Skip to content
Flockera
Privacy

Privacy Policy

This policy explains what personal data we collect on flockera.com and inside the Flockera application, why we collect it, and the rights you have over that data.

Effective from

1. Who we are

Flockera is an integrated, multi-tenant ERP for poultry production. Our marketing site is operated at flockera.com; the operational application is delivered as customer-specific subdomains. The data controller for marketing-website data is the Flockera operating entity. For data inside the application, the controller is the customer (your company); Flockera acts as a processor under the customer agreement.

2. What we collect on the marketing site

  • Contact form submissions: name, email, optional phone, optional company, optional sector, and your message.
  • Technical metadata: IP address, user-agent string, locale, page source, and timestamp. We use this to prevent abuse and to route the lead to the correct sales region.
  • Cookies: only essential session cookies for the language switcher and CSRF protection. We do not run third-party advertising trackers on flockera.com today.

3. What we collect inside the application

When you sign in to a tenant subdomain, the data you enter into Flockera (farms, cycles, mortality logs, vaccinations, lab results, pharmacy stock, financial figures, etc.) is stored in a database dedicated to your company. We do not commingle one customer's data with another's.

We also retain technical logs (login timestamps, audit trail, activity log) for security, compliance, and debugging.

4. Why we collect it (legal basis)

  • Performance of contract — to deliver the service you signed up for.
  • Legitimate interest — to prevent fraud and abuse, to improve the product, to respond to your sales inquiry.
  • Legal obligation — to retain records as required by applicable law.
  • Consent — for any optional marketing communications, where applicable.

5. Who we share data with

We do not sell personal data. We share data only with sub-processors strictly necessary to run the service:

  • Cloud hosting providers (server infrastructure).
  • Email delivery providers (transactional and confirmation emails).
  • Error monitoring services (so we can fix bugs).

Each sub-processor operates under a written agreement with confidentiality and data-protection terms. A current list is available on request.

6. Data retention

  • Marketing leads: kept for up to 24 months after the last interaction, then deleted or anonymised.
  • Application data: retained for the lifetime of your subscription. After cancellation, kept for 90 days for export/recovery, then permanently deleted.
  • Backups: rotated; the longest backup window is 90 days.
  • Audit and security logs: up to 24 months.

7. Your rights

Depending on your jurisdiction (KSA PDPL, EU GDPR, others) you may have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate data;
  • erase your data ("right to be forgotten");
  • restrict or object to processing;
  • receive a copy of your data in a portable format;
  • lodge a complaint with your local data-protection authority.

To exercise any of these rights, email us at [email protected]. We respond within 30 days.

8. Security

We use TLS for all traffic, encrypted database backups, mandatory two-factor authentication for administrative accounts, full activity logging, and per-tenant database isolation. See our Security page for details.

9. Children

Flockera is a B2B product for businesses. We do not knowingly collect data from anyone under 16.

10. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email to active customers and through a notice on this page. The "Effective from" date at the top of the page is always current.

11. Contact

Questions about this policy or your personal data: [email protected].