← Back to MigrateFlow

Privacy Policy

Last updated: March 2026

1. Who we are

MigrateFlow is operated by Ember and Oak Web Design. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our service.

2. Data we collect

We collect information that you provide directly and data generated by your use of the service:

  • Account data: Email address, and any other details you give when signing up or managing your account.
  • Payment data: Payments are processed by our payment provider (e.g. Paddle). We do not store your full card details. We may receive and store identifiers such as subscription or transaction IDs for access control and support.
  • Usage data: How you use MigrateFlow (e.g. pages visited, actions taken) may be collected for analytics and improving the service.
  • Saved configurations: If you choose to save site configurations (e.g. Webflow Site IDs, API tokens), these are stored in your account and used only to perform migrations you request.

3. How we use your data

We use your data to:

  • Provide, operate, and maintain MigrateFlow.
  • Authenticate you and manage your account and access.
  • Process payments and enforce subscription or licence terms.
  • Respond to support requests and communicate with you about the service.
  • Improve the product (e.g. analytics, debugging) and send relevant product updates where permitted.
  • Comply with legal obligations and protect our rights.

4. Legal basis (where applicable)

Where required by law (e.g. GDPR), we process your data on the basis of: performance of a contract (providing the service), your consent where we ask for it, and our legitimate interests (e.g. security, analytics, improving the product) where they are not overridden by your rights.

5. Third-party services

We use third-party services that may process your data:

  • Supabase: Authentication and account/data storage. Their privacy policy applies to their processing.
  • Paddle (or other payment provider): Payment processing. Their terms and privacy policy apply to payment-related data.
  • Google Analytics (or similar): Usage analytics. Data may be collected via cookies or similar technologies in accordance with our cookie practices.

We do not sell your personal data to third parties.

6. Data retention

We retain your account and usage data for as long as your account is active and as needed to provide the service, resolve disputes, and comply with legal obligations. Saved site configurations are stored until you delete them or close your account. We may retain anonymised or aggregated data for longer.

7. Security

We use appropriate technical and organisational measures to protect your data (e.g. encryption, access controls). No system is completely secure; you provide sensitive credentials (e.g. API tokens) at your own risk and we recommend using read-only or limited-scope tokens where possible.

8. Your rights

Depending on your location, you may have the right to: access your data, correct it, request deletion, restrict or object to certain processing, data portability, and to withdraw consent. You may also have the right to lodge a complaint with a supervisory authority. To exercise these rights, contact us at the email below.

9. International transfers

Your data may be processed in countries outside your residence. Where we transfer data from the EEA or UK, we ensure appropriate safeguards (e.g. standard contractual clauses) are in place as required by law.

10. Changes

We may update this Privacy Policy from time to time. The "Last updated" date at the top will change when we do. Continued use of MigrateFlow after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or to exercise your rights, contact us at:

Ember and Oak Web Design
Email: hello@emberandoakdesign.com

© 2026 Ember and Oak Web Design. All rights reserved.