LEGAL

Privacy Policy for Flow-Za

Last Updated: May 12, 2026

1. Scope of this Privacy Policy.

This Privacy Policy explains how Ripley Capital Group LLC ("Ripley Capital," "Company," "we," "us," or "our") collects, uses, stores, shares, and otherwise processes personal information when you visit or use Flow-Za and the website located at flowzatrading.com, create an account, subscribe to a plan, contact us, or otherwise interact with our products and services (collectively, the "Services").

If you do not agree with this Privacy Policy, please do not use the Services.

2. The information we collect.

We may collect the following categories of information, depending on how you interact with the Services.

A. Information you provide directly to us.

This may include:

  • your name;
  • email address;
  • username;
  • password or authentication credentials in hashed or otherwise protected form;
  • billing name and billing contact information;
  • company name, business role, and seat-management information for business or enterprise accounts;
  • subscription tier, renewal preferences, and account settings;
  • communications you send to us, including support requests, feedback, and survey responses; and
  • any other information you choose to provide through forms, emails, or account settings.

B. Payment and transaction information.

If you purchase a paid subscription, our third-party payment processors may collect and process payment card, bank, or other payment information on our behalf. We generally receive limited billing and transaction metadata, such as payment status, billing country, subscription dates, invoice information, tax information, card type or brand, and the last four digits of a payment card. Unless we expressly state otherwise at the point of collection, we do not store full payment card numbers on our own systems.

C. Usage, device, and log information.

When you use the Services, we may automatically collect technical and usage information such as:

  • IP address;
  • device identifiers;
  • browser type and version;
  • operating system;
  • referring page or source;
  • pages viewed, features used, and navigation events;
  • timestamps, clickstream data, and session duration;
  • approximate location derived from IP address;
  • crash data, performance data, and diagnostics; and
  • security logs and fraud-prevention signals.

D. Cookies and similar technologies.

We may use cookies, pixels, tags, scripts, local storage, session identifiers, and similar technologies to operate the Services, remember preferences, analyze traffic, secure accounts, measure performance, and, if used, support advertising or remarketing functions.

E. Information from third-party providers and integrations.

We use third-party market-data and related signal-input providers to supply inputs into the Services. Depending on the technical integration, those providers or related service providers may process limited technical information needed to deliver, secure, meter, audit, or troubleshoot licensed access to the Services, such as request metadata, IP address, device or browser metadata, timestamps, account identifiers, or usage logs.

If you are part of a business or enterprise account, your organization or account administrator may provide us with your name, work email address, seat assignment, and related onboarding information.

3. How we use personal information.

We may use personal information to:

  • provide, operate, maintain, and improve the Services;
  • create and administer accounts;
  • authenticate users and keep accounts secure;
  • provide access to subscription-tier features and entitlements;
  • process payments, renewals, invoices, taxes, and related billing functions;
  • send transactional messages, service updates, account notices, and support responses;
  • send newsletters, marketing messages, or promotions where permitted by law and subject to your choices;
  • analyze usage and performance, troubleshoot errors, and improve functionality;
  • detect, investigate, prevent, and address fraud, abuse, security incidents, and violations of our Terms;
  • comply with legal obligations and respond to lawful requests;
  • protect our rights, users, systems, and business;
  • administer business transfers, financings, mergers, or similar transactions; and
  • create aggregated, deidentified, or statistical information that does not reasonably identify you.

The core signal-generation logic of the Services is driven primarily by market and pricing data rather than by personal characteristics you provide to us. We do not use your personal information to provide individualized investment advice.

4. Cookies, analytics, and similar technologies.

We may use the following categories of cookies and similar technologies:

  • Strictly necessary cookies to enable core website functions, account login, session continuity, fraud prevention, and security;
  • Functional cookies to remember settings and improve usability;
  • Analytics or performance cookies to understand traffic, usage patterns, and feature performance; and
  • Advertising or remarketing technologies, if enabled, to measure campaigns or show relevant promotions.

You can usually control cookies through your browser settings and, where available, through our cookie banner or preference center. If you disable certain cookies, some features may not function properly.

Where required by applicable law, we will obtain consent before setting non-essential cookies or similar technologies on your device.

5. Legal bases for processing if EU or UK law applies.

If the EU GDPR or UK GDPR applies to our processing, we may rely on one or more of the following legal bases:

  • performance of a contract with you;
  • our legitimate interests, such as operating, securing, improving, and measuring the Services and preventing fraud;
  • your consent, where required, such as for certain cookies or direct marketing;
  • compliance with legal obligations; and
  • protection of our rights, users, and business.

6. How we disclose information.

We may disclose personal information to the following categories of recipients, as reasonably necessary for the purposes described in this Privacy Policy:

  • payment processors and billing providers;
  • cloud hosting, infrastructure, database, and storage providers;
  • authentication, security, fraud-prevention, and monitoring providers;
  • customer support, communications, email delivery, and CRM providers;
  • analytics and product-improvement providers;
  • market-data vendors, feed providers, and related technical providers;
  • professional advisers such as lawyers, auditors, accountants, and insurers;
  • affiliates and entities involved in a merger, acquisition, financing, or asset transfer;
  • courts, regulators, law enforcement, or government authorities where required by law or where necessary to protect rights or safety; and
  • your employer, fund, firm, or enterprise account administrator, if you use the Services through a business or enterprise account, but generally only with respect to account administration, billing, seat allocation, compliance, and service management.

We do not sell your personal information for money. However, depending on the tools we use, certain analytics, advertising, or cross-context promotional disclosures could be considered a "sale" or "sharing" under some privacy laws. If and when those laws apply, we will provide any legally required notices and opt-out mechanisms.

7. International transfers.

We may process and store personal information in the United States and in other countries where we or our service providers operate. Those countries may have privacy laws that are different from the laws in your place of residence.

Where required by applicable law, we will use an approved transfer mechanism for international data transfers, such as contractual safeguards, adequacy mechanisms, or another lawful transfer basis. If you are located outside the United States, you understand that your information may be transferred to and processed in the United States or other jurisdictions.

8. Data retention.

We retain personal information for as long as reasonably necessary to:

  • provide the Services;
  • maintain your account and subscription;
  • comply with tax, accounting, audit, regulatory, or legal obligations;
  • resolve disputes and enforce agreements;
  • detect and prevent fraud and abuse; and
  • maintain appropriate business and security records.

In general:

  • account information is retained while your account is active and for a reasonable period thereafter;
  • billing, invoice, and tax records may be retained for longer periods as required by law or accounting practice;
  • support communications may be retained for operational, compliance, or dispute-resolution purposes; and
  • security and usage logs may be retained for limited periods appropriate to security, fraud prevention, troubleshooting, and analytics.

We may deidentify certain information and retain deidentified or aggregated information for lawful business purposes.

9. Security.

We use administrative, technical, and organizational safeguards designed to protect personal information. These measures may include access controls, authentication measures, logging, network protections, vendor oversight, and encryption or similar protections in transit and, where appropriate, at rest.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Your rights and choices.

You may have the following rights and choices, depending on where you live and the laws that apply.

A. Account and communication choices.

You may:

  • update certain account information through your account settings;
  • unsubscribe from marketing emails using the link in the message;
  • request access, correction, or deletion by contacting us; and
  • adjust cookie preferences where those controls are made available.

We may still send you transactional, billing, security, and service-related messages even if you opt out of marketing communications.

B. EEA and UK privacy rights.

If the EU GDPR or UK GDPR applies, you may have the right to request:

  • access to your personal information;
  • correction of inaccurate information;
  • deletion of personal information;
  • restriction of processing;
  • objection to processing;
  • data portability; and
  • withdrawal of consent where processing is based on consent.

You may also have the right to lodge a complaint with your local supervisory authority.

C. California privacy rights.

If California law applies to our processing of your personal information, California residents may have the right to request:

  • disclosure of the categories and specific pieces of personal information collected;
  • disclosure of the categories of sources, business purposes, and categories of recipients;
  • deletion of personal information, subject to exceptions;
  • correction of inaccurate personal information;
  • information about sensitive personal information and, where applicable, the right to limit certain uses of it;
  • opt-out of the sale or sharing of personal information, where applicable; and
  • non-discriminatory treatment for exercising privacy rights.

Where required by law and technically recognized, we will also process eligible browser-based preference signals, such as Global Privacy Control, as opt-out signals.

D. Verification and limits.

For security and privacy reasons, we may need to verify your identity before completing a rights request. We may deny or limit a request where permitted by law, including where an exception applies or where we cannot adequately verify the request.

11. Children's privacy.

The Services are not directed to children, and we do not knowingly collect personal information from children under 13. We also do not intend the Services for minors under 18. If you believe a child has provided us with personal information in violation of this Policy, please contact us so we can investigate and, where appropriate, delete the information.

12. Third-party websites and services.

The Services may link to or rely on third-party websites, integrations, or services. We are not responsible for the privacy practices of third parties, and this Privacy Policy does not apply to them. We encourage you to review the privacy policies of those third parties.

13. Changes to this Privacy Policy.

We may update this Privacy Policy from time to time. When we do, we will post the revised version and update the "Last updated" date. If required by law, we will provide additional notice or obtain consent for material changes.

14. Contact us.

If you have questions about this Privacy Policy or want to submit a privacy request, contact us at:

Ripley Capital Group LLC
Attn: Privacy
3723 Derran Ln, Orlando, FL 32814
ripleycapitalgroup@gmail.com

This page is provided for general informational purposes and does not constitute legal advice. Flow-Za may update this page from time to time.