Get Started
Book a Demo
Sign In

Privacy Policy

Last updated: February 2026

SAS FlowLabs places particular importance on the protection of personal data and respect for privacy. This Privacy Policy explains how personal data is collected, used, and protected when using the Psyflow platform.

1. Data Controller

The data controller is:

SAS FlowLabs
Publisher of the Psyflow platform
Email: contact@flowlabs-solutions.com

Psyflow is a digital platform designed for healthcare professionals, particularly psychologists.

2. Data Collected

When using Psyflow, the following categories of data may be collected:

Identification data

  • First name

  • Last name

  • Email address

Professional data

  • Profession

  • Specialty

  • ADELI or RPPS number (when applicable)

Technical and connection data

  • IP address

  • Login information

  • Technical logs

  • Security-related information

Service-related data

Data strictly necessary for the proper functioning of the platform.

Psyflow is designed for healthcare professionals. Patient data entered by users within the application remains under the sole responsibility of the practitioner, who acts as the data controller for such information.

3. Legal Basis for Processing

The processing of personal data is based on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Performance of a contract (access and use of the Psyflow platform)

  • Compliance with legal obligations

  • Legitimate interests (security, fraud prevention, service improvement)

4. Purpose of Data Processing

Personal data is collected for the following purposes:

  • Creating and managing user accounts

  • Providing access to Psyflow features

  • Ensuring platform security

  • Preventing unauthorized access

  • Providing technical support

  • Communicating important service updates

  • Complying with applicable legal and regulatory obligations

5. Health Data and Hosting

The Psyflow platform may process health-related data when used by healthcare professionals.

Such data is hosted in France by Celeonet, a provider certified for Health Data Hosting Certification (HDS) in accordance with French regulatory requirements.

This hosting infrastructure ensures a high level of security for sensitive healthcare information.

6. Website Hosting

The Psyflow marketing website is hosted by Hostinger on servers located within the European Union.

The website does not collect or process health data.

7. Data Retention

Personal data is retained only for the duration strictly necessary for the purposes described in this policy, unless a longer retention period is required by law.

Inactive user accounts may be deleted after a defined period of inactivity.

8. Data Recipients

Personal data is never sold, rented, or used for advertising purposes.

Data may only be accessed by technical service providers necessary for the operation of the platform, such as:

  • Hosting providers

  • Security services

  • Technical maintenance providers

All such providers are contractually bound to comply with GDPR requirements and confidentiality obligations.

9. International Data Transfers

Psyflow primarily hosts and processes data within the European Union.

If certain technical services require international data transfers, appropriate safeguards will be implemented in accordance with GDPR requirements.

10. Security Measures

SAS FlowLabs implements appropriate technical and organizational measures to ensure the security of personal data, including:

  • Encryption of sensitive data

  • Secure authentication mechanisms

  • Access monitoring and logging

  • Protection against unauthorized access

  • Regular data backups

  • Infrastructure security controls

11. Artificial Intelligence

Some Psyflow features may include AI-assisted tools designed to support clinical work.

These tools:

  • Assist with structuring clinical reflection

  • Do not replace professional clinical judgment

  • Do not use patient data for external model training

Healthcare professionals remain fully responsible for their clinical decisions.

12. User Rights

Under the GDPR, users have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

Requests can be sent to:

contact@flowlabs-solutions.com

Users also have the right to lodge a complaint with their national data protection authority.

13. Cookies

The Psyflow website may use cookies strictly necessary for the functioning of the website and basic analytics.

Users can manage cookie preferences through their browser settings.

14. Policy Updates

This Privacy Policy may be updated to reflect legal, regulatory, or technical changes.

The latest update date will always be displayed at the top of this page.