MannaFlow Inc. — HARVEST Farm Cost Management
Effective Date: 2026-06-13
MannaFlow Inc. ("we", "us", "our") operates the HARVEST Farm Cost Management platform (the "Service") at harvest.mannaflow.app. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.
We are incorporated in Ontario, Canada and are subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). We are committed to protecting your privacy and handling your data with transparency and care.
Email address (when you choose to save your report or subscribe to renewal reminders). Transaction data from CSV files you upload, which may include: transaction dates, merchant/vendor descriptions, and transaction amounts. We do not require or request your bank account number, login credentials, or any authentication to your financial institution. If you choose to leave a review, we collect your star rating and any text you provide.
Analysis results including identified cost patterns, suppliers, spending trends, behavioral insights, and savings recommendations. Anonymized benchmark data derived from transaction analysis (vendor name, category, and amount only — aggregated across multiple users so that no individual business can be identified).
Basic server logs including IP address, browser type, and access timestamps. These are retained for security and operational purposes only. Cloudflare, which provides DNS and security services, may set cookies for security and performance purposes. These cookies are governed by Cloudflare's own privacy policy.
We use your information to analyze your uploaded transaction data and generate your farm cost audit report; to send you reminders and report updates if you provide your email; to build anonymized, aggregated benchmark data that improves our analysis for all users (this data is aggregated across multiple users and cannot identify any individual business); and to maintain and improve the security and performance of the Service.
We do not sell, rent, or trade your personal information to third parties. We do not use your data for advertising purposes.
Your uploaded CSV data is processed in real-time on our servers and is not permanently stored after analysis. Email addresses and report summaries (if you choose to save) are stored on our servers. Our Service is hosted on Render.com, with servers located in the United States (Oregon). By using the Service, you acknowledge that your data may be processed outside of Canada. In accordance with PIPEDA, we ensure comparable protection through our service provider agreements.
When you upload transaction data, we extract anonymized data points consisting solely of vendor names, spending categories, and transaction amounts. This data is aggregated across multiple users and stored separately from any personal information. While individual uploads may contain identifiable spending patterns, benchmark data is only used and published in aggregate form across many businesses, making it impractical to identify any individual business. This anonymized data helps us provide more accurate analysis, including benchmark comparisons, to all users of the Service.
When you purchase a paid report, payment is processed by Stripe, Inc., a third-party payment processor. We do not store your credit card number, CVV, or full card details on our servers. Stripe processes your payment information in accordance with PCI DSS (Payment Card Industry Data Security Standard) requirements. Stripe's collection and use of your payment information is governed by its own privacy policy, available at stripe.com/privacy. We receive only a transaction confirmation, your name, email, and the last four digits of your card for record-keeping purposes.
Uploaded CSV files: processed in real-time, not permanently stored. Email addresses and report summaries: retained until you request deletion. Reviews and feedback: retained to improve our service and may be displayed anonymously. Anonymized benchmark data: retained indefinitely (aggregated and cannot identify individuals). Server logs: retained for up to 90 days. Payment records: retained as required by Canadian tax law (generally 6 years).
You have the right to: access your personal information held by us; request correction of inaccurate personal information; request deletion of your personal information (except anonymized benchmark data, which cannot be linked to you, and payment records required by law); and withdraw consent for future communications at any time.
To exercise any of these rights, contact us at privacy@mannaflow.app.
In the event of a data breach involving your personal information that creates a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada as soon as feasible, in accordance with PIPEDA's breach notification requirements. Notification will include the nature of the breach, the information involved, steps we have taken in response, and steps you can take to mitigate potential harm.
We implement appropriate technical and organizational measures to protect your personal information, including: encrypted data transmission (HTTPS/TLS), security headers on all responses, access controls on our server infrastructure, and no storage of raw financial data after processing.
We use the following third-party services: Render.com — hosting and server infrastructure (United States); Cloudflare — DNS, CDN, security services, and may set cookies for security purposes; Stripe, Inc. — payment processing (when purchasing paid reports); UptimeRobot — server health monitoring (pings our health endpoint only, no user data is shared). We do not integrate with any advertising networks, social media tracking, or third-party analytics services.
Our Service is intended for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal information from children.
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or via email to registered users. Your continued use of the Service after changes constitutes acceptance of the updated policy.
MannaFlow Inc.
334 Hwy 129, Cabin 9
Chapleau, Ontario P0M 1K0
Email: privacy@mannaflow.app
Website: mannaflow.app
If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.