Your processes are your IP. We treat them that way.
Plain language, no theater. Here is how FLOW handles your data today, and what's on the roadmap. If you have a question this page doesn't answer, ask us and you'll get a straight answer.
Today
Tenant isolation
Your organization's data lives in its own tenant. Processes, documents, and records are never shared across customers, never used to train models, and never visible to anyone outside your organization.
Role-based access
Who can see, edit, approve, and publish is controlled per role. The same role model that drives the role lens drives permissions, so access mirrors how your operation actually works.
Full audit trail
Every version, comment, approval, and publish event is recorded with who and when. That's not a security add-on; it's the product. If it happened to a process, it's on the record.
Encryption
Data is encrypted in transit and at rest. Access to production systems is restricted to the people who operate them, and that access is logged.
On the roadmap
We'd rather tell you what's coming than pretend it's already here.
SSO
SAML and OIDC single sign-on, so FLOW plugs into the identity provider you already run.
SOC 2
SOC 2 Type II is on the compliance roadmap. We'll publish progress honestly rather than badge-shopping.
SCIM provisioning
Automatic user provisioning and deprovisioning from your directory, so leavers lose access the day they leave.
Have a security questionnaire?
Send it over. You'll get answers from the people who built the system, not a PDF generator.
hello@flow-solutions.io