Privacy Policy

Our commitment to your privacy

Multiflows ("we", "us", or "our") operates the AI-powered B2B outbound sales platform available at app.multiflows.ai and api.multiflows.ai. This Privacy Policy explains what information we collect from users of our platform, how we use it, and what rights you have.

We built Multiflows on a foundation of data isolation and security from day one. Your data — and your clients' prospect data — belongs to you. We never sell it, train on it, or share it with third parties outside of the explicitly described integrations that power the platform.

What data we collect

Account & Identity Data

• Name and email address provided at registration
• Hashed password (bcrypt — we never store plaintext passwords)
• Company name and website URL provided during onboarding
• Invitation code used to create your account

API Credentials

To power core functionality, Multiflows requires access to your third-party API keys. These are stored encrypted in our database using Fernet symmetric encryption (AES-128-CBC) and are never logged or stored in plaintext.

• OpenAI API key (for AI drafting, research, and ICP generation)
• Apollo.io API key (for prospect enrichment and contact discovery)
• Gmail or Outlook OAuth2 tokens (issued by Google/Microsoft, scoped to sending and inbox polling only)

Outbound Campaign Data

• Prospect records, contact details, and enrichment data sourced via Apollo
• Email drafts, sent emails, and inbound reply content
• ICP profiles and scoring configurations you define
• Email style templates and research guidelines created during onboarding
• Campaign configurations, outreach modes, and cadence settings

Product Knowledge (Drive RAG)

• Documents you sync from Google Drive for use in the AI knowledge base
• These are chunked, embedded, and stored in your isolated Pinecone vector namespace

Usage & Telemetry Data

• API request logs (request type, timestamp, success/failure) — retained for debugging
• Temporal workflow execution logs — retained for operational reliability
• Domain health scores and sending reputation metrics

Your data is yours. Full stop.

This is a commitment we make explicitly and without qualification: Multiflows does not use your data for any commercial purpose.

Specifically, Multiflows will never:

• Sell or rent your data to any third party for commercial gain
• Use your prospect data, email content, or campaign data to benefit any other client or external party
• Train shared or pooled AI models on your data — any learning from your edits improves only your own account's output
• Analyze your data in aggregate to produce market intelligence, industry reports, or any commercial product
• Share your data with advertisers or marketing platforms
• Use your company knowledge base (Drive RAG) for any purpose other than generating context for your own emails and dossiers

Your data is infrastructure that runs your outbound program — and nothing else.

How we use what we collect

We use the data described above exclusively to operate and improve the Multiflows platform for you. Specifically:

• To authenticate you and secure your account session via JWT
• To execute AI research, enrichment, and email drafting workflows on your behalf
• To send and manage outbound emails using your connected email provider
• To classify inbound replies and route them to the appropriate AE
• To generate prospect dossiers and pre-meeting briefs for your sales team
• To monitor domain health and protect your sending reputation
• To sync and query your Google Drive knowledge base for AI context
• To improve AI drafting quality through your in-product edits and approvals (per-account only — never pooled across clients)
• To diagnose issues, resolve bugs, and maintain platform uptime

When and with whom we share data

We do not sell, rent, or trade your data. We share data only to the extent required to operate the platform:

Infrastructure Providers

• Railway — Cloud infrastructure provider hosting the Multiflows backend, frontend, and database
• Pinecone — Vector database used for Drive RAG Sync and email context retrieval
• Temporal — Workflow orchestration engine that manages all background AI tasks

AI Processing

• OpenAI — Prospect research, email drafting, ICP scoring, and reply classification are processed using your own OpenAI API key. Data is sent to OpenAI under your account's terms with OpenAI.

Prospect Enrichment

• Apollo.io — Prospect and company enrichment is executed using your own Apollo API key. Data is retrieved from Apollo under your account's terms with Apollo.

Email Providers

• Google (Gmail) and Microsoft (Outlook) — Email sending and inbox polling is handled through OAuth2 with your connected accounts. Multiflows only requests the scopes necessary to send emails, create drafts, and poll inboxes.

Legal Requirements

We may disclose your data if required by law, court order, or to protect the legal rights, safety, or property of Multiflows, our users, or the public. We will notify you where legally permitted before doing so.

How we store and protect your data

Security is structural in Multiflows — not a configuration layer applied on top. Key protections include:

• All API credentials are encrypted at rest using Fernet (AES-128-CBC) before storage
• Passwords are hashed using bcrypt with per-record salts — plaintext passwords are never stored or logged
• JWT-based session authentication with scoped tokens
• SSRF protection on all outbound requests to prevent server-side request forgery
• Rate limiting on all API endpoints to prevent abuse
• All connections use TLS encryption in transit
• Database access is restricted via Row-Level Security policies — queries can only access rows belonging to the authenticated tenant
• Private networking between platform services (no public exposure of internal service endpoints)

Multi-tenant data isolation

Multiflows is a multi-tenant SaaS platform. Every client account is a fully isolated tenant. This isolation is enforced at multiple layers:

• Database: PostgreSQL Row-Level Security ensures every query is automatically scoped to the authenticated tenant. A misconfigured query cannot return data from another account.
• Vector Store: Each client's Drive RAG documents are stored in a dedicated Pinecone namespace. Cross-namespace queries are not possible within the platform.
• API Keys: Your OpenAI and Apollo keys are stored per-tenant and are never shared or pooled. AI calls are made under your own account, not a shared platform key.
• Workflows: Temporal workflows are scoped to tenant IDs. No workflow task can operate on data belonging to another tenant.
• Signups: New accounts require an admin-issued invitation code, preventing unauthorized access to the platform.

Third-party services and your accounts

When you connect third-party accounts or provide API keys, your use of those services is also governed by their own policies. Review each provider's documentation directly using the links below.

Multiflows does not control the data practices of these third-party services. OAuth tokens issued by Google or Microsoft can be revoked at any time from your respective account settings.

How long we keep your data

• Active account data — Retained for the duration of your subscription to power the platform
• Campaign and prospect data — Retained while your account is active; you may delete individual records within the platform at any time
• API logs and workflow traces — Retained for up to 90 days for debugging and operational purposes
• Drive RAG embeddings — Retained while Drive Sync is active; automatically updated when source files are modified or deleted
• Account data after cancellation — Retained for 30 days following account closure, then permanently deleted

You may request full data deletion at any time by contacting us. Deletion requests are completed within 30 days.

Your rights over your data

Depending on your location, you may have certain rights regarding your personal data:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate or incomplete data
• Deletion — Request deletion of your account and all associated data
• Portability — Request your data in a machine-readable format
• Objection — Object to certain processing activities
• Restriction — Request restriction of how your data is processed

To exercise any of these rights, contact us at the address in the Contact section. We will respond within 30 days.

Cookies and tracking

The Multiflows platform uses a minimal set of cookies strictly necessary for authentication and session management:

• Session cookies — Used to maintain your authenticated session. Deleted when you log out or close your browser.
• Security cookies — Used for CSRF protection and request validation.

We do not use advertising cookies, third-party tracking pixels, or analytics cookies that report to external services. The Multiflows platform is ad-free and we do not monetize user behavior data.

Children's privacy

Multiflows is a B2B platform intended for use by businesses and business professionals. It is not directed at children under the age of 16. We do not knowingly collect personal information from anyone under 16. If you believe a minor has provided us with personal data, contact us immediately and we will delete it promptly.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "last updated" date at the top of the page. For material changes — those that meaningfully affect how we collect, use, or share your data — we will notify active account holders by email at least 14 days before the change takes effect.

Your continued use of the platform after the effective date of an updated policy constitutes your acceptance of the changes.