Privacy Policy
Last updated: May 26, 2026
Account-Flow is operated by Montero and Viera LLC, a Delaware limited liability company. Account-Flow provides private connector, reconciliation, reporting, and accounting workflow software for ecommerce and service businesses. This policy explains how we collect, use, protect, retain, and delete data when a client authorizes Account-Flow to connect systems such as Amazon Selling Partner API, Meta Ads, Shopify, or accounting platforms.
Information we collect
- Client and connection metadata: business/client name, internal client key, platform name, account/store/ad account identifiers, marketplace identifiers, authorized scopes or roles, connection status, authorization timestamps, and audit events.
- Amazon Selling Partner data: data a seller authorizes through Amazon SP-API, such as orders, settlements, payouts, fees, reimbursements, inventory, catalog/report data, and related financial or operational records needed for reconciliation and reporting. We request only the Amazon roles and data needed for the approved service.
- Meta Platform data: data a business authorizes through Meta, such as ad account identifiers, campaign/ad set/ad names, spend, impressions, clicks, dates, delivery/performance metrics, and related reporting fields. Our Meta Ads connector is intended for read-only reporting and reconciliation.
- Other connected-source data: ecommerce, payment, banking, accounting, fulfillment, or file-import data authorized by the client for Account-Flow services.
- Credentials and tokens: OAuth tokens, refresh tokens, app authorization grants, or similar secrets required to keep a client-authorized connection active. These are stored in encrypted vault storage and are not displayed in client-facing pages.
- Operational logs: security, debugging, synchronization, error, and audit logs. Logs are minimized where practical and are used to operate and protect the service.
How we use information
- To connect to platforms that the client has authorized and import the data needed for the agreed service.
- To normalize, reconcile, classify, and report ecommerce, advertising, payout, inventory, and accounting activity.
- To identify missing, duplicated, unreconciled, or misclassified transactions and support month-end close or management reporting workflows.
- To maintain security, prevent unauthorized access, troubleshoot integrations, support clients, and preserve audit history.
- To comply with applicable laws, platform requirements, accounting obligations, and written client instructions.
Platform data commitments
- We do not sell Amazon, Meta, or client platform data.
- We do not use platform data to build unrelated advertising profiles or for unrelated marketing.
- We do not share platform data with third parties except as needed to provide Account-Flow, as directed by the client, as required by law, or with service providers bound to protect the data.
- We do not request or use write-level, ads-management, payment, banking, or account-administration permissions unless separately approved for a specific client workflow.
- We do not ask clients to send raw access tokens, refresh tokens, app secrets, or security codes through chat, email, screenshots, spreadsheets, or workbook tabs.
Security
- Connector secrets and OAuth tokens are stored in encrypted vault storage and transmitted over HTTPS.
- Access to client data is limited to authorized operations and support needs.
- We use least-privilege permissions, environment-based secret storage, audit logging, and separation between client connection records.
- Where sensitive data is not needed for reporting or reconciliation, we avoid collecting it or minimize/mask it where practical.
Retention
We retain data only as long as needed to provide services, maintain security and audit records, comply with legal/accounting obligations, resolve disputes, or follow written client instructions. When data is no longer needed for those purposes, we delete it or de-identify it where practical.
Deletion and revocation
Clients may revoke access directly in the connected platform at any time, including Amazon Seller Central app authorizations, Meta Business integrations/settings, Shopify app settings, or accounting platform app settings. Clients may also request export, correction, disconnection, or deletion by emailing info@account-flow.com. Additional instructions are available at /data-deletion.
Children's data
Account-Flow is a business-to-business service and is not intended for children or consumer social use.
Changes to this policy
We may update this policy as the service, platform requirements, or applicable law changes. The updated date above shows the latest version.
Contact
Privacy, security, or data handling questions can be sent to info@account-flow.com.