At FLOvate, we are committed to respecting your privacy. This Privacy Policy explains how we collect, use and disclose personal information that we receive when you visit this website, use our services, or communicate with us, both on this website and offline as a customer or potential customer.

It is important that you read this Privacy Policy so that you are fully aware of how and why we are using your data.

As used in this Privacy Policy, “FLOvate”, “FLOvate LEAP”, “we” and “us” refer to FLOvate Solutions Limited while the “websites” refer to FLOvate websites (including,,,, any related URLs and subdomains of the domain).

The “services” and “applications” refer to FLOvate LEAP low code applications and services in whatever format they may be offered now or in the future.



FLOvate Solutions Limited is the controller and responsible for the operation of the website. FLOvate is registered as a data controller with the Information Commissioner’s Office under data protection registration number ZA536305.



If you have any questions about our Privacy Policy or your information, or to exercise any of your rights as described in this Privacy Policy or under data protection laws, you can contact us as follows:

FLOvate Solutions Limited

Privacy Manager

IP City Centre

1 Bath Street

Ipswich IP2 8SD

By email:



FLOvate adheres to the following principles when processing your personal information as data controller:

  1. Lawfulness, fairness and transparency: data must be processed lawfully, fairly and in a transparent manner.
  2. Purpose limitation: data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  3. Data minimisation: data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  4. Accuracy: data must be accurate and, where necessary, kept up to date.
  5. Storage limitation: data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal information are processed.
  6. Integrity and confidentiality: data must be processed in a manner that ensures appropriate security of the personal information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.



Information you give us

You may provide us with information through the website, the platform, other software, applications and services provided by us, by email, over the phone or otherwise communicate or be in contact with us, when:

  • you request additional information about our business or ask us to contact you;
  • we provide our services to you and/or enter into transactions with you;
  • you use the FLOvate LEAP platform;
  • you make an enquiry on our website; or
  • you send any other information about you to us.

The categories of personal information you provide may include:

  • first and last name;
  • job title and company name;
  • address;
  • phone number;
  • email address; and
  • billing details such as credit card type and billing address. FLOvate does not have access to or store your credit card number or bank account details.

We do not generally seek to collect sensitive personal information through our website or as part of our business transactions. Sensitive personal information is information relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; health; sex life, sexual orientation; or genetic or biometric information. If we do collect sensitive personal information, we will ask for your explicit consent to our proposed use of that information at the time of collection.

Information we collect from you

FLOvate collects, stores and uses information about your visits to the website and platform, and about your computer, tablet, mobile or other device through which you access the website and/or platform. This includes the following information:

  • technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, preferred language, activities, operating system and platform, and geographical location; and
  • information about your visits and use of the website, including the full Uniform Resource Locators (URL), clickstream to, through and from our website, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), date and time pages are accessed, and website navigation and search terms used.

Aggregated Data

We may also collect, use and share “Aggregated Data” such as statistical or demographic data for any purpose. For example, we may use Aggregated Data to publish report on trends in the usage of our applications and services. Aggregated Data could be derived from your personal information but is not considered personal information as this data will not directly or indirectly reveal your identity.


This website and the FLOvate platform is not intended for or directed at children under the age of 16 years and we do not knowingly collect information relating to children under this age.



As a data controller, FLOvate will only use your personal information if we have a legal basis for doing so. The purpose for which we use and process your information and the legal basis on which we carry out each type of processing is explained in the table below.

Purposes for which we will process the information

Legal Basis for the processing

To enable you to access and use our website and FLOvate LEAP platform and to allow us to supply applications and services to you.

Such processing is necessary for our legitimate interests in providing a service to our customers.

To carry out our obligations arising from any contracts entered into with you.

It is necessary for us to process your personal information in this way in order to enter into a contract with you and to fulfil our contractual obligations to you.

To send you promotional materials and other materials that may be of interest to you, including information about FLOvate, our services or applications or general promotions.

It is necessary for our legitimate interests to develop our applications and services and grow our business. To ensure we offer an efficient service, we consider this use to be proportionate and will not be prejudicial or detrimental to you. We aim for these communications to always be informative, relevant and infrequent.  You can unsubscribe or opt-out from receiving these communications at any time by clicking the “unsubscribe” link in the email.

To provide you with information and materials that you request from us.

It is in our legitimate interests to respond to your queries and provide any information and materials requested in order to generate and develop business.


  • manage payments, fees and charges and collect and recover money owed to us;
  • communicate about billing issues; or
  • enforce any contracts entered into with you.

It is in our legitimate interests to process your personal information in this way in order to perform or enforce our contract with you.

To send you information regarding changes to our policies, other terms and other administrative information such as reminders, technical notices, updates and security alerts.

It is in our legitimate interests to ensure that any changes to our policies, terms and other such technical updates are communicated to you.


  • administer our website and platform including resolving technical issues, troubleshooting, data analysis, testing, research, statistical and survey purposes; and
  • improve our website to ensure that content is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access the website.

For both these categories, it is in our legitimate interests to continually monitor and improve our services and your experience of the website and to ensure network security.

To help create and maintain a trusted and safe environment on the website and platform by, among other things, detection and prevention of fraud and other harmful activity, conducting investigations and risk assessments, verifying any identifications provided by you, and conducting checks against databases and information source for fraud detection and prevention, risk assessment and harm prevention purposes.

It is in our legitimate interests to carry out such checks to ensure prevention against fraud and other harmful activity and that our website and platform is safe and secure.

Generally, we do not rely on consent as a legal basis for processing your personal information although we may need your consent before sending direct marketing communications to you via email or text message where you are not an existing customer.  Where you provide consent, you can withdraw your consent at any time and free of charge, but without affecting the lawfulness of processing based on consent before its withdrawal. You can update your details or change your privacy preferences by contacting us as provided in the Contacting Us section above.



The GDPR (General Data Protection Regulation), the UK / European data protection law, as well as other data privacy laws, differentiate between the “data controller” and the “data processor”. The customer is the controller of Customer Data while FLOvate is the processor of Customer Data and the Controller of Other Information.

When providing services to our customers, we may be acting as their data processor which means we will be processing your personal information for and on behalf of our customers.

In particular, we may:

  • host customer data uploaded on our (or our appointed third party providers’) servers as part of providing a hosted solution for our customers. Such customer data are the content and information added to the platform or our other applications and may include personal information relating to you;
  • provide support services to, or resolve technical issues for, our customers. As a result, we may incidentally have access to customer data; or
  • carry out instructions on behalf of our customers to help them comply with the GDPR.

Although FLOvate owns the code, databases, and all rights to the FLOvate application and services, our customer retains all rights to their data.

In the above and any related circumstances, the relevant customer will be the data controller of your personal information and FLOvate will be the data processor. We encourage you to request and read the privacy policies of our customers to find out more about how they process your personal information.



FLOvate will not sell, rent, lease or otherwise share your personal information other than as outlined in this Privacy Policy or without obtaining your consent beforehand.

We will share your personal information with any member of the FLOvate group of companies insofar as reasonably necessary for the purposes set out in this policy.

Personal information will also be shared with our third party service providers and business partners who assist with the running of the platform and website and the operation of our business including third party hosting providers and payment processors. Our third party service providers and business partners are subject to security and confidentiality obligations and are only permitted to process your personal information for specified purposes and in accordance with our instructions.

In addition, FLOvate may disclose information about you:

  • to our professional advisers including lawyers, auditors and insurers;
  • in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
  • if all or substantially all of FLOvate Solutions Limited’s assets (or the assets of one of the other companies in the FLOvate group) are acquired by a third party, in which case personal information held by it about you will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation. We will use commercially reasonable efforts to notify you where this is the case, to the extent permitted by law;
  • if necessary to protect the vital interests of a person; or
  • to enforce or apply our contracts or to establish, exercise or defend the rights of FLOvate, its staff or other related persons.

FLOvate uses a trusted third party provider to look after your credit card and bank account information. No sensitive payment details are stored by us directly. We do not have access to your credit card or bank account information.



Where we collect personal information from you, it may be necessary for us to transfer your personal information outside of the UK or the European Economic Area (“EEA”) to our service providers and business partners located outside the UK or the EEA.

Where personal information is transferred to and stored in a country not determined by the UK or the European Commission as providing adequate levels of protection for personal, we take steps to provide appropriate safeguards to protect your personal information, including entering into standard contractual clauses approved by the UK or the European Commission, obliging recipients to protect your personal information.

If you would like further information on the specific mechanism used by us when transferring your personal information outside of the UK or the EEA, please contact us using the details set out in the Contacting Us section above.



FLOvate implements various measures to ensure that data are protected against unauthorised access, use and destruction.

Data are only accessible to authorised people and for the purpose of better customer service and nothing else.

We implement high standards security strategies to protect your data such as firewalls network protection, encryption and anonymisation of personal data and IP restrictions.



We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.




You have the right to access information which we hold about you (“data subject access request”).

You may also have the right to receive personal information which you have provided to us in a structured and commonly used format so that it can be transferred to another data controller (“data portability”). The right to data portability only applies where your personal information is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. Please keep us informed if your personal information changes during your relationship with us.



Direct marketing

You have the right to object at any time to our processing of your personal information for direct marketing purposes.

Where we process your information based on our legitimate interests

You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.



You also have the following rights under data protection laws to request that we rectify your personal information which is inaccurate or incomplete.

In certain circumstances, you have the right to:

  • request the erasure of your personal information: this enables you to ask us to delete or remove personal information where there is no good reason for us to continuing to process it (“right to be forgotten”); and
  • restrict the processing of your personal information.

Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.

For example, we may refuse a request for erasure of personal information where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims. We may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive.



You can exercise any of your rights as described in this Privacy Policy and under data protection laws by contacting us as provided in the Contacting Us section above.

Save as described in this Privacy Policy or provided under data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.

Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.



In order to improve the website, we may use small files commonly known as “cookies”. A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (your “device”) from the website and is stored on your device’s browser or hard drive.

By continuing to browse the website, you are agreeing to our use of cookies.

If you do not want us to use cookies when you use the website, you can set your internet browser not to accept cookies. However, if you block cookies some of the features on the website may not function as a result.

You can find more information about how to manage cookies for all the commonly used internet browsers by visiting This website will also explain how you can delete cookies which are already stored on your device.

We ask for your consent to place cookies on your device, except where these are essential for us to provide you with a service that you have requested.

We currently use cookies for the following purposes of use:

Purpose of Use



If you’re signed in to FLOvate, cookies help us show you the right information and personalise your experience.


We use cookies to enable and support our security features, and to help us detect malicious activity.

Preferences, features and services

Cookies can tell us which language you prefer and what your communications preferences are. They can help you fill out forms on more easily. They also provide you with features, insights, and customised content in conjunction with our plugins.

Performance, analytics and research

Cookies help us learn how well our site and plugins perform. We also use cookies to understand, improve, and research products, features, and services, including when you access from other websites, applications, or devices such as your work computer or your mobile device.


The website may, from time to time, contain links to and from the websites of our business partners, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and FLOvate does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.



If you have any questions or concerns regarding our Privacy Policy or practices, please contact us. You also have the right to complain to the Information Commissioner’s Office ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.



FLOvate reserves the right to change this Privacy Policy from time to time. Any changes will be posted on the website with an updated revision date. If we make any material changes to this Privacy Policy, we will notify you by email or by means of a prominent notice on the website prior to the change becoming effective.