Privacy Policy

1. Who are we?

Whiteflow, Lda. is a Portuguese company with its registered office at Avenida da Liberdade, n.° 110, 1269-046 Lisbon, Portugal, with tax identification number 518726622.

Whiteflow is the data controller responsible for processing personal data collected through the Dome platform, under the General Data Protection Regulation (GDPR) and other applicable data protection legislation.

• Platform: Dome
• Services: Artificial intelligence platform developed to support public sector professionals
• Email: hi@whiteflow.ai

2. What data do we collect about you?

2.1 Data provided through direct interaction

Registration and account information

When you register to use our Services, we may collect the following information:

• Full name
• Email address
• Organization/public entity
• Professional role/position
• Phone number (optional)

Content data

• Documents and files you upload to the platform
• Questions and queries made to the AI
• Information you share through the platform

Integration data

When you authorize connections with external services (Google, Microsoft, etc.), we may access data from these platforms according to the permissions you grant.

Billing data

• Information necessary for payment processing
• Transaction history

Note: We do not store complete credit card data. Payments are processed through certified third-party payment providers (Stripe).

2.2 Data we collect automatically when you use our Services

Device information

• IP address
• Browser type
• Operating system
• Unique device identifiers

Usage data

• Information about how you use the platform
• Queries made
• System interactions
• Access date and time

Clickstream data

• Platform activity
• Features accessed
• Visit duration
• Order in which you accessed content

Cookies and Similar Technologies

We use cookies to manage user sessions, store your language preferences, and provide you with a personalized experience. For more information about the cookies we use, please see our Cookie Policy.

3. Do we collect data from minors?

Dome is not intended for users under 18 years of age and we do not knowingly collect data from minors. If we become aware that a minor has provided us with data, we will immediately delete that information from our systems.

If we become aware that a minor has provided us with data:

• We will immediately cease processing
• We will delete the data within 48 hours
• We will notify parents/guardians (if identifiable)
• We will not use this data for any purpose

4. Why do we process your personal information?

We only use your personal data when permitted by law. Most of the time, we will use your personal data in the following circumstances:

• When we need to perform the contract we are about to enter into or have entered into with you
• Whenever necessary for our legitimate interests in improving our Services
• Whenever we need to comply with legal or regulatory obligations
• When you give us your express consent

4.1 For purposes of providing access and delivering the Services

• We use your name, email, and registration information to identify you as a user and allow access to the platform
• We process your data to provide the Services in accordance with our Terms and Conditions
• We use your email to make suggestions about Services that may interest you

Legal Basis: Contract performance and legitimate interest.

4.2 To improve your experience on the Platform

• We use clickstream data to provide targeted content and improve results
• We analyze how you navigate the platform to understand your interests
• We personalize content based on your activity

Legal Basis: Legitimate interest in improving user experience.

4.3 To provide you with a secure Platform

• We use your login data and unique identifiers to manage and protect the platform
• We prevent fraud and promote security
• We perform data analysis, testing, and system maintenance

Legal Basis: Contract performance and legitimate interest in fraud prevention.

4.4 Artificial Intelligence Processing

Dome uses artificial intelligence technology to provide its services. Regarding the processing of your data by AI:

• Confidentiality: Data processed by AI is treated confidentially and securely
• No model training: Your data is not used to train or improve external AI models
• AI providers: We use third-party AI providers (OpenAI, Anthropic) who are contractually obligated not to retain or use your data for other purposes
• Anonymization: Whenever possible, we apply anonymization techniques before AI processing

Legal Basis: Contract performance and legitimate interest.

4.5 To comply with legal obligations

• Compliance with tax and accounting obligations
• Response to legal proceedings
• Protection of rights and security

Legal Basis: Legal obligation.

5. How will we inform you about changes to our privacy policy?

We may change this privacy policy periodically. We will notify users of any material changes through:

• Email to the registered account
• Publication of the new policy on this page
• Update of the "last updated" date

If you do not agree with the changes, you can close your account through account settings.

6. Your rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Obtain confirmation about which personal data is being processed and access to it
• Right to rectification: Correct inaccurate or incomplete personal data
• Right to erasure: Request deletion of personal data (except when there are legal obligations)
• Right to restriction of processing: Request restriction of processing under certain circumstances
• Right to data portability: Receive data in a structured and commonly used format
• Right to object: Object to data processing in certain situations
• Right to withdraw consent: When processing is based on consent

How to exercise your rights

To exercise any of these rights, contact us at:

Email: hi@whiteflow.ai

We will respond to your request within 30 days.

Complaints

If you believe that the processing of your personal data violates GDPR, you have the right to file a complaint with the National Data Protection Commission (CNPD) — see section 13.

7. Communication and marketing

We will communicate with you by email or application notification to:

• Confirm your registration
• Provide service updates
• Respond to support requests
• Communicate important changes

Marketing: You may receive marketing communications if you:

• Requested such information
• Use our platform
• Have given your consent for this

You can unsubscribe from marketing communications at any time through the link in each email or in account settings.

8. Who do we share your data with?

We do not sell your personal data.

We may share your data with:

8.1 Service Providers

We share data with providers who assist us in delivering the service:

• Cloud hosting services: AWS, Google Cloud
• Payment processors: Stripe
• AI providers: OpenAI, Anthropic
• Analytics and monitoring services

8.2 Integration Partners

When you authorize connections with external services (Google Workspace, Microsoft 365, etc.), according to the permissions you grant.

8.3 Legal Authorities

When required by law or to protect legal rights.

All providers are contractually obligated to protect your data and use it only for agreed purposes.

9. International transfers

Some of our service providers may be located outside the European Economic Area (EEA). In these cases, we ensure that appropriate safeguards exist:

• Standard Contractual Clauses approved by the European Commission
• EU-US Data Privacy Framework certification
• Other appropriate safeguards under GDPR

Data may be processed on servers located in the European Union and the United States, with appropriate safeguards.

10. Where do we store your data and for how long?

The data we collect about you will be stored and processed inside and outside the EEA on secure servers.

Retention Periods

After account closure:

• Your personal data is retained for 30 days (period during which you can request recovery)
• After this period, data is permanently deleted
• Exception: data whose retention is legally required (billing data)

If there is no activity on your account for more than 24 months, we reserve the right to delete your account, with prior notice.

11. Technical and organizational measures and security processing

All information we receive about you is stored on secure servers. We have implemented appropriate technical and organizational measures:

Technical Measures

• Data encryption in transit (TLS 1.3) and at rest (AES-256)
• Strict role-based access controls
• Multi-factor authentication
• Firewalls and intrusion detection systems
• Continuous threat monitoring

Organizational Measures

• Regular security audits
• Security training for employees
• Information security policies
• Incident response procedures

Note: Despite the measures implemented, no system is completely secure. Data transfer over the Internet always carries some risk.

Data Breaches

In case of a security breach that results in risk to your personal data:

• We will notify CNPD within 72 hours
• If the risk is high, we will notify affected data subjects
• We will inform about measures taken and recommended

12. Contacts

For additional information or to exercise your rights, contact:

13. Supervisory authorities

Our Main Supervisory Authority is:

If you believe that the processing of your personal data violates GDPR, you have the right to file a complaint with CNPD.

14. Google User Data and Google API Access

Dome integrates with Google APIs through OAuth 2.0 authentication to enable specific user-facing features. Access to Google user data occurs only after explicit user authorization and is limited to the OAuth scopes granted by the user.

14.1 Google OAuth Scopes Requested

Dome may request access to the following Google permissions:

• openid
• https://www.googleapis.com/auth/userinfo.email
• https://www.googleapis.com/auth/userinfo.profile
• https://www.googleapis.com/auth/calendar
• https://www.googleapis.com/auth/calendar.events
• https://www.googleapis.com/auth/gmail.readonly
• https://www.googleapis.com/auth/gmail.compose
• https://www.googleapis.com/auth/gmail.send
• https://www.googleapis.com/auth/drive.file

Access is granted only after explicit user consent and can be revoked by the user at any time.

14.2 Data Accessed from Google

Depending on the permissions granted, Dome may access the following Google user data:

Identity Data

• User name
• Email address
• Google account unique identifier

Purpose: authentication, account creation, and secure account linking.

Google Calendar Data

• Calendar list (to allow the user to choose the target calendar)
• Calendar events (titles, descriptions, participants, timestamps, and related metadata)

Purpose: scheduling workflows and calendar operations initiated by the user, such as creating, updating, and viewing events.

Gmail Data

• Email metadata (sender, recipients, subject, timestamps)
• Email content (only when the user requests processing of specific messages)

Dome does not continuously monitor or automatically collect Gmail data. Access occurs only when the user explicitly selects or requests processing of specific messages.

• Draft email content created within the platform
• Email sending actions initiated by the user

Purpose: enabling AI-assisted email drafting, user-requested email analysis, and sending emails from within the platform when the user explicitly triggers a send action.

Google Drive Data (drive.file)

• Files explicitly selected by the user via a file picker or similar user-driven selection mechanism
• Files created and uploaded by Dome on the user's behalf (e.g., exports, reports, generated documents)
• File metadata related to those selected/created files (e.g., name, type, size)

Purpose: enabling users to import selected documents for processing and to export or save generated outputs back to Google Drive.

Dome does not access or scan Google Drive files that the user has not explicitly selected or that were not created by the platform on the user's behalf.

Dome does not perform background scanning, indexing, or bulk retrieval of Google Drive content.

14.3 How We Use Google User Data

Google user data is used strictly to provide user-facing features within Dome, including:

• Secure Google authentication
• Calendar scheduling and event management features initiated by the user
• AI-assisted email drafting and user-requested email processing
• Sending emails when the user explicitly triggers the send action
• Importing user-selected Drive files for processing
• Exporting or saving user-requested outputs to Drive

Google user data is not used for:

• Advertising or marketing targeting
• Selling, renting, or trading data
• Data brokerage
• Profiling for unrelated purposes
• Training generalized AI or machine learning models

Processing occurs only in response to explicit user actions within the platform.

Dome does not access, process, or transfer Google user data beyond what is necessary to provide the specific feature requested by the user.

14.4 Data Sharing

We do not sell Google user data.

Google user data may be processed by trusted service providers strictly necessary to deliver the service, including:

• Cloud infrastructure and hosting providers (e.g., AWS, Google Cloud)
• Security, monitoring, and analytics providers (as required for platform reliability and security)
• AI processing providers (e.g., OpenAI, Anthropic) solely to generate outputs requested by the user

All service providers are contractually obligated to:

• Process data only under our instructions
• Maintain confidentiality
• Implement appropriate security measures
• Not use Google user data for independent purposes, including model training

Google user data is never shared for advertising purposes.

14.5 Data Storage and Security

Google user data is protected using industry-standard safeguards, including:

• Encryption in transit (TLS 1.3)
• Encryption at rest (AES-256 or equivalent)
• Strict role-based access controls
• Multi-factor authentication for administrative access
• Continuous monitoring and security reviews

Access to Google user data is limited to authorized personnel necessary to operate and maintain the platform.

14.6 Data Retention and Deletion

Google user data is retained only for as long as necessary to provide the requested functionality.

Unless otherwise required by law:

• Google user data associated with an active account is retained for the duration of the account.
• Upon account closure, Google user data may be retained for up to 30 days to allow account recovery.
• After the recovery period, Google user data is permanently deleted from our active systems.

Users can revoke access at any time through their Google Account permissions. Users may also request deletion of Google-connected data by disconnecting Google integrations within Dome (where available) and/or contacting us at hi@whiteflow.ai. Deletion requests are processed within 30 days.

14.7 Compliance with Google API Services User Data Policy (Limited Use)

Dome's use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• Google user data is used only to provide or improve user-facing features within Dome.
• Google user data is not used for advertising.
• Google user data is not sold.
• Google user data is not transferred to third parties except as necessary to provide the user-requested functionality.
• Google user data is not used to train generalized artificial intelligence or machine learning models.