SeerFlow

Privacy Policy

Last updated: 26 June 2026

SeerFlow (“SeerFlow”, “we”, “us”) provides a cash-flow and business-intelligence dashboard for direct-to-consumer (D2C) brands. We read commerce, logistics, and payment data from the platforms a brand connects (such as Shopify, Razorpay, and Shiprocket) to compute cash position, payout timing, return (RTO) risk, and reconciliation insights. This policy explains what we collect, how we use it, who we share it with, and the choices you have. We do not sell personal data.

1. Who this policy applies to

This policy applies to (a) the brands and their authorised users who sign in to and use SeerFlow (“Customers”), and (b) the end-customers of those brands whose order and shipment information is processed by SeerFlow on the brand’s behalf. For end-customer data, the connected brand is the data controller and SeerFlow acts as a data processor.

2. Information we collect

Account information. When you create a SeerFlow account, our authentication provider (Clerk) collects your name and email address, and a password if you choose email/password sign-in. We do not store your password; it is managed by Clerk in hashed form.

Connected platform data. When you connect a provider, we access data through that provider’s API using read-only permissions. Depending on the provider this includes:

  • Shopify — orders, products, and fulfilments (scopes: read_orders, read_products, read_fulfilments). Order records may contain protected customer data such as order value, line items, payment method, fulfilment status, and the delivery pincode.
  • Razorpay — settlements, payouts, and fee data.
  • Shiprocket — shipments, delivery status, and remittance timing.

Usage and device data. We collect basic operational logs (e.g. request timestamps, error events) to keep the service reliable and secure.

We request the minimum data needed to provide the service. We do not request or use end-customer names, emails, or phone numbers for marketing.

3. How we use information

  • Compute cash position, expected inflows/outflows, and cash-flow forecasts.
  • Score return-to-origin (RTO) and delivery risk, and detect financial anomalies.
  • Reconcile orders, settlements, and payouts.
  • Send operational notifications you enable (e.g. a daily summary by email or WhatsApp).
  • Maintain the security, reliability, and integrity of the service.

We use connected-platform data solely to provide these analytics to the brand it belongs to. We never use it for advertising or marketing, and we never sell it.

4. Protected customer data (Shopify)

SeerFlow accesses Shopify protected customer data only as required to deliver cash-flow and risk analytics to the merchant. We follow Shopify’s Protected Customer Data requirements: we apply data minimisation (read-only, only the fields we need), encrypt data in transit and at rest, restrict access to authorised personnel, honour data-subject deletion requests, and retain data only as long as the merchant’s account is active. We never modify a merchant’s store data — access is read-only.

5. How we share information

We share data only with sub-processors that help us run the service, each under contractual confidentiality and security obligations:

  • Infrastructure & database — cloud hosting and a managed PostgreSQL database for storing normalised analytics data.
  • Authentication — Clerk, for sign-in and account management.
  • Communications — an email provider (Resend) and a WhatsApp Business provider (Interakt) for notifications you enable.
  • Payments — Razorpay, for SeerFlow subscription billing.
  • AI providers — to generate written explanations of already-computed figures. We send only the computed summary values needed for the explanation, never raw customer records.

We may also disclose information if required by law, or to protect the rights, safety, or security of SeerFlow, our Customers, or the public. We do not sell personal data and we do not share it for third-party advertising.

6. Data security

We encrypt data in transit using TLS and at rest in our managed database. Provider credentials (API keys and access tokens) are stored encrypted. Access is governed by role-based access control, and each brand’s data is isolated per tenant. We follow least-privilege practices and maintain audit records of data imports and deliveries.

7. Data retention & deletion

We retain connected-platform data only while the relevant provider is connected and the brand’s account is active. When you disconnect a provider, delete your account, or request deletion, we delete the associated data (and honour end-customer deletion requests forwarded by the brand), subject to any limited retention required by law. Uninstalling the SeerFlow app from Shopify revokes our access and triggers deletion of the associated store data.

8. Your rights

Depending on your jurisdiction (including India’s DPDP Act and the EU/UK GDPR), you may have rights to access, correct, export, or delete your personal data, and to withdraw consent. To exercise these rights, contact us at support@seerflow.in. End-customers of a connected brand should direct requests to that brand; we will assist the brand in fulfilling them.

9. International transfers

We and our sub-processors may process data in countries other than where you are located. Where we transfer personal data across borders, we rely on appropriate safeguards and apply the protections described in this policy.

10. Cookies

The SeerFlow application uses only essential cookies required for authentication and session management. We do not use advertising or cross-site tracking cookies.

11. Children

SeerFlow is a business tool not directed to individuals under 18, and we do not knowingly collect their personal data.

12. Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date above and, for material changes, provide notice through the service.

13. Contact us

For any privacy questions or requests, contact us at support@seerflow.in.

© 2026 SeerFlow. This policy is provided for transparency and does not constitute legal advice.