Flow MynaFLOW MYNA

Data Processing Addendum

Our commitment to protecting your data. Effective: February 2026, Version 1.0.

This Data Processing Addendum ("DPA") forms part of the Terms of Service between Flow Myna Ltd ("Flow Myna," "we," "us") and you ("Customer," "you") for the processing of personal data in connection with the Flow Myna service.

1. Definitions

"Personal Data" means any information relating to an identified or identifiable natural person that Customer uploads to or processes through the Flow Myna service.

"Data Protection Laws" means UK GDPR, EU GDPR (where applicable), and any other applicable data protection legislation.

"Process" (and its derivatives) means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.

2. Roles and Responsibilities

Customer is the Data Controller. Customer determines the purposes and means of processing Personal Data uploaded to Flow Myna.

Flow Myna is the Data Processor. Flow Myna processes Personal Data only on Customer's documented instructions and solely to provide the service.

Customer warrants that it has all necessary rights and consents to upload Personal Data and authorise Flow Myna to process it as described in the Terms of Service.

3. Processing Details

Subject matter

Provision of AI-powered process mining and analysis services.

Duration

For the term of the agreement, plus any retention period required for backup and legal compliance.

Nature and purpose

Processing event logs and business process data to provide process analysis, visualisation, and insights.

Types of Personal Data

May include employee identifiers, user IDs, timestamps, and other data contained in Customer's uploaded event logs.

Categories of data subjects

Customer's employees, contractors, customers, or other individuals whose activities are reflected in the uploaded process data.

4. Flow Myna's Obligations

Flow Myna shall:

  • a)Process Personal Data only on Customer's documented instructions, unless required by law;
  • b)Ensure persons authorised to process Personal Data are bound by confidentiality obligations;
  • c)Implement appropriate technical and organisational security measures as described in our Security Policy;
  • d)Assist Customer in responding to data subject requests (access, deletion, portability, etc.);
  • e)Notify Customer without undue delay upon becoming aware of a Personal Data breach;
  • f)Delete or return Personal Data upon termination, at Customer's choice, unless retention is required by law.

5. Sub-processors

Customer authorises Flow Myna to engage sub-processors to assist in providing the service. Current sub-processors are listed on our Security page. Flow Myna will notify Customer of any intended changes to sub-processors, giving Customer the opportunity to object.

Flow Myna remains liable for the acts and omissions of its sub-processors.

6. International Transfers

Personal Data is processed within the UK and EEA. If any transfer outside these regions becomes necessary, Flow Myna will ensure appropriate safeguards are in place (such as Standard Contractual Clauses) and will inform Customer.

7. Audit Rights

Upon reasonable request, Flow Myna will make available information necessary to demonstrate compliance with this DPA. Flow Myna will permit and contribute to audits conducted by Customer or an appointed auditor, subject to reasonable notice and confidentiality obligations.

8. General

This DPA is governed by the laws of England and Wales. In the event of any conflict between this DPA and the Terms of Service, this DPA shall prevail with respect to the processing of Personal Data.

By using the Flow Myna service and uploading data, Customer agrees to this DPA.

Contact Us

If you have any questions about this Data Processing Addendum, please contact us at:

Flow Myna Ltd

Email: legal@flowmyna.com