Flynn Privacy Policy

App Identification, Data Controller & Contact

• Data Controller
  OUREA IT Services S.à R.L.
• App Name
  Flynn
• Company Address
  4A rue Pletzer, L-8080 Bertrange
• Contact
  privacy@ourea.lu
• Effective Date
  April 1, 2026

Information Collection, Use & Legal Basis

Flynn collects two types of information: Account Data (PII) and automatically collected Log Data.

A · Account Data (Personally Identifiable Information)

When you create an account, Flynn collects the following personally identifiable information (PII) to provide the account-based services:

• Contact / Identification Data: Username, Email Address.
• Security Data: Hashed password (we do not store your plain-text password).

B · Automatically Collected Data (Log Data)

When you use Flynn, whether or not you have an account, we automatically collect certain information ("Log Data"):

• Device Information: Your device's IP address (used only for approximate location and then immediately anonymized), device name, operating system version, and device type.
• Usage Data: The time and date of your use of the App, the features you interact with, and crash/error reports.
• Unique Identifiers: Anonymized unique device identifiers for analytics purposes.

Data Retention & Transfers

A · Log Data Retention Period

We retain non-personal Log Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, typically 90 days for analytical and debugging purposes. After this period, the data is permanently deleted or further anonymized.

B · Data Transfers (Non-EU Users)

As we use global third-party service providers (such as Google), your data may be transferred to, and processed in, countries outside of the European Economic Area (EEA), including the United States. We ensure these transfers are compliant with the GDPR by relying on appropriate safeguards, such as Standard Contractual Clauses (SCCs) or relying on the third-party provider's adherence to relevant data protection frameworks.

C · Account Termination and PII Deletion

When you terminate your Flynn account (by deletion through the App or by contacting us), the following process applies:

1. Immediate Deactivation — your account is immediately deactivated, and your data is no longer actively processed for service provision.
2. Grace Period Retention (90 days) — your Account Data is retained in a restricted state to allow for potential account recovery.
3. Permanent Deletion — after the 90-day grace period, your Account Data is permanently and irrevocably deleted from our live databases and backup systems.
4. Log Data — any Log Data associated with your account will be immediately disassociated and retained only for the period defined in 3.A, after which it is anonymized or deleted.

We only retain data beyond this period if strictly required by law (e.g., tax records) or necessary for the establishment, exercise, or defense of legal claims.

Third-Party Service Providers

Flynn uses third-party services that collect, monitor, and analyze Log Data to facilitate the App and provide necessary services (like analytics or crash reporting).

Your Data Protection Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

To exercise any of these rights, contact us using the information in Section 1. We will respond within one month.

Children's Privacy

Flynn is not directed to anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.