Privacy & Cookie Policy

Jump to Cookie-Policy >>

Privacy Policy

Effective Date: 10/10/2025

1. Introduction

This Privacy Policy describes how HighestFlow, operated by Nikolett Gados, located in Tarpon Springs, FL 34688, USA, collects, uses, and protects your personal information.

HighestFlow is committed to safeguarding your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable U.S. privacy laws (including the California Consumer Privacy Act – CCPA).

If you have any questions or privacy-related requests, please contact us at info@highestflow.com.

2. Information We Collect

We collect personal information that you voluntarily provide when registering for an account, subscribing to our newsletter, or submitting forms on our website. This may include:

• Full name
• Email address
• Phone number
• Organization or company name
• Stated interest or inquiry
• Preferred contact method

Registration is available through email, Facebook, or Google login.

We may also collect limited technical information automatically, such as browser type, device, and IP address, through cookies and analytics tools (see Section 8).

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), we process your personal data based on one or more of the following legal grounds:

• Consent: You have given clear consent (e.g., subscribing to our newsletter).
• Contractual necessity: Processing is required to provide the services you requested.
• Legitimate interest: To improve our services, maintain security, and analyze usage (balanced against your privacy rights).
• Legal obligation: When required by law or to comply with lawful requests.

4. Purposes of Data Collection

Your data is collected and processed for the following purposes:

• To create and manage your account
• To communicate with you regarding services, purchases, or inquiries
• To deliver newsletters and marketing updates (only with consent)
• To improve our website, services, and customer experience through analytics
• To manage billing, subscriptions, and payments
• To provide customer support and respond to requests

5. Use and Sharing of Data

We do not sell, rent, or trade personal information. Data may be shared only with trusted third parties necessary for our operations:

• CRM and email service providers – for newsletter delivery and account communication
• Google Analytics – for usage and performance tracking
• Stripe – for secure payment processing (including Google Pay and Apple Pay)

These partners are GDPR- and CCPA-compliant and process data under strict confidentiality and security obligations.

6. International Data Transfers

As we are based in the United States, your data may be transferred and stored outside the EEA or UK. When such transfers occur, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission, or
• Data processing agreements ensuring equivalent protection of your privacy rights.

7. Data Storage and Retention

All data is securely stored within encrypted CRM and CMS systems protected by two-factor authentication.

Retention periods are as follows:

• Inactive accounts: 2 years
• Pending or failed orders: 7 days
• Cancelled orders: 90 days
• Refunded or completed orders: 1 year
• Ended subscriptions: 1 year
• Stripe transaction data: 1 year

After these periods, data is permanently deleted or anonymized.

8. Cookies and Analytics

We use Google Analytics to analyze traffic and user behavior. Cookies are small files stored on your device to improve your browsing experience.

You can manage or disable cookies at any time through your browser settings. If you are in the EEA, you will be asked for consent before non-essential cookies are activated.

Google Analytics / Google Privacy Policy: https://policies.google.com/privacy

Stripe Privacy Policy: https://stripe.com/privacy

9. Your Rights Under GDPR

If you are in the EEA or UK, you have the following rights regarding your personal data:

• Access: Request a copy of your data.
• Rectification: Correct inaccurate or incomplete information.
• Erasure (“Right to be Forgotten”): Request deletion of your data.
• Restriction: Limit the processing of your data.
• Data portability: Receive your data in a machine-readable format.
• Objection: Object to processing based on legitimate interests or direct marketing.
• Withdraw consent: Revoke consent at any time (e.g., unsubscribe from emails).

To exercise these rights, email info@highestflow.com. Requests are verified and processed within 30 days.

If you believe your data protection rights have been violated, you may also file a complaint with your local data protection authority.

10. CCPA Rights (for California Residents)

California residents have the right to:

• Know what personal data is collected and how it is used
• Request deletion of personal data
• Opt out of the sale or sharing of data (we do not sell personal data)
• Request a copy of their personal information

Requests can be made by contacting info@highestflow.com.

11. Security Measures

We use secure encrypted connections (HTTPS), password protection, two-factor authentication, and data minimization to protect your information from unauthorized access or misuse.

12. Privacy Policy Updates

This Privacy Policy may be updated periodically to reflect changes in legal, operational, or technical requirements. Updates will be posted on our website with a new Effective Date, and significant changes will be communicated via email or user accounts.

Cookie Policy

Last updated: 10/10/2025

This Cookie Policy explains how HighestFlow (“we,” “us,” or “our”) uses cookies and similar tracking technologies on our website https://highestflow.com (“Website”). It describes what cookies are, how we use them, and how you can control them.

For details on how we handle personal data, please read our Privacy Policy.

1. What Are Cookies

Cookies are small text files placed on your device (computer, tablet, or phone) when you visit a website. They help us:

• Recognize your device and preferences
• Improve site functionality and performance
• Analyze traffic and user behavior
• Provide personalized content and ads (only if you consent)

Some cookies are temporary (“session cookies”) and are deleted when you close your browser. Others remain longer (“persistent cookies”) to remember your preferences for future visits.

2. How We Use Cookies

We use cookies and similar technologies for the following purposes:

Essential Cookies

These cookies are necessary for the website to function properly. They enable core features such as page navigation, account login, and secure transactions.
Without them, the site cannot operate correctly.

Performance and Analytics Cookies

These cookies help us understand how visitors use our site (for example, which pages are most popular or how long users stay).
We use this data to improve functionality, design, and user experience.

• Service used: Google Analytics
• Provider: Google LLC
• Data collected: IP address (anonymized), device, browser type, pages visited, session duration
• Retention: Up to 14 months
• More info: Google Privacy Policy

Functional Cookies

These cookies remember your preferences, such as language choice or login status, to make your experience smoother and more personalized.

Marketing and Advertising Cookies

These cookies track user behavior to show relevant ads and measure ad performance. We use them only with your explicit consent.
They may be set by third-party services we use for analytics, newsletters, or social media integration.

Payment and Security Cookies

These are used to enable secure payment processing and fraud prevention.

• Service used: Stripe Payments
• Provider: Stripe, Inc.
• More info: Stripe Privacy Policy

3. Third-Party Cookies

Some cookies are placed by third-party providers that help us operate and improve the site.
Third-party cookies may also be used for integrated services like embedded videos, social sharing, or secure payments.
All third parties are contractually required to comply with GDPR, CCPA, and other applicable privacy laws.

4. Managing Your Cookie Preferences

When you first visit our site, a cookie banner appears. You can:

• Accept all cookies
• Reject non-essential cookies
• Customize preferences

You can also change or withdraw your consent at any time by reopening the cookie settings on our site or clearing cookies from your browser.

If you disable cookies, some parts of the website may not function as intended.

5. How to Control Cookies in Your Browser

You can delete or block cookies through your browser settings. Each browser provides different controls:

• Google Chrome
• Mozilla Firefox
• Apple Safari
• Microsoft Edge

For mobile browsers, check your device’s privacy or security settings.

6. Legal Basis for Using Cookies (GDPR)

Under the EU General Data Protection Regulation (GDPR), we rely on:

• Consent for analytics, marketing, and non-essential cookies
• Legitimate interest for strictly necessary cookies that ensure basic website functionality

You may withdraw your consent at any time.

7. International Data Transfers

Your cookie-related data may be processed in countries outside the EEA (such as the United States).
We ensure adequate safeguards through Standard Contractual Clauses (SCCs) or equivalent legal mechanisms to protect your data.

8. Updates to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in technology, law, or our business practices.
All updates will be posted on this page with a new “Last updated” date.

9. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

HighestFlow
Email: info@highestflow.com
Location: Tarpon Springs, FL 34688, USA