Welcome to Thread Flow. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application ("App") and related software-as-a-service (SaaS) operational platform. We are committed to ensuring your privacy and ensuring compliance with Google Play Store guidelines.

1. Data Collection & Infrastructure

Thread Flow operates as a boutique operational platform. To provide our services efficiently, we collect and process specific transactional and operational data inputs provided by boutique owners, operators, and their customers.

Data Collected:

Boutique Operational Data: Customer names, phone numbers, customer addresses, gender, custom measurement profiles, and cloth descriptions.
Workflow & Transactional Data: Order statuses (received, cutting, stitching, trial, ready, delivered), tracking identifiers (e.g., TF-A7B3K9), and invoice tracking variables (total amounts, advance paid, payment statuses).
Media Assets: Fabric reference images securely captured or uploaded via the application.
Account Profiles: Boutique operator and worker profile data, including display names, emails, and role-based identifiers.

Infrastructure & Security:

All collected data is securely transmitted and stored on Google Firebase/Firestore cloud servers. We enforce strict HTTPS data-in-transit security protocols to ensure that all boutique operational data remains encrypted and safe from unauthorized interception.

2. Background Device Permissions & SMS Usage

To streamline boutique operations, Thread Flow utilizes the device's native background capabilities to automate customer communications.

The SEND_SMS Utility:

Thread Flow strictly requires and utilizes the SEND_SMS background device permission.

Direct & Transactional: Our background SMS service engine explicitly sends direct, transactional SMS notifications (such as tracking parameters, payment receipts, order ready alerts, and delivery confirmations) directly from the boutique owner’s local device SIM card. These are triggered exclusively by the boutique owner's actions and operational workflows.
Privacy Assurance: No SMS logs, message contents, or customer contact records are ever sold, processed, or transferred to third-party data handlers. Thread Flow does not open the native SMS application but silently executes the dispatch in the background purely as an operational utility.

3. Account Termination & Data Deletion

We believe in full control over your data. Both boutique operators (owners) and their authorized workers retain full rights to manage and terminate their profiles.

Native Deletion Flow: Users can permanently delete their profiles natively via the App's Settings Dashboard.
Data Deactivation: Initiating an account deletion securely and immediately deactivates the associated storage entities and workspaces on our Firestore servers, ensuring full compliance with user data rights and platform safety standards.

4. Third-Party Services

We utilize Google Firebase for secure backend infrastructure, authentication, and offline database persistence. We do not use third-party marketing trackers or share your boutique’s proprietary measurement data with external agencies.

5. Updates to this Policy

We may periodically update this Privacy Policy to reflect technical upgrades or regulatory requirements. Continued use of Thread Flow constitutes your acceptance of the updated terms.

For any privacy-related queries, please contact our support team through the Thread Flow dashboard.