← Back to Home
Flossi, Inc. ("Flossi," "we," "us," or "our") operates the Flossi platform — a brand deal CRM, invoicing, and financial management tool for content creators — available at flossi.app (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information.
By using the Service, you agree to the collection and use of information as described in this policy.
When you connect your Gmail account, Flossi accesses your inbox using Google's OAuth 2.0 protocol. We request two permissions: gmail.readonly and gmail.send. Our use of Gmail data is limited strictly to the purposes described below and complies with Google's Limited Use requirements.
Read access (gmail.readonly): We scan your inbox solely to identify incoming brand collaboration emails and extract structured deal terms — such as brand name, rate, deliverables, and payment schedule — for display in your dashboard. We do not read personal emails, newsletters, or other non-business correspondence. We do not store raw email content. Only extracted structured fields (e.g., "Brand: Nike, Rate: $5,000, Due: June 30") are stored in your account.
Send access (gmail.send): We send invoices and follow-up emails to brand partners on your behalf, using your Gmail address as the sender. You review and approve the content of every email before it is sent. We never send emails automatically without your explicit approval for each message.
You can revoke Gmail access at any time from Settings → Connections within the app, or from your Google Account settings at myaccount.google.com. Revoking access immediately stops all Gmail-related features.
Flossi does not use Gmail data to serve advertising. We do not share Gmail data with third parties except as described in Section 5 (AI Processing and Third-Party Processors).
We collect information about how you use the Service — including pages visited, features used, clicks, and session duration — via PostHog analytics. This data is used to improve the product and understand feature usage. It does not include the content of your deals or emails.
When you subscribe to a paid plan, payment is processed by Stripe, Inc. Flossi does not store your credit card number or payment credentials. Stripe's Privacy Policy governs the handling of your payment information.
We may collect standard technical data such as browser type, operating system, IP address, and referring URL to operate and secure the Service.
Flossi uses Anthropic's Claude AI models to:
Email content processed by AI is sent to Anthropic's API for inference and is subject to Anthropic's Privacy Policy. Anthropic does not train models on API inputs by default. AI-extracted data may contain errors — all extracted information is presented for your review and can be corrected before being saved.
We do not sell your personal information. We share data only with the following service providers, each bound by data processing agreements to use your data solely to provide services to Flossi:
| Provider | Purpose |
|---|---|
| Supabase | Database, authentication, and file storage |
| Anthropic | AI processing — email classification, term extraction, email drafting |
| Stripe | Subscription payment processing |
| Resend | Transactional email delivery |
| Inngest | Background job and workflow processing |
| PostHog | Product analytics |
| Vercel | Application hosting |
| Cloudflare | Website hosting and CDN |
| Formspree | Waitlist email collection |
We may also disclose your information if required by law, court order, or to protect the rights, property, or safety of Flossi, our users, or the public.
If you are a California resident, you have the right to:
To exercise your rights, contact us at [email protected]. We will respond within 45 days.
Regardless of location, you may at any time: access your data from within the app, correct inaccurate data, disconnect Gmail, or request account deletion by contacting us.
We implement industry-standard security measures including TLS encryption in transit, encryption at rest, and row-level database security ensuring users can only access their own data. However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
The Service is currently in beta. Security, availability, and data integrity may not meet the standards of a fully production-hardened service. We recommend maintaining your own records of critical financial and deal information during the beta period.
The Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on the Service. The updated policy will be effective upon posting. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.
If you have questions or concerns about this Privacy Policy or our data practices, please contact us:
Flossi, Inc.
Email: [email protected]