TestFlowHub

Privacy Policy

Last updated: June 11, 2026

1. Data Controller

The data controller is TestFlowHub S.r.l. ("TestFlowHub", "we"), based in Italy. For any privacy-related request: privacy@testflowhub.io.

2. Data We Collect

We collect the following data depending on the service used:

  • Registration data: first name, last name, work email, role, team size.
  • Usage data: pages visited, features used, test execution logs (anonymous or pseudonymised).
  • Technical data: IP address, browser, operating system, technical cookies.
  • Uploaded content: documents, test cases, execution screenshots, project configurations.

3. Purposes of Processing

  • Delivery of the TestFlowHub service (test management, automation, AI knowledge).
  • Account management, authentication and access control.
  • Technical support and customer assistance.
  • Platform improvement through anonymised aggregate analysis.
  • Compliance with legal and fiscal obligations.
  • Service communications (not for promotional purposes without explicit consent).

4. Legal Basis

  • Contractual performance (Art. 6.1.b GDPR): to provide the subscribed service.
  • Legitimate interest (Art. 6.1.f GDPR): for security, fraud prevention and product improvement.
  • Legal obligation (Art. 6.1.c GDPR): for fiscal and regulatory compliance.
  • Consent (Art. 6.1.a GDPR): for marketing communications, where applicable.

5. Data Retention

Data is retained only as long as necessary for the stated purposes:

  • Account data: for the duration of the contract and up to 12 months after termination.
  • Technical logs: up to 90 days unless legal obligations apply.
  • Billing data: 10 years for fiscal obligations.

6. Data Sharing

We do not sell personal data to third parties. Data may be shared with:

  • Technical sub-processors (hosting, email, monitoring) bound by GDPR-compliant DPAs.
  • Paddle, Merchant of Record for payments, VAT and invoicing. Paddle processes payment data under its own Privacy Policy.
  • LLM providers selected by the user within the AI Knowledge feature (configurable).
  • Competent authorities when required by law.

7. International Transfers

Data is processed primarily in Europe (EU/EEA). Any transfers outside the EU occur exclusively to countries with an adequacy decision or via Standard Contractual Clauses (SCC) approved by the European Commission.

8. Your Rights

Under the GDPR you have the right to:

  • Access, rectification and erasure of your data.
  • Restriction of and objection to processing.
  • Data portability in a structured, readable format.
  • Withdrawal of consent at any time.
  • Lodge a complaint with the relevant data protection authority.

To exercise your rights: privacy@testflowhub.io.

9. Cookies

We use only technical cookies necessary for the service and anonymous analytics cookies (Plausible Analytics, without collecting personally identifiable data). We do not use profiling or third-party advertising cookies.

10. Changes

We reserve the right to update this Policy. In case of material changes, registered users will be notified by email. The updated version will always be available at this address.