How TurboHost LLC handles your information across Flaire Digital and our services — and the rights and controls you have.
Last updated: June 6, 2026
TurboHost LLC (“TurboHost”, “we”, “us”, “our”) is a United States company that designs and builds custom software — websites, web applications, mobile apps, and backend and Python-based systems — and operates the Flaire Digital brand and client portal at flaire.digital.
This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit our websites, communicate with us, engage us for a project, or use the client portal (together, the “Services”). It applies to personal data for which we determine the purposes and means of processing. For data we process inside a client’s project on that client’s behalf, we may act as a processor under the client’s instructions, as described in Section 2. You can reach us any time at hello@flaire.digital.
This Policy covers personal data of website visitors, prospective clients, client representatives, portal users, and others who interact with us. Where we decide how and why personal data is processed — for example our own account, billing, security, and marketing data — we are the “controller” under the GDPR and the “business” under U.S. state privacy laws.
Where we process content and data within a client engagement solely under that client’s instructions, we act as a “processor” / “service provider”, and the client is responsible for providing any required privacy notices to its own end users and for the lawful basis of that processing.
The specific entity acting as data controller for your personal data is set out in “Data controller” below.
Flaire Digital is a trading brand. The entity that decides the purposes and means of processing your personal data (the “data controller”) depends on your location and the entity you have contracted with, and is identified in your agreement or invoice. Requests relating to your personal data (see “Your privacy rights”) are handled by the applicable controller, using the contact details in “Contact us”. The applicable data controller is one of the following:
We collect the following categories of personal data:
We collect personal data directly from you when you contact us, register, submit a project, or use the Services; automatically through cookies, server logs, and similar technologies when you use our sites and portal; and from third parties such as authentication providers you choose to sign in with, our payment processor, and the analytics or security providers acting on our behalf.
We use personal data to create, operate, and secure accounts; to provide, manage, and deliver projects and the Services; to communicate with you, including service, security, and transactional messages; to process payments and keep financial records; to provide AI-assisted features (Section 8); to operate, maintain, debug, and improve the Services; to prevent fraud, abuse, and security incidents; and to comply with legal obligations and enforce our agreements.
Where the GDPR or UK GDPR applies, we rely on these legal bases: performance of a contract, to provide the Services you request; our legitimate interests, to secure, operate, and improve the Services and for limited business communications, balanced against your rights; your consent, for example for certain cookies or marketing, which you may withdraw at any time; and compliance with a legal obligation. We do not sell personal data, and we do not use your project content to train third-party AI models.
Messages and files in your project workspaces can be protected with end-to-end, post-quantum encryption. Encryption and decryption happen on your device; your passphrase and private keys never leave your device and are never transmitted to or stored by us.
For end-to-end encrypted content we hold only ciphertext and are technically unable to read it, and we cannot recover it if you lose your passphrase. As a result, certain data-access requests for that content cannot be fulfilled by us because we do not hold the keys.
Some features use artificial intelligence to assist you, such as summarizing a brief or answering questions. When you use these features, the relevant input text is transmitted to our AI sub-processor solely to generate a response and is not used by that provider to train its models.
Do not enter sensitive personal data or confidential secrets into AI inputs. AI output can be inaccurate and should be reviewed before you rely on it.
We use cookies and local storage that are strictly necessary to keep you signed in, remember your language and preferences, secure the Services, and operate core functionality, and we may use limited analytics to understand and improve usage.
We do not use cross-context behavioral-advertising cookies, and we do not sell or share personal data for targeted advertising. You can control cookies through your browser settings; disabling necessary cookies may impair the Services. Where required, we request consent before setting non-essential cookies.
We do not sell your personal data. We disclose personal data only as follows:
We rely on a limited set of trusted providers, each processing data only as needed to deliver its service:
We are based in the United States, and our providers may process data in the United States and other countries whose data-protection laws may differ from those where you live.
Where we transfer personal data from the EEA, the United Kingdom, or Switzerland to a country without an adequacy decision, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum, and we apply additional measures, including encryption, where appropriate.
Depending on where you live, you may have some or all of the following rights, subject to legal limits: to access the personal data we hold about you; to correct inaccurate data; to delete your data; to obtain a portable copy; to restrict or object to certain processing; and to withdraw consent.
To exercise any right, email hello@flaire.digital. We will verify your request and respond within the time required by applicable law. You may use an authorized agent where the law permits, and you have the right not to receive discriminatory treatment for exercising your rights.
If you are a California resident, you have rights under the CCPA as amended by the CPRA, including the rights to know, access, correct, and delete personal information, to opt out of the sale or sharing of personal information and of cross-context behavioral advertising, and to limit the use of sensitive personal information. We do not sell or share personal information as those terms are defined under California law, and we do not use or disclose sensitive personal information beyond the permitted purposes. California’s “Shine the Light” law lets residents request information about disclosures to third parties for direct marketing; we do not make such disclosures.
Residents of Virginia, Colorado, Connecticut, Utah, Texas, and other states with comprehensive privacy laws have comparable rights, including access, correction, deletion, portability, and opting out of targeted advertising and certain profiling. To exercise these rights, contact us as described above; you may appeal a decision by replying to our response.
We retain personal data for as long as your account is active or as needed to provide the Services, and thereafter for the periods required to comply with legal, tax, accounting, and regulatory obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we delete or de-identify it. You may request deletion of your account at any time, subject to retention required by law.
We protect personal data using encryption in transit and at rest, access controls scoped to need, logging and monitoring, and end-to-end encryption for sensitive workspace content. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a personal-data breach affecting you, we will notify you and the relevant authorities as required by applicable law.
The Services are intended for users aged 18 and older and are not directed to children. We do not knowingly collect personal data from anyone under 18, and we do not knowingly collect data from children under 13 in violation of the Children’s Online Privacy Protection Act (COPPA). If you believe a minor has provided us personal data, contact us and we will delete it.
Our Services may link to or integrate third-party websites and services that we do not control. Their privacy practices are governed by their own policies, and we are not responsible for them. Review the privacy notices of any third party before providing your data.
We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice through the Services or by email. Your continued use of the Services after the effective date means you acknowledge the updated Policy.
TurboHost LLC operates Flaire Digital and is responsible for the personal data described in this Policy. For privacy questions or to exercise your rights, email hello@flaire.digital. You may also request our registered mailing address by contacting us. If you are in the EEA or UK and we cannot resolve your concern, you may lodge a complaint with your local supervisory authority.
Questions about this document? Contact TurboHost LLC, the company behind Flaire Digital, at hello@flaire.digital