1. Who We Are
Deskflo ("we", "our", "us") is a client portal platform for Indian freelancers, operated by its founder and sole proprietor based in Biswanath Chariali, Assam, India. Our platform is accessible at deskflo.in, dashboard.deskflo.in, and client.deskflo.in.
For any privacy-related questions, contact us at team.deskflo@gmail.com.
2. What We Collect
We collect the minimum data necessary to operate the platform effectively.
Account data (freelancers)
- Name and email address (provided during signup)
- Password (stored as a hashed value via Supabase Auth — never readable)
- Profile information such as logo and brand colour (optional)
Business data (created by you)
- Client names and contact details you add to the platform
- Project names, descriptions, deadlines, and budgets
- Files you upload for client delivery
- Invoice details including amounts and descriptions
Client portal data (your clients' interactions)
- IP address at the time of file approval
- Browser and device information (user agent string)
- Timestamp of every approval action
Waitlist data
- Name, phone number, email address, and freelance role (collected via our waitlist form)
Usage and technical data
- Pages visited and features used (via Google Analytics, anonymised where possible)
- Error and crash reports
- Session data for authentication
Payment data
Subscription payments are processed by Razorpay. Deskflo never stores your card, UPI ID, or any payment credentials. All payment data is governed by Razorpay's privacy policy.
3. How We Use Your Data
- To create and manage your Deskflo account
- To operate the dashboard, client portal, and all platform features
- To help you generate and manage invoices within the platform
- To process your subscription payment via Razorpay
- To log client approvals with timestamp and IP as legal evidence
- To notify you about waitlist status and launch updates
- To detect and fix bugs and crashes
- To understand how the platform is used and improve it
We do not sell your data. We do not run ads. We do not share your data with third parties for marketing purposes — ever.
4. Data Sharing — Our Third-Party Services
We use the following trusted services to operate Deskflo. Each service only receives the data necessary to perform its function.
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Database, file storage, authentication | All platform data |
| Vercel | Hosting and CDN | Request logs |
| Razorpay | Subscription billing | Name, email, payment info |
| Google Sheets / Apps Script | Waitlist storage | Name, phone, email, role |
| Google Analytics | Product analytics | Anonymised usage events |
No other third parties have access to your data. We will never sell, rent, or trade your information.
5. Client Data — Your Responsibility
When you add clients to Deskflo, you are the data controller for their information. Deskflo processes that data on your behalf as a data processor.
This means:
- You are responsible for having a legal basis to store your clients' information on a third-party platform
- You should inform your clients that their approval actions (IP address, timestamp) are logged
- Approval logs are retained for up to 3 years to serve as legal evidence if needed
Client approval links are publicly accessible without login — this is intentional and core to how Deskflo works. The client dashboard (full project view) requires a login token.
6. Data Retention
- Your account data is retained until you delete your account
- Project, file, and client data is retained while your account is active
- Approval logs (IP, timestamp) are retained for 3 years for legal purposes
- Waitlist data is retained until launch communications are complete or you request deletion
- After account deletion, all data is removed within 30 days, except where legal retention requirements apply
7. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your account and associated data
- Export your data before closing your account (on request)
To exercise any of these rights, email us at team.deskflo@gmail.com. We will respond within 7 business days.
8. Cookies
Deskflo uses essential cookies required for the platform to function, plus analytics cookies to understand site usage:
- Authentication session cookies (to keep you logged in)
- Client portal session tokens (to identify which freelancer's portal a client is viewing)
- Google Analytics cookies (to understand site traffic and usage patterns)
We do not use advertising cookies or third-party marketing pixels. Essential cookies cannot be opted out of as they are required for the service to work.
9. Security
- All data is encrypted in transit via HTTPS/TLS
- Database access is protected by Row-Level Security (RLS) via Supabase — freelancers can only access their own data
- Passwords are never stored in plain text
- File storage is access-controlled — files are not publicly browsable
While we take reasonable steps to protect your data, no system is completely immune to breaches. If a breach occurs that affects your data, we will notify you by email within 72 hours of becoming aware of it.
10. Minors
Deskflo is intended for users who are 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has registered an account, please contact us at team.deskflo@gmail.com and we will remove the account promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email at least 7 days before the changes take effect. Continued use of Deskflo after that date constitutes acceptance of the updated policy.
The current version will always be available at deskflo.in/privacy.html.
12. Contact Us
For any privacy-related questions, data requests, or concerns:
- Email: team.deskflo@gmail.com
- Platform: deskflo.in
- Jurisdiction: Biswanath Chariali, Assam, India