Privacy Policy

What We Collect

• Account data — name, email, firm name, and authentication records.
• Documents & metadata — files you upload, their names, versions, and folder structure.
• Activity data — audit events (views, downloads, shares) with actor, IP, and timestamp.
• Technical data — IP address and user agent for security and logging.

What We Don't Collect

We do not sell your data, we do not use your documents to train models, and we do not run third-party advertising trackers. Your files are yours.

How We Use It

To operate your vault and client portals, secure your account, maintain the audit trail, provide support, and send the communications described in our Terms of Service.

Retention

Documents and audit records are retained per your firm's retention schedule and any active legal hold, up to ten (10) years by default, then disposed of in a logged manner. You can export or delete data from Settings at any time.

Data Breach Notification

In the event of a breach of security affecting personal information, ResourceFlow Inc.will notify affected individuals and authorities as required by the Minnesota data-breach notification statute, Minn. Stat. § 325E.61, and other applicable law.

Where Your Data Lives

ResourceFlow runs its primary operations from State of Minnesota, using hardened, access-controlled infrastructure. EU sub-processor details are available on request for firms with regional requirements.

Your Rights

Subject to applicable law (including GDPR where relevant), you may request access, correction, deletion, or portability of your personal data. Contact us to exercise these rights.

Contact

ResourceFlow Inc.
IDS Center, 80 South 8th Street, Suite 900
Minneapolis, MN 55402
(612) 314-8870 · support@resourceflow.net