Data Deletion

This page explains how to request deletion of personal data processed through NoimaFlow, including account data, workspace records, brand assets, generated content, connected Meta data, and marketing records.

Some deletion actions can already be performed directly in the application by an authorised workspace user. For example, a client record can be permanently deleted from the relevant client page, which also removes associated brand memory, generated posts, social connections, website analyses, and planning history stored for that client.

Published posts already sent to external platforms are not automatically removed from Meta when you delete them from NoimaFlow. Those platform-side records must be handled through the relevant social platform.

Send an email to hello@noimaflow.com with the subject line Data Deletion Request.

Please include enough detail for us to identify the scope of the request, such as:

• the account email address concerned;
• the workspace name;
• the client or brand name, if the request concerns only one client record;
• whether you want deletion of marketing data only, connected Meta data only, or broader workspace data.

If the personal data was uploaded or controlled by one of our customers inside its workspace, that customer is usually the primary controller for that data. In those cases, the fastest route is often to contact the relevant workspace owner, brand operator, or organisation first.

Where required, we will assist the relevant customer in responding to validated data subject requests in accordance with our contractual and legal obligations.

If you connected Facebook or Instagram, we can delete stored connection data such as Page IDs, Instagram professional account IDs, page names, permission metadata, encrypted access tokens, and internal publishing records held by NoimaFlow.

Deleting or revoking app access inside Meta helps prevent future access, but it does not automatically delete records already stored in our systems. If you want both actions completed, remove the app connection inside Meta and email us so that we can process deletion in our systems as well.

We may ask for additional information to verify the identity of the requester and, where relevant, their authority to act for a workspace or organisation. This helps protect workspaces against unauthorised or malicious deletion attempts.

We aim to respond to verified GDPR rights requests within one month. If a request is particularly complex, we may extend that period where the GDPR allows it and will inform you of the reason and updated timing.

Even after a valid deletion request, we may retain limited information where necessary for legal compliance, tax and accounting obligations, security investigations, fraud prevention, backup integrity, or the establishment, exercise, or defence of legal claims.

Backup copies are removed according to ordinary backup rotation and restoration controls rather than instantaneously.

If you only want to stop marketing emails, you can unsubscribe without deleting your account by using the unsubscribe link in any marketing email or by visiting /newsletter/unsubscribe.

If you believe your deletion request has not been handled correctly, contact us at hello@noimaflow.com. You may also lodge a complaint with your local supervisory authority or with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).