Back to Home

Privacy Policy

Last updated: June 30, 2026

This Privacy Policy explains what personal and operational data WarshaFlow processes, why it is processed, how it is protected, and how users may request access, correction, deletion, or other privacy support.

1Controller or Operator Identity

WarshaFlow - ورشة فلو operates the platform for account, security, support, billing, and service-administration data. Each workshop is responsible for customer, vehicle, job-card, invoice, inventory, and staff data it enters when it decides why and how that data is used. Privacy requests can be sent to the contact channel below.

2Data We Collect

We process account details, staff profile data, workshop information, customer and vehicle records, job-card notes, invoice and payment records, inventory and purchasing data, uploaded files, audit logs, device/session information, and support communications.

3Purposes of Processing

We use data to provide the service, authenticate users, manage tenant access, run workshop workflows, generate operational records, secure the platform, prevent misuse, support customers, improve reliability, and meet legal or contractual duties.

4Cookies and Analytics

The platform uses essential cookies and similar browser storage for authentication, language preference, security, session continuity, and basic service operation. Optional analytics or marketing tracking is not enabled unless it is added to this notice and configured in the product.

5Processors and Subprocessors

We may use hosting, database, file-storage, email, monitoring, WhatsApp or messaging, payment, and support providers that process data only as needed to deliver, secure, monitor, and support the service. Provider access is limited by role, configuration, contract, or technical control where applicable.

6Hosting and Cross-Border Transfers

Data may be hosted, backed up, or processed outside the workshop's physical location where required for cloud hosting, support, messaging, storage, monitoring, or business continuity. Such transfers are handled only where permitted by applicable law and with safeguards such as access control, encryption in transit, provider controls, and contractual restrictions.

7Retention and Deletion

We retain data only as long as needed for service delivery, security, audit, support, billing, backup, dispute handling, or legal obligations. Workshops may request export or deletion through the support process, subject to lawful retention requirements.

8Security Controls

We use role-based access, tenant isolation, audit logs, encrypted transport, controlled administrative access, backups, and operational monitoring to protect data, while recognizing that no system can be guaranteed completely secure.

9Data Subject Rights

Individuals may request access, correction, deletion, restriction, objection, or other support for their personal data through the contact channel below. Requests may require identity verification and may be coordinated with the workshop that controls the record.

10Incident and Breach Response

If a security incident affects personal data, we will investigate, take reasonable containment steps, and support any required notifications to affected parties or authorities according to applicable law and confirmed operational procedures.

11Children's Data

The service is intended for workshop business use and is not directed to children. Workshops should not enter children's personal data unless it is necessary, lawful, and handled with appropriate guardian or legal authority.

12Policy Changes

We may update this Privacy Policy when the product, providers, processing purposes, or legal requirements change. Material updates should be communicated through the platform, email, or the published support channel.

Privacy Policy - WarshaFlow