microsoft API access granted to Kwantflow, visit your Microsoft Account Privacy Dashboard.
Data deletion (Microsoft data) — to request deletion of any Microsoft user data associated with your Kwantflow account, email hello@kwantflow.com with the subject line "Microsoft Data Deletion Request".

011. Updates to this policy
022. Information we collect
033. How we use your information
044. Third-Party Service Providers
055. Google user data
066. Microsoft user data
077. Local-first data and your workspace
088. Data security
099. Data retention
1010. Your rights

Privacy Policy

Privacy and data handling

Last updated: 17 June 2026

1. Updates to this policy

2. Information we collect

We collect information you provide to us, information collected automatically when you visit the website, and limited information when you create a paid account.

Contact information — name, email address, company, and message when you submit our contact form, request a demo, or email us directly.
Account information — email address and billing details when you create a paid account. Payment card information is processed securely by our third-party payment processors. We never store full card numbers.
Desktop app usage data — feature usage patterns, app version, platform, and error reports collected to improve the product. On by default, can be turned off in app settings. We never collect the content of your recordings, project files, or estimates.
Usage information — pages visited, referring website, browser type, device type, approximate location (derived from IP address), and session interactions (such as scroll depth, clicks, and session replays) collected through web analytics and session recording services (only after consent).
Communications — any information you send to us through email or other direct channels.
Newsletter subscription — email address when you subscribe to product updates from the footer, contact form, or login page.

3. How we use your information

We use personal information for the following purposes:

To respond to your enquiries, demo requests, and support questions.
To create and manage your paid account, process payments, and deliver the Pro or Enterprise plan you have purchased.
To send service-related communications such as payment receipts, account notifications, and licence updates.
To send product updates and marketing emails if you have opted in. You can unsubscribe at any time using the link in each email.
To improve the website and product based on usage patterns and feedback.
To comply with legal obligations and enforce our agreements.
We do not sell personal information. We do not use personal information for targeted advertising. Optional analytics and tracking services are consent-only and default to denied.

4. Third-Party Service Providers

Hosting and infrastructure providers — to host our website, manage authentication services, secure user accounts, and sync license details.
Payment processors — to securely process subscription payments and handle billing synchronization. We do not store or process raw payment card details; all payments are handled securely by our payment partners.
Analytics and performance partners — to analyze website performance, deliver content via content delivery networks (CDNs), and optional consent-based visitor analytics.
Service providers are strictly restricted from selling your data or using it for their own purposes, and are bound by confidentiality obligations to process data solely to deliver the contracted services.

5. Google user data

What we collect (Gmail) — With your explicit permission, Kwantflow accesses and collects the following Google user data: the email message bodies, email metadata (sender, date, recipient), and attachment files of selected Gmail messages that you explicitly choose to import.
Why we need it — We use your Google user data solely to identify RFQ-related content, extract estimation details (quantities, materials), and create project records within your local desktop workspace. We also use your data to send quote PDF documents directly to your clients at your request.
Where it stays — Google user data is processed on your local machine and stored in your local Kwantflow workspace. It is not uploaded to any server or cloud. No Google user data — including Gmail message content — is ever stored on Kwantflow servers.
How we protect it — We do not sell Google user data. We do not share, transfer, or disclose it to third parties for purposes other than providing the RFQ email import and quote sending features you requested. We do not use it for advertising, creditworthiness checks, or for training AI models.
Data retention and deletion — Google user data is stored locally in your secure local database. You can delete imported data at any time by deleting the respective RFQ record or resetting your workspace. You can revoke Gmail access at any time through your Google Account Permissions Page.
Limited Use — Kwantflow's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6. Microsoft user data

What we collect (Outlook) — With your explicit permission, Kwantflow accesses and collects the following Microsoft user data: the email message bodies, email metadata (sender, date, recipient), and attachment files of selected Outlook messages that you explicitly choose to import.
Why we need it — We use your Microsoft user data solely to identify RFQ-related content, extract estimation details (quantities, materials), and create project records within your local desktop workspace. We also use your data to send quote PDF documents directly to your clients at your request.
Where it stays — Microsoft user data is processed on your local machine and stored in your local Kwantflow workspace. It is not uploaded to any server or cloud. No Microsoft user data — including Outlook message content — is ever stored on Kwantflow servers.
How we protect it — We do not sell Microsoft user data. We do not share, transfer, or disclose it to third parties for purposes other than providing the RFQ email import and quote sending features you requested. We do not use it for advertising, creditworthiness checks, or for training AI models.
Data retention and deletion — Microsoft user data is stored locally in your secure local database. You can delete imported data at any time by deleting the respective RFQ record or resetting your workspace. You can revoke Outlook access at any time through your Microsoft Account Privacy Dashboard.
Limited Use — Kwantflow requests only the minimum necessary permissions (principle of least privilege) to deliver the requested functionality, in accordance with the Microsoft APIs Terms of Use.

7. Local-first data and your workspace

The AI engine runs entirely on your device using a local runtime. No project data, files, or prompts are sent to an external AI provider.

8. Data security

9. Data retention

Free plan users do not create an account, so we hold no personal information about free-tier users beyond any voluntary contact form submissions.

10. Your rights

Depending on your location, you may have the following rights under applicable privacy law (including the Australian Privacy Act 1988):

Access — request a copy of the personal information we hold about you.
Correction — ask us to correct inaccurate or incomplete information.
Deletion — request deletion of your personal information.
Opt-out — unsubscribe from marketing emails using the link in any marketing email we send.
Cookies — manage cookie preferences through your browser settings or our cookie banner.
Do Not Track — our website currently does not respond to Do Not Track (DNT) browser signals.
Contact us — to exercise any of these rights or make a privacy enquiry, email us at hello@kwantflow.com or use our contact page. We will respond within a reasonable timeframe.
Google permissions — to revoke Google API access granted to Kwantflow, visit your Google Account permissions page.
Data deletion (Google data) — to request deletion of any Google user data associated with your Kwantflow account, email hello@kwantflow.com with the subject line "Google Data Deletion Request".
Microsoft permissions — to revoke Microsoft API access granted to Kwantflow, visit your Microsoft Account Privacy Dashboard.
Data deletion (Microsoft data) — to request deletion of any Microsoft user data associated with your Kwantflow account, email hello@kwantflow.com with the subject line "Microsoft Data Deletion Request".

011. Updates to this policy
022. Information we collect
033. How we use your information
044. Third-Party Service Providers
055. Google user data
066. Microsoft user data
077. Local-first data and your workspace
088. Data security
099. Data retention
1010. Your rights

Privacy Policy

1. Updates to this policy

2. Information we collect

3. How we use your information

4. Third-Party Service Providers

5. Google user data

6. Microsoft user data

7. Local-first data and your workspace

8. Data security

9. Data retention

10. Your rights

Table of Contents

Privacy Policy

1. Updates to this policy

2. Information we collect

3. How we use your information

4. Third-Party Service Providers

5. Google user data

6. Microsoft user data

7. Local-first data and your workspace

8. Data security

9. Data retention

10. Your rights

Table of Contents