Privacy Policy

Last updated: 22 May 2026

Who we are

Flowrad ("we", "us", "our") is operated by Flowradai Technologies (OPC) Private Limited, a One Person Company incorporated in India. This policy explains what personal data we collect when you use the Flowrad service via WhatsApp, the Flowrad Canvas web app, or our marketing site at flowrad.ai.

What we collect

• Account details — your name, email address, WhatsApp phone number, reporting style preferences.
• Reports — the text of dictations you send and the reports we generate from them, along with any extracted patient identifiers contained in your dictation.
• Usage data — timestamps, credit balance, payment history, error events. Used for billing, support, and product improvement.
• Voice notes — audio files are processed in-memory for transcription. We do not retain audio after transcription completes.

How we use it

• To generate and deliver radiology reports back to you.
• To remember your reporting style so future reports look the way you write yours.
• To bill you accurately and provide receipts.
• To respond to support requests.
• To monitor for errors and improve reliability. We never train AI models on your data.

Who we share it with

We share the minimum necessary data with the following processors:

• Cloud infrastructure — Railway (US), MongoDB Atlas (EU/US region of your account), for application hosting and storage.
• AI provider — the third-party AI engine that transcribes audio and generates reports. They process the data under contractual confidentiality and do not retain it for training purposes.
• Messaging — WhatsApp / Meta Cloud API, for inbound and outbound WhatsApp messages.
• Email — Resend, for delivering your reports to your inbox.
• Payments — Razorpay, for processing subscription and top-up payments. Razorpay receives only the information necessary to process a payment (your name, email, amount).
• Error monitoring — Sentry, for tracking and resolving application errors. Personally identifiable strings are scrubbed before being sent.

Patient data

Patient identifiers (names, MRNs, dates of birth) appear in your dictations. They are stored alongside the corresponding report on your account, accessible only to you and authorised staff you grant access to via Report Access Mode. We treat this data with care and never expose it to other Flowrad users.

You are the data controller for patient data passing through Flowrad. You are responsible for having appropriate consent and legal basis to process it under applicable law (e.g. India's DPDP Act, UK GDPR).

Your rights

You can:

• Access any data we hold about you.
• Correct or delete your account data.
• Export your report history.
• Withdraw consent and close your account at any time.

Email support@flowrad.ai to exercise any of these rights.

Retention

We retain reports and account data for as long as your account is active. On closure, your data is deleted within 30 days, except where retention is required by law.

Changes

We may update this policy. Material changes will be announced in-app and via email. Continued use after the update means you accept the revised policy.

Contact

Questions? support@flowrad.ai