Boloware

Privacy Policy

Last Updated: May 31, 2026

Privacy Policy

1. Scope

This Privacy Policy describes how Boloware collects, uses, discloses, and protects information when tenants, prospects, authorized users, and support contacts use Boloware. Boloware primarily acts as a service provider or processor for tenant business data and as a business or controller for account, billing, security, and support information.

2. Information We Collect

We may collect account information, business contact information, authentication events, tenant operational data, uploaded files, support communications, billing status, payment metadata from Stripe, integration metadata, device and browser information, IP address, activity logs, and product usage events.

When tenants connect integrations such as Shopify or QuickBooks, Boloware processes the data the tenant authorizes those systems to share. When tenants use AI-assisted features, prompts, context, generated responses, and related metadata may be processed to provide and secure those features.

3. How We Use Information

Boloware uses information to provide the service, authenticate users, maintain tenant isolation, process billing, support trials and subscriptions, send service emails, troubleshoot issues, prevent misuse, secure the platform, improve features, and comply with legal obligations.

4. Sub-processors

Boloware uses sub-processors to operate the service. Current launch dependencies are expected to include:

  • Stripe for subscription billing, invoices, checkout, and payment method handling.
  • Plaid where Stripe uses bank-account verification for ACH payments.
  • Postmark for transactional email.
  • Railway for application hosting and database infrastructure.
  • Cloudflare for DNS, security, and edge services.
  • R2-compatible object storage for uploaded files and generated exports.
  • AI model providers where a tenant enables AI-assisted features.

An up-to-date list of sub-processors is available on request by emailing help@boloware.com. Material additions or replacements of sub-processors are communicated to registered tenant admin contacts by email before they take effect, with a reasonable opportunity to object.

5. Cookies and Tracking

Boloware uses cookies and similar technologies that are necessary for authentication, session security, tenant routing, and application preferences. Boloware does not use the authenticated application for third-party advertising profiling at launch.

6. How We Share Information

Boloware does not sell personal information. We share information with service providers, sub-processors, professional advisors, integration providers authorized by the tenant, law enforcement or regulators when legally required, and other parties with the tenant's direction or consent.

7. Data Retention and Deletion

Boloware retains account, billing, security, and tenant data for as long as needed to provide the service, support the tenant, comply with legal obligations, resolve disputes, maintain audit records, and enforce agreements.

Upon cancellation or termination of a tenant subscription, the workspace enters a thirty (30) day read-only export window during which tenant data can be downloaded. After that window, Boloware permanently deletes tenant data from primary systems within thirty (30) days. Rolling backup retention completes within an additional thirty (30) days after primary deletion. Account, billing, security, audit, and dispute records may be retained for longer where required by law, regulation, or a pending legal hold.

8. CCPA/CPRA Rights

California residents may have rights under the CCPA/CPRA, including rights to know, access, correct, delete, and limit certain uses of personal information, subject to legal exceptions and the tenant-controlled nature of business data. Requests may be sent to help@boloware.com.

9. Geographic Scope and International Use

Boloware is offered to customers based in the United States at launch and is not actively marketed to data subjects in the European Union, the European Economic Area, or the United Kingdom. Tenants are responsible for confirming that their use of Boloware complies with the laws of their jurisdiction.

If a tenant or end user requires a data processing agreement, a specific transfer mechanism, or another international compliance accommodation, contact help@boloware.com to discuss available options.

10. Security

Boloware uses safeguards designed to protect information, including access controls, tenant separation, encrypted transport, operational logging, and restricted internal access. Tenants are responsible for using strong passwords, removing users who no longer need access, and managing permissions.

11. Children

Boloware is a business service and is not directed to children under 13. Boloware does not knowingly collect personal information from children.

12. Changes to This Policy

Boloware may update this Privacy Policy from time to time. Material updates may be posted in the service, sent by email, or require renewed acknowledgment.

Contact

Questions about these documents? Email help@boloware.com.

Back to sign in