Privacy policy
Last Updated: 11 october 2025
Our promise to you
We believe in being straightforward about how we use your information. No complicated legal jargon or hidden surprises — just a clear explanation of what we collect and why.
What we collect
We process information to create your account, make high‑quality matches, and support the experience. This includes:
- Profile details you provide: name, email, company, role/seniority, industry, bio, interests, goals, LinkedIn URL, profile image, onboarding answers.
- Usage and security data: IP address (for rate limiting and abuse prevention), device and browser information (for diagnostics), request metadata, and basic page views on marketing pages (only after you consent to analytics).
- Matching and feedback: match status, meeting times, Google event IDs/Meet links, and post‑meeting feedback.
- Email lifecycle: delivery/open events and unsubscribe state reported by our email provider, used to respect your marketing choices.
How we use your information
Your data is only used to make matches. Full stop.
- Create and manage your Flynt account
- Connect you with professionals who share your interests and goals
- Let you know about important Flynt updates
- Make our matching even better over time
If you've opted in to marketing: we'll occasionally send you updates about new features and opportunities. You can opt out anytime with a single click.
Our legal bases
- Contract: to provide the service you signed up for, including account, matching, scheduling and feedback.
- Legitimate interests: to protect the service (e.g. IP‑based rate limiting), keep audit trails for admin actions, and run diagnostics.
- Consent: for analytics on marketing pages; for marketing emails; and when you choose to share contact details with your match.
Keeping your data safe
We use industry‑standard security measures to protect your information. While no online service is 100% secure, we're committed to keeping your data as safe as possible.
Your rights
- See what information we have about you
- Update anything that's not accurate
- Ask us to delete your information
- Opt out of marketing emails whenever you want
You may also request data portability and object to processing where applicable. To exercise your rights, contact hello@flynt-connect.com.
Email communications
We send account and service emails, and marketing updates if you’ve opted in. Our provider is SendGrid. We include an open‑tracking pixel in some emails to measure deliverability; link/click tracking is disabled. You can unsubscribe at any time using the link in our emails, including one‑click unsubscribe.
Scheduling and video meetings
When you confirm availability, we create a Google Calendar event in our meetings calendar and add you and your match as attendees. Google receives event details (summary, time and attendee emails) and generates a Google Meet link. We store the event ID and Meet link to power reminders and status updates.
Public data and enrichment
We may enrich company information from public sources such as Wikipedia or a company website to improve context in the admin experience. This does not involve personal data about you.
Uploads and link previews
When you upload a profile image, it’s stored in Supabase Storage and served via a public URL. If you change your image, we delete the previous file. If you enter a link (for example, LinkedIn), we may fetch that page server‑side to read Open Graph metadata for a preview — we do not store the page contents and we apply SSRF safeguards.
Security measures
- Session cookies are HttpOnly, SameSite=Lax and Secure where supported.
- Rate limiting by IP to prevent abuse.
- Basic request sanitisation, including removal of tracking query parameters from URLs.
- Admin activity logging for privileged actions.
Automated decisions and profiling
We use simple rules and heuristics based on your profile to suggest monthly matches. This does not produce legal or similarly significant effects, and there is always human oversight of the experience.
International transfers
Your data may be processed in the UK, EU and US by our processors (Supabase, Google, SendGrid, hosting/CDN). Where required, we rely on appropriate safeguards such as Standard Contractual Clauses.
How long we keep your data
- Account and profile: retained whilst your account is active; deleted upon request.
- Session cookies: access token ~1 hour; refresh token 7 days or cleared on logout.
- Calendar metadata (event IDs/links): retained whilst the match remains relevant or until you request deletion.
- Email suppression/unsubscribe records: retained to honour your choice.
- IP‑based rate limit state: ephemeral and window‑based.
Children
Flynt is not directed at individuals under 16 (or local equivalent). We do not knowingly collect such data.
Do Not Track
We honour your cookie consent choices for analytics. We do not currently change behaviour based solely on Do Not Track or Global Privacy Control signals.
Changes to this policy and re‑consent
As Flynt evolves, we may update this policy. When changes affect consent scopes, we will prompt you to review and re‑consent. We’ll email you about significant updates.
Questions?
If you have any questions about how we handle your data, we'd love to hear from you. Just drop us a line at: hello@flynt-connect.com.
Note: As Flynt is currently in development, this Privacy Policy may be updated as our service evolves. We'll let you know about any significant changes via email.
Ready to join Flynt?
We're just getting started, and we'd love to have you along for the ride. By joining our waitlist, you'll be one of the first to experience a new way of connecting professionally.
See what’s new on our product updates blog.