Wellmet Labs ← Back to site
Legal

Privacy Policy

Effective date: May 30, 2026 Last updated: May 30, 2026 Version: 1.0

This Privacy Policy explains how Flow Foundry LLC, doing business as Wellmet Labs (“Wellmet Labs,” “we,” “us,” or “our”), collects, uses, shares, and protects information when you interact with our website, our messaging experiences, and the services we provide to our business clients.

01 Who we are

Wellmet Labs is a software and advertising-technology service operated by Flow Foundry LLC, doing business as Wellmet Labs. We build and operate custom conversational experiences on messaging platforms — including Facebook Messenger, Instagram Direct, and WhatsApp — on behalf of our business clients to help them convert advertising interest into booked appointments and consultations.

For the messaging experiences we operate on behalf of a client, that client is generally the data controller of the personal information collected in those conversations, and Wellmet Labs acts as a service provider / data processor on their behalf. For our own website and business operations, Wellmet Labs is the controller. This policy describes both roles.

02 Scope of this policy

This policy applies to information processed through:

  • Our website and any pages, forms, or email addresses operated under the Wellmet Labs brand;
  • The conversational experiences we build and operate for clients on Facebook Messenger, Instagram Direct, WhatsApp, and website chat; and
  • Communications between Wellmet Labs and prospective or active business clients.

It does not cover the independent privacy practices of our clients, of Meta Platforms, Inc., or of any third-party service that maintains its own privacy policy.

03 Information we collect

Information you provide directly

  • Conversation content: the messages, questions, selections, and details a person shares with a messaging experience we operate (for example, interest in a procedure, general preferences, or a request to book).
  • Contact & booking details: name, email address, phone number, and appointment preferences, where a person chooses to provide them to schedule a consultation.
  • Business inquiry details: information you submit when contacting us as a prospective client, such as your name, business name, email, and message.

Information from messaging platforms

  • Platform profile information: when a person engages with a messaging experience, the platform (e.g., Meta) may provide a scoped user identifier and limited profile information such as name and profile photo, subject to that platform's terms and the person's settings.
  • Message metadata: timestamps, message status, and the channel used.

Information collected automatically

  • Website usage data: IP address, browser and device type, pages viewed, and referring source, collected through standard server logs and privacy-respecting analytics.
  • Cookies & similar technologies: used to operate the website and understand aggregate usage. You can control cookies through your browser settings.

Information from clients

Our business clients may provide information needed to build and operate their experience, such as procedure descriptions, scheduling rules, and approved messaging.

04 Messaging platforms & Meta Platform data

Our services are built on third-party messaging platforms, including products operated by Meta Platforms, Inc. (Facebook Messenger, Instagram, and WhatsApp). When we access data made available through these platforms (“Platform Data”), we do so only as necessary to provide the experience and in accordance with each platform's terms.

Our commitments regarding Platform Data. We use Platform Data only to operate and improve the specific experience a person is interacting with; we do not sell Platform Data; we do not use it for unrelated advertising profiling; we request only the permissions a use case requires; and we retain it only as long as needed for the purposes described here or as instructed by the relevant client.

Our use of information received from Meta APIs adheres to the Meta Platform Terms and Developer Policies, including applicable limited-use requirements. WhatsApp interactions are additionally subject to WhatsApp's Business Messaging policies. Your use of Messenger, Instagram, and WhatsApp is also governed by Meta's own privacy policies, which we encourage you to review.

05 How we use information

We use the information described above to:

  • Operate the conversational experience — answering questions, sharing relevant information, and helping a person take the next step;
  • Facilitate appointment and consultation booking and pass qualified inquiries to the relevant client's team;
  • Measure and improve conversion performance and the quality of the experience for our clients;
  • Provide, maintain, secure, and troubleshoot our website and services;
  • Communicate with prospective and active business clients; and
  • Comply with legal obligations and enforce our terms.

We do not sell personal information, and we do not use the content of consumer conversations to build cross-service advertising profiles.

06 Legal bases for processing

Where required by law (for example, under the GDPR or UK GDPR), we rely on the following legal bases: consent (where you choose to engage and provide information); performance of a contract (to deliver requested services such as booking); legitimate interests (to operate, secure, and improve our services in a manner that does not override your rights); and legal obligation (to comply with applicable law).

07 How we share information

We share information only as described here:

  • With the relevant client: conversation outcomes, contact details, and booking requests are shared with the business whose experience you engaged with, so they can serve you.
  • With service providers (subprocessors): vetted vendors that help us host infrastructure, deliver messages, schedule appointments, and analyze performance, bound by confidentiality and data-protection obligations.
  • With messaging platforms: as necessary to deliver messages through Messenger, Instagram, and WhatsApp.
  • For legal reasons: when required by law, to respond to lawful requests, or to protect the rights, safety, and security of users, our clients, or Wellmet Labs.
  • In a business transfer: in connection with a merger, acquisition, or sale of assets, subject to this policy.

08 Data retention

We retain personal information only as long as necessary for the purposes described in this policy, to provide services to our clients, and to comply with legal obligations. Retention periods vary by data type and client instruction:

Data typeTypical retention
Conversation content & metadataFor the period instructed by the client, then deleted or de-identified
Contact & booking detailsUntil the booking is fulfilled and per client instruction
Website analytics & server logsUp to 24 months, typically in aggregate or de-identified form
Business client communicationsFor the duration of the relationship and as required by law

When information is no longer needed, we delete or de-identify it. You may request deletion at any time — see Data deletion.

09 Data security

We maintain administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and the principle of least privilege. No method of transmission or storage is completely secure, and we cannot guarantee absolute security; we work to address vulnerabilities promptly when identified.

10 Your rights & choices

Depending on where you live, you may have the right to access, correct, delete, or port your personal information; to object to or restrict certain processing; and to withdraw consent. Residents of the EEA/UK, California, and certain other jurisdictions may have additional rights, including the right to opt out of the “sale” or “sharing” of personal information — Wellmet Labs does not sell personal information.

To exercise any right, contact us at sales@trywellmet.com. Because we often act on behalf of a client, we may direct or coordinate your request with the relevant client. We will not discriminate against you for exercising your rights.

11 Data deletion

You can request deletion of the personal information associated with your interactions at any time. We provide clear, self-serve instructions — including how users of Facebook, Instagram, and WhatsApp experiences can request deletion — on our dedicated page.

➔ See our Data Deletion & Data Policy page for step-by-step instructions and our response timelines.

12 Children's privacy

Our website and services are intended for adults and are not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will take appropriate steps to delete it.

13 International data transfers

We are based in the United States and may process information in the U.S. and other countries. Where we transfer personal information across borders, we use appropriate safeguards consistent with applicable law, such as standard contractual clauses where required.

14 Third-party links & services

Our website and experiences may reference or link to third-party services, including Meta's platforms and our clients' websites. Those services operate under their own privacy policies, and we are not responsible for their practices. We encourage you to review the policies of any third-party service you use.

15 Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of our website or services after an update constitutes acceptance of the revised policy.

16 How to contact us

For any privacy question or request, contact us:

Entity: Flow Foundry LLC (dba Wellmet Labs)
Mailing address: 5432 Geary Blvd, Unit #488, San Francisco, CA 94121
Phone: (650) 690-2398