Privacy policy

How PaceFlo handles your data.

This policy covers paceflo.com— the website, waitlist, contact form, and design-partner applications. Data inside PaceFlo workspaces is governed separately by your organization's Data Processing Agreement and the product's own terms.

Effective July 11, 2026 · Questions: contact us
The whole policy in five lines
  • We collect what you submit through our forms, plus standard technical logs and cookieless usage analytics.
  • We use it to reply to you, manage the waitlist and design-partner program, and send occasional updates about PaceFlo — you can unsubscribe from updates at any time.
  • No advertising, no selling or renting data, no tracking pixels from ad networks.
  • A small number of service providers process data on our behalf, under contract and only on our instructions.
  • You can ask what we hold about you, and ask us to correct, export, or delete it.

1 · What we collect, and why

Waitlist: your email address. Used to send your invitation when access opens in your wave, and occasional updates about PaceFlo while you wait. Every update includes an unsubscribe link — opting out of updates does not remove you from the waitlist.

Contact form:your name, email, chosen topic, and message. Used solely to read and answer you. Messages go to the founder's inbox; the topic helps sort them.

Design-partner applications: the fields on the application — name, work email, role, company, team size, and your answers. Used to evaluate fit for the program and to run it if you join.

Technical basics: our hosting provider processes IP addresses and request logs to serve the site and to rate-limit abuse (including spam protection on our forms). We do not build profiles from this.

Analytics: we collect usage data about how visitors use our pages and how customers use the product, to understand and improve them. Our analytics runs cookieless: it stores nothing on your device and does not identify you across visits or across sites. See section 6.

What we don't do:no advertising cookies, no third-party ad trackers, no purchase of data about you from brokers, no "enrichment" of your email into a marketing profile.

2 · Legal bases (for EEA/UK visitors)

Where the GDPR applies: we process waitlist and application data on the basis of consent (you gave it to us for a stated purpose, and can withdraw it — including from updates, at any time); contact messages, analytics, and abuse prevention on the basis of legitimate interest(answering people who write to us; understanding and improving the site and product; keeping the forms usable). We don't process special-category data, and our forms don't ask for any — please don't include it in messages.

3 · Who processes data on our behalf

We use a small number of third-party service providers to operate the website and deliver email. They fall into these categories: website hosting and content delivery, database and storage, transactional email delivery, analytics, and — inside the product only, never on website form data — AI processing. Each processes data solely on our instructions, under data-processing terms. We do not share your data with any other third parties, and we do not sell it.

Data is primarily processed in the United States. For EEA/UK visitors, international transfers rely on Standard Contractual Clauses or equivalent safeguards. Customers can request information about the subprocessors relevant to their workspace as part of the Data Processing Agreement.

4 · How long we keep things

Waitlist emails:until you're invited and onboarded, or until you ask off the list — then deleted.

Contact messages: kept in the inbox like normal correspondence; deleted on request.

Applications: for as long as needed to evaluate applications and run the design-partner program.

Request logs: retained briefly by our hosting provider per their standard cycle.

5 · Your rights

Regardless of where you live, you can ask us what we hold about you, and ask us to correct it, export it, or delete it — via the contact form. We respond within 30 days. EEA/UK visitors additionally have the right to withdraw consent at any time and to lodge a complaint with their supervisory authority. California residents: we do not sell or share personal information as the CCPA/CPRA defines those terms — there is nothing to opt out of, but the request rights above are yours too.

6 · Cookies

The website uses only cookies that are required for it to function — for example, security on form submissions. Our analytics (section 1) operates without cookies and stores nothing on your device. Because we set no non-essential cookies, no cookie consent banner is required. We do not use advertising cookies or cross-site tracking.

7 · Children

The website and product are for working teams and not directed at children under 16. We don't knowingly collect their data; if you believe a child has submitted a form, tell us and we'll delete it.

8 · Data inside PaceFlo workspaces

When your team uses the product, your organization is the controller of workspace content and PaceFlo processes it under a Data Processing Agreement. The DPA governs security measures, subprocessors, retention and deletion, and how AI features process workspace content. Product-specific terms accompany the product itself; see also our Security page.

9 · Changes

We may update this policy from time to time. Material changes will be reflected in the effective date at the top, and where a change meaningfully affects data you have already provided, we will notify you directly.