Privacy Policy

At BoosterFlow, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

Personal Information

When you create an account with BoosterFlow, we collect the following personal information:

• Account Information: Email address, password (encrypted), and account creation date
• Profile Information: Name and any other information you choose to provide
• Payment Information: Billing details and transaction history. Payment card information is collected and processed directly by Stripe and is not stored on our servers. We only store limited billing information such as the last 4 digits of your card and expiration date for display purposes.

Usage Data

We automatically collect certain information when you use our Service:

• Log Data: IP address, browser type, operating system, pages visited, time spent on pages, and other diagnostic data
• Device Information: Device type, unique device identifiers, and mobile network information
• Cookies and Tracking: We use cookies and similar tracking technologies to track activity and store certain information (see Section 8 for details)

User Content

We collect and store any content, files, data, or information that you create, upload, or share through the Service. You retain all ownership rights to this content.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Maintain the Service: To operate, maintain, and improve BoosterFlow's features and functionality
• Account Management: To create and manage your account, authenticate your identity, and provide customer support
• Process Payments: To process your subscription payments and manage billing
• Communications: To send you technical notices, updates, security alerts, and support messages
• Personalization: To understand how you use the Service and personalize your experience
• Analytics and Improvements: To analyze usage patterns and improve our Service
• Security: To detect, prevent, and address technical issues, fraud, and security vulnerabilities
• Legal Compliance: To comply with legal obligations and enforce our Terms of Service
• Marketing: To send you promotional communications about new features, special offers, and other information (you can opt out at any time)

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information in the following circumstances:

Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating our Service:

• Supabase: Authentication, database hosting, and file storage services
• Netlify: Web hosting and content delivery
• Stripe: Secure payment processing and billing management. Stripe's privacy policy is available at stripe.com/privacy
• Resend: Transactional email delivery for account notifications, password resets, and service updates

These service providers are contractually obligated to protect your information and may only use it to provide services on our behalf.

Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders, search warrants)
• Requests from law enforcement or government authorities
• Situations involving potential threats to safety or security
• Protection of our rights, property, or safety

Business Transfers

If BoosterFlow is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Service of any change in ownership or use of your personal information.

4. Data Storage and Security

Data Storage

Your data is stored using secure cloud infrastructure provided by Supabase (PostgreSQL database and file storage) and Netlify (application hosting). Our servers are located in the United States (East Coast). By using our Service, you consent to the transfer of your information to these locations.

Security Measures

We implement industry-standard security measures to protect your information:

• Encryption of data in transit using SSL/TLS
• Encryption of sensitive data at rest
• Secure authentication through Supabase
• Password hashing and secure credential storage
• Regular security audits and monitoring
• Limited employee access to personal information

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as necessary to provide you with the Service and fulfill the purposes described in this Privacy Policy. Specifically:

• Active Accounts: We retain your information while your account is active
• Deleted Accounts: After account deletion, we retain certain information for up to 90 days for recovery purposes, then permanently delete it
• Legal Requirements: We may retain certain data longer if required by law or for legitimate business purposes (e.g., billing records, legal disputes)
• Anonymized Data: We may retain anonymized or aggregated data indefinitely for analytics purposes

6. Your Privacy Rights

You have the following rights regarding your personal information:

• Access: You can request a copy of the personal information we hold about you
• Correction: You can update or correct your personal information through your account settings at any time
• Deletion: You can request deletion of your account and personal information by contacting us
• Data Export: You can request a copy of your data in a machine-readable format
• Opt-Out: You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or adjusting your account settings

To exercise any of these rights, please contact us at support@boosterflow.com or through our Contact page. We will respond to your request within 30 days.

7. Data Location

BoosterFlow is based in the United States, and your data is stored on servers located in the United States (East Coast). By using our Service, you consent to the storage and processing of your information in this location.

We take appropriate measures to protect your information regardless of where it is stored or processed.

8. Cookies and Tracking Technologies

What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our Service. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until deleted or expired).

How We Use Cookies

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication, security, and basic functionality
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how visitors use our Service
• Performance Cookies: Improve the performance and functionality of our Service

Your Cookie Choices

You can control cookies through your browser settings. Most browsers allow you to:

• View what cookies are stored on your device
• Delete cookies
• Block all cookies or only third-party cookies
• Clear cookies when you close your browser

Please note that disabling certain cookies may limit your ability to use some features of our Service.

9. Third-Party Links

Our Service may contain links to third-party websites or services that are not operated by us. If you click on a third-party link, you will be directed to that third party's site.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We strongly advise you to review the privacy policy of every site you visit.

10. Children's Privacy

Our Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us.

If we become aware that we have collected personal information from children under 18 without verification of parental consent, we will take steps to remove that information from our servers.

11. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activities tracked. At this time, we do not respond to DNT signals or similar mechanisms.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (for material changes)

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: