Last Updated: April 10, 2026

Privacy Policy

1. Introduction

Welcome to FormFlow, a product of Lord Systems. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you install or use the FormFlow Shopify application ("FormFlow," "the App," "we," "us," or "our").

We are committed to ensuring data security and strictly adhere to the principle of least privilege — requesting only the permissions necessary to provide the service.

By installing or using FormFlow, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please uninstall the App and discontinue use.

2. Information We Collect

2.1 Information You Provide Directly

Account & Store Information: When you install FormFlow through the Shopify App Store, we receive your Shopify store URL, store name, and the email address associated with your Shopify account.
Form Submission Data: FormFlow processes form submissions made by your customers on your Shopify storefront. This may include names, email addresses, phone numbers, and any other fields you configure in your forms.
Workflow Configuration: Settings, rules, and preferences you create within the FormFlow dashboard (e.g., email recipients, scheduling preferences, integration mappings).

2.2 Information from Google Workspace (OAuth)

If you choose to connect a Google Workspace account, we request access to specific information via Google OAuth:

Profile Information: Basic profile information (e.g., email address) to identify and authenticate your account.
Gmail Send Permissions: We request the gmail.send scope solely to send transactional emails on your behalf as triggered by your FormFlow workflows.

2.3 Information from Google Sheets (OAuth)

If you choose to connect a Google account for the Google Sheets integration, we request access via Google OAuth:

Profile Information: Your Google account email address to identify the connected account.
Google Sheets Access: We request the spreadsheets scope to read the structure of spreadsheets you select (tab names, header rows) and to append form submission data as new rows.
Google Drive (read-only): We request the drive.metadata.readonly scope solely to list your spreadsheet files so you can select which one to use. We do not read, modify, or access any other Drive content.

2.4 Information from Microsoft 365 (OAuth)

If you choose to connect a Microsoft 365 account for email, we request access via Microsoft OAuth:

Profile Information: Basic profile information (e.g., email address) to identify and authenticate your account.
Mail.Send Permission: We request the delegated Mail.Send permission solely to send transactional emails on your behalf as triggered by your FormFlow workflows.

2.5 Information from Microsoft Excel / OneDrive (OAuth)

If you choose to connect a Microsoft account for the Microsoft Excel integration, we request access via Microsoft OAuth:

Profile Information: Your Microsoft account email address to identify the connected account.
Files.ReadWrite Permission: We request the delegated Files.ReadWrite permission to read the structure of Excel workbooks you select (worksheet names, header rows) and to append form submission data as new rows. This permission grants access to your OneDrive files; however, FormFlow only accesses the specific workbook you explicitly select in the integration settings. No other OneDrive files are read, modified, or accessed.

2.6 Automatically Collected Information

Usage Data: Information about how you interact with the App, including features used, workflows created, and actions taken within the dashboard.
Log Data: Standard server logs including IP addresses, browser type, pages viewed within the app, and timestamps. This data is used for security monitoring and troubleshooting.

3. Google Workspace & Gmail Data Usage

FormFlow's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy , including the Limited Use requirements.

Sole Purpose: FormFlow accesses your Gmail account solely to send transactional emails on behalf of you (the merchant) as triggered by your FormFlow workflows.
No Reading or Accessing Inbox: FormFlow does not read, view, or access your email inbox, received emails, or email content.
No Storing: FormFlow does not store your email messages or email content on our servers.
No Sharing: FormFlow does not share, transfer, or sell your Google user data or email content to third parties for advertising, marketing, or any other purposes.

4. Google Sheets Data Usage

FormFlow's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy , including the Limited Use requirements.

Sole Purpose: FormFlow accesses Google Sheets solely to read spreadsheet structure (tab names and header rows) for configuration purposes, and to append form submission data as new rows in the spreadsheet you select.
Drive Access is Read-Only and Limited: The drive.metadata.readonly scope is used only to list your spreadsheet files in the integration settings UI. FormFlow does not read, download, or process the content of any Drive files other than the spreadsheet you explicitly select.
No Storing of Spreadsheet Content: FormFlow does not store the content of your Google Sheets on our servers beyond the submission data we write on your behalf.
No Sharing: FormFlow does not share, transfer, or sell your Google Sheets data or Drive file list to third parties for any purpose.

5. Microsoft 365 & Mail.Send Data Usage

FormFlow's use of Microsoft Graph API data is limited strictly to the functionality described in this policy and complies with Microsoft's API Terms of Use.

Sole Purpose: FormFlow accesses your Microsoft 365 account solely to send transactional emails on behalf of you (the merchant) as triggered by your FormFlow workflows.
No Reading or Accessing Mailbox: FormFlow does not read, view, or access your email inbox, received emails, or email content.
No Storing: FormFlow does not store your email messages or email content on our servers.
No Sharing: FormFlow does not share, transfer, or sell your Microsoft account data or email content to third parties for advertising, marketing, or any other purposes.

6. Microsoft Excel & OneDrive Data Usage

FormFlow's use of Microsoft Graph APIs complies with Microsoft's API Terms of Use.

Sole Purpose: FormFlow accesses Microsoft Excel workbooks solely to read workbook structure (worksheet names and header rows) for configuration purposes, and to append form submission data as new rows in the workbook you select.
Files.ReadWrite Scope is Merchant-Directed: Although the Files.ReadWrite permission grants access to your OneDrive files, FormFlow only accesses the specific Excel workbook you explicitly select in the integration settings. No other OneDrive files are read, modified, or accessed.
No Storing of Workbook Content: FormFlow does not store the content of your Excel workbooks on our servers beyond the submission data we write on your behalf.
No Sharing: FormFlow does not share, transfer, or sell your OneDrive or Excel data to third parties for any purpose.

7. Lawful Basis for Processing (GDPR)

If you are located in the European Economic Area, we process your personal data under the following lawful bases:

Performance of a Contract: Processing your store information and configuration data is necessary to provide the FormFlow service you have subscribed to.
Legitimate Interests: Processing usage and log data to maintain security, prevent fraud, and improve the App, where these interests are not overridden by your data protection rights.
Compliance with Legal Obligations: Retaining certain data as required by applicable law.

With respect to form submission data collected from your customers, Lord Systems acts as a data processor on your behalf. You (the merchant) are the data controller and are responsible for ensuring you have the appropriate legal basis to collect and process your customers' personal data through FormFlow.

8. How We Use Your Information

We use the information collected to:

Provide, operate, and maintain the FormFlow service
Execute your configured workflows (sending emails, syncing data to integrations, triggering automations)
Authenticate your identity and manage your account access
Communicate with you about the App, including support, updates, and important policy changes
Monitor and analyze usage patterns to improve the App's performance and features
Detect, investigate, and prevent fraudulent or unauthorized activity
Comply with applicable laws and legal obligations

We do not use your data for advertising, sell it to data brokers, or use it for any purpose beyond providing the FormFlow service and improving it.

9. Cookies & Tracking Technologies

FormFlow uses a limited set of cookies and similar technologies to operate the App:

Type	Purpose
Strictly Necessary	Required for the App to function, such as session authentication tokens. These cannot be disabled.
Functional	Remember your preferences and settings within the FormFlow dashboard (e.g., saved filters, display preferences).
Analytics	We may use privacy-respecting analytics tools to understand how the App is used in aggregate. This data is anonymized and never tied to individual users for advertising purposes.

10. Information Sharing & Disclosure

We do not sell, trade, or rent your personal information to third parties. Information may be shared only in the following circumstances:

Service Providers: We work with trusted third-party vendors who assist in operating the App. These providers are contractually bound to use your data only to perform services on our behalf and to keep it confidential.
Integrations You Enable: When you connect FormFlow to a third-party platform (e.g., Zoho CRM, Mailchimp, Salesforce), data is shared with that platform according to your configured workflow rules. You control what data is sent.
Legal Requirements: We may disclose information if required to do so by law or in response to valid legal process.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. You will be notified before your data becomes subject to a different privacy policy.

11. Data Retention

Data Type	Retention Period
Form Submission Data	Retained while your account is active. You can delete records at any time from the FormFlow dashboard.
Account & Configuration Data	Retained for the duration of your subscription. Deleted or anonymized within 30 days of uninstalling the App, except where required by law.
OAuth Tokens (Google Workspace, Google Sheets, Microsoft 365, Microsoft Excel)	Deleted immediately upon disconnecting the relevant integration, or upon uninstalling the App.
Log Data	Retained for up to 90 days for security and troubleshooting, then deleted.

12. How We Secure Your Data

Encryption in transit (TLS/HTTPS) for all data transmitted
Encryption at rest for sensitive stored data
Secure OAuth 2.0 token handling — we never receive or store your Google or Microsoft password
Access controls limiting employee access to data on a need-to-know basis
Regular security reviews and vulnerability assessments

13. Revoking Access

You can disconnect any Google or Microsoft integration from FormFlow at any time by:

Navigating to Settings → Integrations within FormFlow and removing the connection, or
For Google: visiting your Google Account Security settings and revoking FormFlow's access, or
For Microsoft: visiting your Microsoft My Apps portal and revoking FormFlow's access.

14. International Data Transfers

FormFlow is operated on infrastructure hosted in the United States (Railway, Cloudflare). If you are located in the European Economic Area, United Kingdom, or other regions with data protection laws that govern cross-border transfers, please be aware that your data may be transferred to and processed in the United States.

We rely on the following mechanisms to lawfully transfer personal data internationally:

Standard Contractual Clauses (SCCs): Where required, we use the European Commission's approved Standard Contractual Clauses with our service providers to ensure adequate data protection safeguards.
Service Provider Compliance: Our infrastructure providers (Railway, Cloudflare) maintain their own data protection agreements and compliance programs.

By using FormFlow, you acknowledge that your data may be transferred to and processed in the United States in accordance with this policy.

15. Your Privacy Rights

For Residents of the European Economic Area (GDPR)

Right	Description
Right of Access	Request a copy of the personal data we hold about you.
Right to Rectification	Request correction of inaccurate data.
Right to Erasure	Request deletion of your personal data ("right to be forgotten").
Right to Restriction	Request that we restrict processing of your data.
Right to Data Portability	Request your data in a structured, machine-readable format.
Right to Object	Object to processing of your data for certain purposes.

For California Residents (CCPA/CPRA)

Right	Description
Right to Know	Request disclosure of the categories and specific pieces of personal information we have collected about you.
Right to Delete	Request deletion of personal information we have collected from you.
Right to Opt-Out of Sale	We do not sell personal information. No opt-out is required.
Right to Non-Discrimination	We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at privacy@lord.systems. We will respond within 30 days.

16. Third-Party Links & Integrations

This Privacy Policy applies only to FormFlow. Once you connect to or navigate to a third-party service, their privacy practices govern the data they collect. We encourage you to review the privacy policies of any third-party services you connect to FormFlow.

17. Children's Privacy

FormFlow is a business-to-business application intended for use by Shopify merchants. It is not directed at children under the age of 13 (or under 16 in the EEA), and we do not knowingly collect personal information from children.

18. Changes to This Privacy Policy

When material changes are made, we will:

Update the "Last Updated" date at the top of this page
Notify active users via email or a prominent notice within the FormFlow dashboard at least 14 days before the changes take effect

19. Contact Us

Lord Systems
Email: privacy@lord.systems
Web: lord.systems/contact