01 · Summary, in plain language.
IQS Flow is an independent inspection and scoring platform. The short version of this policy is that we collect the data we need to produce a reliable, auditable inspection record, we do not sell it, we do not use it to train general-purpose models, and we do not share it across customer tenants. This page spells out the longer version.
If you are reading this because you are about to sign a master services agreement, the clauses in the MSA govern. This policy is the consumer-facing summary of the same commitments.
02 · What we collect.
We collect three categories of information.
- Account information about the organizations and users who log in to IQS Flow: organization name, user name and role, email address, hashed password, and authentication events (login time, IP address, device fingerprint).
- Operational data generated in the course of inspections: scored rubric items, photo and GPS evidence, timestamps, operator identity, and the configuration of the rubrics themselves. This is the product’s core data.
- Diagnostic data about how the product is used: page views, feature usage, error logs. This is aggregated and used to improve the product; it is not sold and is not linked to operational data in any external system.
03 · Why we collect it.
Operational data exists because the product exists. An inspection score without evidence, timestamp, and operator identity is not a useful score. Account information exists to authenticate the three commercial parties (customer, vendor, inspector) who need to agree that the record is the record. Diagnostic data exists to make the product better; we look at it, we cannot share it, and nobody outside IQS Flow ever sees it at a user-identified level.
04 · What we share, and with whom.
Operational data is shared across the three commercial parties in a contract, scoped by role. Customer users see their inspections; vendor users see the inspections scored against their work; inspector users see the inspections they performed. This cross-sharing is the product; it is not an exception. Data is not shared across customer tenants. A vendor working for two different customers sees two different slices of data, not one combined view.
We use a small number of subprocessors for infrastructure (AWS for hosting, Stripe for billing, Twilio for SMS notifications, Sentry for error logging). A current list of subprocessors is maintained at iqsflow.com/subprocessors and customers are notified by email before any new subprocessor is added.
We respond to lawful requests for data from regulatory or law-enforcement bodies. When we do, we notify the affected customer unless legally prohibited from doing so, and we have a standing policy of requesting the narrowest possible scope on any such request.
05 · Retention.
Inspection records are retained for the life of the customer’s account and for seven years after account termination, which matches the retention expected of facility-quality records under most customer audit regimes. Account and diagnostic data are retained for thirty months. Customers on enterprise contracts may negotiate longer or shorter retention windows.
06 · Your rights.
If you are a user of IQS Flow, you have the right to see the data we hold about you, to correct inaccuracies, and to export your data. If your jurisdiction grants additional rights (GDPR, CCPA, PIPEDA, and similar), those rights apply. Requests are routed through privacy@iqsflow.com and are acknowledged within five business days.
07 · Contact.
Our Data Protection Officer is Marta Halverson, reachable at privacy@iqsflow.com. Mail: IQS Flow, Inc., Attn: DPO, Atlanta, GA.