Your data is safe with us
Enterprise-grade security built in from day one. We protect your accounts, encrypt your data, and never share your information.
Last updated: May 12, 2026 · [email protected]
CASA Tier 2 Certified by TAC Security
SmartFlowPros completed a CASA Tier 2 assessment with TAC Security.
No vulnerabilities were identified in the assessment.
Verified through TAC Security's Enterprise Security in One Framework (ESOF).
Security at a Glance
Encryption in Transit
TLS encryption protects all data between your browser and our service. Every connection is secured with industry-standard protocols.
Encryption at Rest
Sensitive credentials and secrets are encrypted when stored. Your email tokens and API keys are never stored in plain text.
Account Protection
Authenticated areas, session security, CSRF protection, and least-privilege access patterns keep your account safe.
Monitoring & Logging
Operational monitoring and security-relevant logging help us detect abuse and troubleshoot incidents quickly.
Abuse Prevention
Rate limits and automated safeguards reduce suspicious traffic and prevent misuse of the platform.
Incident Response
In the event of a security incident affecting your data, we notify affected users as required by applicable law.
Privacy at a Glance
SmartFlowPros is built with industry security best practices in mind. We are GDPR compliant as a data processor for customer account and campaign data.
- Cookie preferences: accept/reject optional analytics/marketing cookies at any time
- Data rights: export your data and submit deletion requests
- We do not sell personal information
GDPR Compliance
SmartFlowPros processes customer account and campaign data on behalf of our customers (processor role). Customers determine the purposes and means of recipient outreach (controller role), including lawful basis, notices, and consent where required.
Access & Export
Logged-in users can export their data at any time from the account settings.
Deletion
Users can request account deletion, subject to legal exceptions. We process requests promptly.
Privacy Requests
Submit privacy requests in-app or via email at [email protected].
Google Integration Security
SmartFlowPros complies with the Google API Services User Data Policy, including the Limited Use requirements, for all Google user data accessed through our integration.
Minimal Data Access
We request only the Gmail scopes necessary for email sending and reply detection. Inbox data is accessed solely to identify replies to your campaigns.
Encrypted Token Storage
OAuth access and refresh tokens are encrypted at rest. Tokens are never stored in browser cookies or exposed to client-side code.
90-Day Retention
Gmail-derived reply data is automatically purged after 90 days. Disconnect your Google account at any time to immediately delete all stored data.
No Secondary Use
Google data is never used for advertising, sold to third parties, or used to train AI models. See our Privacy Policy for full details.
Your Controls
Cookie Preferences
Use "Cookie Preferences" in the footer to change your choices at any time.
Account Settings
Manage privacy and data controls in your account settings once logged in.
Contact Us
Have a privacy or security question? Send it through our secure contact form and the right team will get back to you.
This page is informational and does not constitute legal advice.