Privacy policy

Last updated: 01.12.2025

This Privacy Policy explains how JoinFlow processes personal data when you visit our website or use our services.

JoinFlow is operated by moniq e.U., an Austrian business entity. moniq e.U. acts as the data controller for personal data processed in connection with the JoinFlow website and JoinFlow service operations.

We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Austrian data protection laws.

1. Data controller

The controller responsible for data processing related to JoinFlow is:

moniq e.U.
Austria
Email: hallo@moniq.at

JoinFlow is a service provided and operated by moniq e.U.

2. Data we collect

2.1 Data you provide

  • Name
  • Email address
  • Profile details (if applicable)
  • Uploaded content (posts, comments, files, messages) where applicable
  • Billing information (handled by third-party payment processors)
  • Support requests and communication

2.2 Automatically collected data

  • IP address
  • Browser and device information
  • Usage data (e.g., pages visited, timestamps, interactions)
  • Cookies (depending on user consent and configuration)

2.3 Third-party software (WordPress, FluentCommunity and other plugins)

JoinFlow uses WordPress and third-party plugins, including FluentCommunity, to enable community functionality.

moniq e.U. is not the developer of these plugins. Plugins may process technical data required for platform operation (e.g., session data, configuration data, logs) depending on your setup.

Each third-party tool operates under its own privacy policy.

3. Purpose of processing

We process personal data to:

  • operate the JoinFlow website and services
  • authenticate users and manage access (where applicable)
  • provide onboarding, implementation and setup support
  • process payments and issue invoices via payment providers
  • ensure security, prevent abuse and maintain service reliability
  • respond to inquiries and support requests
  • comply with legal obligations

Service-specific data roles

JoinFlow provides technical implementation and hosting services for community platforms.

Where JoinFlow clients operate their own community platforms, those clients typically act as the data controllers for personal data processed within their communities (e.g., member accounts, content, messages). In such cases, JoinFlow generally acts as a data processor for hosting, maintenance and technical support purposes.

4. Legal basis (GDPR)

  • Art. 6(1)(b) – Contract performance (providing the service)
  • Art. 6(1)(a) – Consent (cookies, marketing emails if applicable)
  • Art. 6(1)(f) – Legitimate interests (security, fraud prevention, service improvement)
  • Art. 6(1)(c) – Legal obligations (tax, accounting, compliance)

Onboarding and setup communication

We may contact you after registration or purchase to configure and deliver your service.

Legal basis: Art. 6(1)(b) GDPR – necessary to deliver the service.

This is not marketing communication.

5. Cookies

Cookies may be used for:

  • login sessions
  • security
  • analytics (where enabled and consented)
  • performance

Use of cookie consent tool (CookieYes)

To manage cookie preferences and support GDPR/ePrivacy compliance, we use CookieYes. This tool records user consent choices, manages cookie categories, and can block non-essential cookies until consent is given. CookieYes may store technical data such as consent logs and anonymized identifiers as required for compliance.

6. Data sharing

We do not sell personal data.

We may share data with trusted service providers where necessary to deliver and operate JoinFlow, such as:

  • Hosting providers
  • WordPress plugin providers (including FluentCommunity) where applicable
  • Payment processors (e.g., Stripe)
  • Email delivery services
  • Support tools
  • Analytics services (if enabled and consented)

Service providers act under appropriate data processing agreements where required and apply GDPR-compliant safeguards.

7. Data retention

We store personal data only as long as necessary for the purposes described above, including:

  • Account data: until account deletion or end of service relationship (where applicable)
  • Billing and invoice data: 7 years (required by Austrian tax law)
  • Support-related messages: up to 12 months (unless required longer for documentation)
  • Backups: stored for limited retention cycles

8. Your GDPR rights

You have the right to:

  • access your data
  • request correction
  • request deletion (where applicable)
  • restrict processing
  • withdraw consent (where processing is based on consent)
  • request data portability
  • file a complaint with the Austrian Data Protection Authority

9. International data transfers

Some providers may process data outside the EU/EEA. Where applicable, transfers are protected via appropriate safeguards such as:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Other GDPR-compliant safeguards

10. Security

We take technical and organizational measures to protect personal data, including:

  • encrypted connections (HTTPS)
  • secure hosting environments
  • access controls and limited administrative access
  • regular updates and monitoring

No system is 100% secure, but we follow industry best practices to reduce risk.

11. Payment processing

Payments are processed by third-party providers (e.g., Stripe). We do not store credit card information.

Invoices and payment confirmations are issued via the payment provider and/or our accounting processes.

12. Changes to this privacy policy

We may update this Privacy Policy occasionally. Updates will be published on this page with a revised “Last updated” date.

Contact

For privacy-related inquiries regarding JoinFlow, please contact:

JoinFlow
operated by moniq e.U.
Austria
Email: hallo@moniq.at