Privacy policy

Last updated · 2026-05-10

1. Who this applies to

This policy covers visitors to bo.ge (and its subdomains) and customers using BackOffice ("we", "us", "our") on the hosted offering. If you self-host, your privacy stance is governed by your own deployment; this document doesn't apply there.

2. What we collect

• Account data — name, email, workspace metadata. Used to operate the service.
• Workspace records — the entities and rows you create. We store these to run the product. We don't read them for marketing or AI training.
• Usage analytics — aggregated event metadata (page views, feature use). Stays on infrastructure we control; not shipped to third-party trackers.
• Billing — card details processed by Stripe (we never see the PAN). Invoices and contact info live with us.

3. What we don't do

• We don't sell your data, ever.
• We don't train AI models on your records.
• We don't ship session recordings or events to third-party tools (Hotjar, Heap, FullStory, etc.).
• We don't fingerprint visitors across sites.

4. Cookies

A single first-party authentication cookie plus a few localStorage entries for session state. No third-party trackers, no advertising cookies, no remarketing pixels.

5. Subprocessors

Each is contractually bound to the same standards we hold ourselves to.

• Cloudflare — DNS, CDN, edge proxy.
• Cloudflare R2 — blob storage (media uploads, exports).
• Stripe — billing.
• Anthropic / OpenAI — LLM inference for AI features. Per-call data is sent only when you invoke an AI surface, never for background analysis.

6. Your rights

Access, export, deletion, and correction. Email privacy@bo.ge and we'll respond within 30 days. EU and UK GDPR plus CCPA rights are honoured for all customers regardless of residence.

7. Data location

Production data sits in the EU by default (Frankfurt). R2 blobs are replicated to regional edges. We don't transfer customer-row data outside the region without a written addendum.

8. Security disclosures

Found a vulnerability? Email security@bo.ge. We run a no-litigation policy for good-faith research and will publicly credit fixes (with permission). Encrypt sensitive details with our PGP key, available on request.

9. Changes

We update this policy when material changes happen. The "Last updated" date at the top is the source of truth; significant changes also trigger an email to account owners.

10. Contact

Privacy questions: privacy@bo.ge. General contact: our contact page.