At flowit, protecting your data and using Artificial Intelligence responsibly are top priorities. Here's an overview of our key features, when to use them, and why they matter. π
π Data Protection Policies
We strictly comply with the General Data Protection Regulation (GDPR) and adhere to even stricter European standards.
To ensure system security:
Regular penetration tests are conducted by external security experts.
β
βOur last tests showed excellent results, validating our high security standards.
β
π Data Transmission and Storage
All data transfers are encrypted using ssL/TLS.
β
βData is stored on ISO-certified servers in Germany (Hetzner Cloud).
β
β
ποΈ Data Retention
We retain data for 5 years as legally required.
β
βDeletions are logged for accountability.
β
π‘οΈ Security Features
GDPR-compliant architecture.
β
βRole-based access control for data access.
β
βOptional Single Sign-On (ssO) and Multi-Factor Authentication (MFA).
β
βAI analysis is performed only on anonymized data.
β
βAnnual penetration tests with external providers ensure system safety.
β
β
π Why it matters: These features help you control who accesses your data while offering strong protective layers.
π ISO Certification
We are currently in the certification process and aim to achieve ISO 27001 and ISO 42001 certifications.
βοΈ Hosting Partners
flowit: Data stored in ISO-certified German data centers (Hetzner Cloud).
β
βmonday.com: Hosted on Amazon Web Services (AWS) and Google Cloud Platform, both with industry-leading physical security measures.
β
π€ AI Use in flowit
Our AI approach is human-centered and ethical.
AI supports users by analyzing data, making suggestions, and stimulating active thinking β but never makes autonomous decisions.
β
βAnalyses are based exclusively on anonymized data.
β
βTexts are clustered into themes to preserve anonymity.
β
βIn teams smaller than 6, no individual statements are shown; instead, aggregation happens at a higher team level.
β
β
β¨ Why it's useful: It promotes deeper thinking while preserving confidentiality.
π Who Has Access to Data?
Access is limited and always purpose-driven:
Project team: For collaboration and project success.
β
βCustomer Success Team: To ensure smooth processes, even during staff absences.
β
βProduct Team: For debugging, technical evaluations, and product development.
β
All access is strictly governed by our privacy policies.
π§ Which AI Systems Are Used?
flowit uses custom-developed systems enhanced by psychological prompt engineering.
Models include OpenAI and other AI solutions.
β
βSelection is based on:
β
βCost
β
βSpeed
β
βPerformance in flowit-specific metrics
β
π What Data is Processed?
Only anonymized text data and scale responses from surveys and reviews are used.
β
βNo additional personal information (e.g., role, age) is transmitted.
β
βData is not used for AI training.
β
βInputs are deleted after processing.
β
β
π Good to know: Users can opt out of using AI features entirely (though single responses canβt currently be excluded).
β Data Training & Retention in AI Systems
Input from reviews and surveys is not used to train AI systems.
β
βAI systems do not retain inputs; once processing is complete, all inputs are deleted.
β
π§ͺ Quality Control & Bias Prevention
To ensure fair and accurate results, flowit employs several measures:
Input is sample-checked for quality and anonymity before processing.
β
βOutput is reviewed for relevance, accuracy, and potential bias.
β
βMulti-layered, psychology-based prompts minimize distortions.
β
βSystematic human quality checks validate results.
β
β
π― Why it matters: You get reliable, ethical, and well-calibrated insights β always.
π Updates & Maintenance
Maintenance
Maintenance work is performed outside of business hours.
β
βIt usually has no relevance for customers and typically goes unnoticed.
β
β
Updates
Major platform updates or new features are announced via newsletter or Messenger.
β
βSmaller changes are summarized and presented once a month in the newsletter.