Privacy Policy
Last updated: January 2026
FlowGo Pty Ltd (Australia) and FlowSync AI Sdn Bhd (Malaysia) (collectively, "FlowGo", "we", "us", or "our") are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in connection with our website and platform (the "Services").
FlowGo operates from Australia and Malaysia. This policy applies to information collected from users of the FlowGo platform and visitors to our website. We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as Malaysia's Personal Data Protection Act 2010 (PDPA), where applicable.
For the purposes of applicable privacy laws, the FlowGo entity that contracts with you is the primary entity responsible for handling personal information under this Privacy Policy.
Who We Are
FlowGo is a software company with operations in Australia and Malaysia, providing financial workflow automation tools for businesses across the Asia-Pacific region.
- Australian entity: FlowGo Pty Ltd (ACN 691 432 292)
- Malaysian entity: FlowSync AI Sdn Bhd (Registration No.: 202501045885 (1647293-D))
In most cases:
- Our customers control the business data processed through FlowGo.
- FlowGo acts as a service provider that processes data on behalf of its customers to deliver the Services.
Business Customer Responsibilities
Where you are a business customer using FlowGo, you are responsible for:
- Ensuring you have appropriate authority to share business data with FlowGo
- Complying with your own privacy obligations to employees, customers, suppliers, and other third parties whose information may be processed through the Services
- Providing any required notices and obtaining necessary consents under applicable privacy laws in your jurisdiction
Information We Collect
a. Information You Provide
We may collect personal and business information that you voluntarily provide, including:
- Name, email address, phone number
- Company name and job title or role
- Billing and payment details
- Support communications
- Information you input into the FlowGo platform
b. Information Collected Automatically
When you use our website or Services, we may automatically collect:
- IP address, browser type, and device information
- Operating system
- Usage data (pages viewed, features used, time spent)
- Cookies and similar technologies
c. Financial and Accounting Integrations
If you connect FlowGo to third-party systems (such as QuickBooks, AutoCount, Xero, MYOB, SAP, or other ERP and financial platforms), we may process:
- Invoice data (vendor and customer invoices)
- Purchase orders and receipts
- Vendor and customer records
- General ledger codes and account structures
- Payment and transaction records
- Supporting documents and attachments
We access only the data necessary to provide the Services, do not use financial data for advertising or profiling, and do not review customer data except where required for support, security, or legal compliance.
How We Use Information
We use personal information to:
- Provide, operate, and maintain the Services
- Perform automated workflows at your direction
- Process subscriptions and payments
- Communicate service updates, support responses, and operational notices
- Send limited business-related communications (you may opt out at any time)
- Improve product performance and functionality
- Monitor usage and analyse trends
- Maintain security, prevent fraud, and ensure system integrity
- Comply with legal and regulatory obligations
We do not sell, rent, trade, or commercially exploit personal information.
Disclosure of Information
a. Service Providers
Trusted third parties including cloud hosting providers (Amazon Web Services and Google Cloud Platform), payment processors, analytics providers, customer support tools, and email service providers.
b. Related Entities
We may share information between our Australian and Malaysian entities where reasonably necessary.
c. Integration Partners
When you connect FlowGo with third-party platforms, we share information required to enable those integrations per your instructions.
d. Legal and Regulatory Requirements
Where required or authorised by law.
Overseas Disclosure and Data Location
Personal information may be stored or processed in Australia, Malaysia, Singapore, Thailand, and the United States (through cloud service providers). Reasonable steps are taken to ensure recipients handle information consistently with applicable privacy laws.
- Malaysian users: by using the Services, you consent to transfer of personal data outside Malaysia in accordance with the PDPA.
- Australian users: we take reasonable steps to ensure overseas recipients comply with the Australian Privacy Principles.
Data Security
Our security measures include:
- Encryption in transit and at rest
- Role-based access controls
- Secure infrastructure and monitoring
- Regular security assessments
- Multi-factor authentication for platform access
- Security incident response procedures
No system is completely secure.
Data Retention
- Account information: for the duration of your active account and a reasonable period thereafter
- Transaction and workflow data: up to 7 years where required by applicable tax or accounting laws
- Support communications: up to 3 years after the last interaction
- Marketing communications data: until you unsubscribe or request deletion
Access, Correction, and Data Portability
You have the right to:
- Request access to personal information
- Request correction of inaccurate or incomplete information
- Request deletion, subject to legal retention obligations
- Request export of your data in a structured format
- Withdraw consent where consent is the legal basis for processing
Requests may be made using the contact details below. We may need to verify your identity before responding and will generally respond within 30 days.
Marketing Communications
You may opt out by:
- Clicking the "unsubscribe" link in marketing emails
- Contacting us at [email protected]
- Adjusting your communication preferences in your account settings
Cookies and Tracking Technologies
We use cookies to maintain secure sessions, remember user preferences, analyse usage and improve functionality, and provide customer support. You can manage cookies through your browser settings.
Data Breaches
We will comply with our obligations under applicable laws, including Australia's Notifiable Data Breaches scheme (OAIC) and Malaysia's PDPA notification obligations.
Third-Party Links
We are not responsible for the privacy practices or content of third-party websites or tools.
Children's Privacy
FlowGo is intended for business users and is not directed to individuals under the age of 18.
Changes to This Policy
Material changes will be posted on our website with an updated "Last updated" date.
Contact Us
Australia: FlowGo Pty Ltd (ACN 691 432 292)
Malaysia: FlowSync AI Sdn Bhd (Registration No.: 202501045885 (1647293-D))
Email: [email protected]
Australian users may lodge complaints with the OAIC at www.oaic.gov.au.
Malaysian users may lodge complaints with the PDPC at www.pdp.gov.my.