Privacy Policy

Last updated: January 2026

This Policy explains what data TG Flows processes and why. It is a template provided with the MVP and should be reviewed by counsel before production use.

1. Data we process

Account data (name, email, workspace), bot configuration (bot tokens, settings), and subscriber data your bots collect (Telegram ID, name, username, messages). Bot tokens are stored to operate the Service.

2. How we use it

To provide the Service: delivering messages, running automations, powering the inbox and analytics, and billing. We do not sell your data.

3. Telegram

When connected in production, messages flow through the Telegram Bot API. You are the controller of your subscribers’ data and must have a lawful basis to message them.

4. Storage & security

Data is stored in your configured database. Use a strong AUTH_SECRET and encrypt connections in production. In this local MVP, data is stored in SQLite on your machine.

5. Your rights

You may export or delete your workspace data. Contact us to exercise data subject rights.

6. Contact

Privacy questions? privacy@tgflows.com.