Security and Privacy

How we handle security and your data

We take your privacy incredibly seriously. We always take a privacy-first approach. This document details the steps we take to ensure the security of the information we collect and store, and our policies on how to delete information upon request.

Open Source

Superflow is Open Source. This means you can fully vet the source code and assess whether it meets your secuirty and privacy standards. You can find the code on our GitHub repository.

If you deal with particularly sensitive data, our Open Source structure also lets your self-host. Please contact or if you require assistance setting this up.

We do not share your data with other parties, and never sell your data.

Personal data we collect

Superflows connects to your API to generate responses to user queries. We store information provided through your API Specification and any configuration choices you make to run your AI assistant.

Superflows accepts both sign in through Google and the creation of logins through an email and password combination.

How we use personal data

Overall, we use your data in the following ways:

  • To provide the core service by accessing your API and storing your AI assistant configuration.
  • To send administrative information, such as any changes to terms of service.
  • We store anonymous metadata on product usage to improve the service. We use PostHog for this analytics function.
  • To respond to inquires, comments, feedback or questions.

We use OpenAI for the AI-enabled features - generating replies to user requests based on your API specification. Under OpenAI’s policy, the data we send is not used for training future models. You can read about this policy here.

We do not share your data with other parties, and never sell your data.

Marketing and feedback

We may contact you with product updates or to ask for your feedback on Superflows. This may take the form of us emailing you from our personal work addresses or in surveys. If you wish to opt-out of us directly contacting you for feedback, you can do so by emailing us at the addresses at the end of this document.

You may opt out of receiving marketing & product update emails by following the instructions contained in each promotional email we send you or by contacting us.

Know, access and delete your information

Our data policies are compliant with GDPR. This means you are able to know, access and delete your data at any time. To do so, just contact us at the email addresses at the end of this document.

Contact Us

If you have any further concerns or requirements, please do not hesitate to contact us at or