Data security and privacy
Who can see my company profile?
Before you publish your company profile, only you can see it. After you publish your company profile, it will be visible to:
- any investors who you choose to share it with
- all funding partner organisations on Floww
Who has access to the data I upload to the platform?
The whole Floww platform is built on a permission-based viewing system, thus we can assure you that you will have full control over what potential investors and funding partners have access to. By default, nobody can see any of the files that you upload unless you grant them access.
If you have any additional questions or concerns around data privacy, you are welcome to schedule a call with a member of our Customer Success team to speak through our policies in greater detail.
Is my data securely encrypted?
Yes, all customer data is encrypted both at rest and in transit (i.e. end-to-end encrypted).
Where is my data stored?
Data is stored securely in the cloud on Floww’s network within Microsoft’s Datacentres. Your data never leaves on Floww’s network and IT infrastructure.
Data permissioning within Floww
Who at Floww has access to my data?
Access to data is permissioned on a ‘need to know’ basis, meaning only those within Floww who need access to the data in order to do their jobs have access. This includes:
- Our Content Team who check and approve companies for the platform and who may advise on the optimal copy for telling your story to investors
- Financial Analysts who standardise company financial documents to our financial statements format
What assurances can you give me that your data processing is robust and my data is not at risk?
We have globally recognised ISO accreditation covering our operational processes around the treatment of your data and are held to the same standards as leading UK financial institutions. All you data remains on Floww’s IT infrastructure at all times.
Does Floww have an Information Security accreditation?
Yes. Floww’s Information Security framework is aligned to ISO27001 and the additional controls associated with ISO27017 (Cloud Security) and ISO27018 (Protection of PII in the Cloud). Floww has been audited by an independent UKAS auditor and has achieved the globally recognized ISO 27001 Certification which is audited annually. A copy of our ISO certificate is available on request.
Yes - it’s available here.
Does Floww have a dedicated Security Team?
Yes, the Head of Security has the overall responsibility for the monitoring, maintenance, and governance of the security of Floww. This is further supported by a wider team of security specialists within the Development and Operations teams.