Privacy Policy

Last updated: 12 May 2026

NTL Flow is built by a small team in New York. We collect as little as we can get away with, encrypt what we do hold, and never sell or share your data. This page explains exactly what that means in plain English.

1. What NTL Flow stores

Your NTL Flow workspace stores the following on our server:

• Your account profile — username, display name, password hash (argon2id), role, quota, and last-login timestamp.
• Email account credentials — the username, password, and IMAP/SMTP host/port for each mailbox you connect. Passwords are encrypted at rest with a server-side key. We use them only to talk to your provider on your behalf.
• Cached message metadata — message headers and a local cache of message bodies for the inbox view. Mail is not duplicated to a separate datastore; it lives at your provider and is fetched on demand.
• Files you upload — anything you drop into NTL Drive, stored in a per-user directory on the workspace server.
• Your contact graph — addresses and message counts derived from your sent and received mail, used to build the CRM timeline.
• Tracking events you create — when you send a tracked email, the open and click events come back to NTL Flow and are stored against that message.
• A session cookie — a single first-party encrypted cookie that signs you in. No third-party cookies are set by NTL Flow.

2. What NTL Flow does not do

• We do not read your mail for our own purposes — no content scanning, no embedding pipeline, no model training.
• We do not run third-party analytics on you (no Google Analytics, no Segment, no Mixpanel) on the marketing site or inside the app.
• We do not sell, rent, or share your data with advertisers or data brokers, ever.
• We do not background-index your mail to OpenAI or any AI provider. (See section 4.)
• We do not require, ask for, or store payment information — NTL Flow is currently in invite-only private beta.

3. Outbound mail tracking

If you compose a message with tracking enabled, NTL Flow embeds a 1×1 pixel and rewrites links to route through our server. When a recipient opens that message or clicks one of those links, a record is logged in your workspace. This is a feature you control on your outgoing mail — it does not affect incoming messages, and you can disable it per-message in the composer.

4. The optional AI rewrite

NTL Flow includes an optional AI rewrite tool in the composer for polishing tone, condensing drafts, or shifting register. It is off by default.

To turn it on, an admin supplies an OpenAI API key in the admin settings. When you press the rewrite button, only the specific text you highlight is sent to OpenAI under that key, along with a short prompt. No background processing happens, no other content is sent, and no key means no AI feature — the rest of NTL Flow works without it. Once you remove or clear the key, no further calls are made.

If you use this feature, OpenAI's own privacy and data-retention terms apply to the request you make. See OpenAI's privacy policy for their side of the transaction.

5. Outbound SMTP relay (SMTP2GO)

For custom-domain email accounts, NTL Flow can route outbound mail through SMTP2GO so messages reach the inbox instead of the spam folder. When enabled, the message envelope and body pass through SMTP2GO en route to the recipient. This is opt-in per account, and the workspace admin chooses whether to enable it. See SMTP2GO's privacy policy for their handling of relayed mail.

6. Where your data lives

NTL Flow runs on a single virtual machine in a commercial data center, with TLS provided by Caddy automatic HTTPS (Let's Encrypt). Backups, if any, are encrypted and held by the workspace admin. Mail itself lives at your email provider — NTL Flow is a client, not a mail store.

7. Your rights — access, export, deletion

You can:

• Access your data inside NTL Flow at any time. Mail, files, and the contact list are visible from the workspace.
• Disconnect an email account from Mail · Settings. Disconnecting deletes the stored credentials and any cached message metadata for that account.
• Delete your workspace by emailing the admin or, for self-hosted instances, by removing the user from the admin panel. Deleting a user cascades through the database (mail accounts, contacts, tracking, drive metadata). Files in your storage directory are retained on disk for manual cleanup so accidental deletes are recoverable for a short window.
• Request a data export by emailing info@ntlofnyc.com. We will send you everything we hold about you in machine-readable form within 30 days.

8. Cookies

NTL Flow sets one cookie: an encrypted session cookie used to keep you signed in. It is first-party, http-only, and never shared. No third-party analytics or advertising cookies are set.

9. Children

NTL Flow is not directed at children under 13, and we do not knowingly accept signups from them.

10. Changes to this policy

If we change this policy in a material way, we will update the "Last updated" date at the top and, if you are a user, notify you in-app before the change takes effect. The current version is always at ntlflow.com/privacy.html.

11. Contact

If you have a privacy question, want a data export, or want to delete your account, email a real person at info@ntlofnyc.com. Replies typically come within a few business days.