This Privacy Policy explains how Boosta Pty Ltd (“we”, “us”, “our”) collects, uses, stores, and protects information in connection with the Boosta platform (“the Service”). We are committed to protecting your privacy in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Information We Collect

1.1 Information You Provide

Account information: When you register, we collect your name, email address, and password. If you subscribe to a paid plan, we collect billing information (processed securely via Stripe - we do not store your full credit card details).

Business profile: During onboarding, you provide information about your business including your company name, website URL, industry, target customer description, and ideal customer profile (ICP).

User content: This includes prospect lists, email drafts, notes, sequence configurations, and other content you create within the Service.

Communications: If you contact us for support, we collect the content of your messages and any information you choose to provide.

1.2 Information We Collect Automatically

Usage data: We collect information about how you use the Service, including pages visited, features used, search queries, and interaction patterns.

Device and technical data: Browser type, operating system, IP address, and device identifiers.

Cookies and similar technologies: We use essential cookies for authentication and session management, and analytics cookies to understand usage patterns. See Section 7 for details.

1.3 Business Data We Process

Publicly available business information: Boosta maintains a database of Australian business information sourced from publicly available records including business directories, public websites, and government registries. This data includes business names, addresses, categories, website URLs, contact information, and other publicly available details.

Enriched business data: We use automated systems (web crawlers) to collect additional publicly available information from business websites, including product descriptions, service offerings, technology indicators, and other content that businesses have made publicly accessible.

AI-generated intelligence: We use artificial intelligence to analyse and structure business data, generate prospect matching scores, and create intelligence summaries. This processing is performed on publicly available business information and your business profile data.

2. How We Use Your Information

2.1 Providing the Service

Creating and managing your account
Matching your business profile against our database of Australian businesses
Generating personalised outreach content
Processing search queries and delivering results
Managing your credit balance and billing
Sending transactional emails (account verification, password reset, billing receipts)

2.2 Improving the Service

Analysing usage patterns to improve features and performance
Training and refining our AI models to improve matching accuracy
Identifying and fixing bugs and technical issues
Measuring the effectiveness of the Service

2.3 Communication

Responding to your support requests
Sending product updates and feature announcements (you can opt out)
Notifying you of changes to our Terms or Privacy Policy

2.4 Security and Compliance

Detecting and preventing fraud, abuse, and security incidents
Enforcing our Terms of Service and Acceptable Use Policy
Complying with legal obligations

We do not sell your personal information. We share information only in the following limited circumstances:

3.1 Service Providers

We use third-party service providers to help operate the Service. These providers are contractually obligated to protect your data and use it only as directed by us. Key providers include:

Stripe - payment processing
OpenAI - AI model processing (business data analysis and content generation)
Sentry - error tracking and monitoring
Vercel / Linode - cloud infrastructure and hosting

3.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request. We will notify you of such requests where permitted.

3.3 Business Transfers

If Boosta is acquired, merged, or its assets are transferred, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

3.4 With Your Consent

We may share your information in other ways if you explicitly consent.

4. Data Security

We implement industry-standard security measures to protect your information:

All data is encrypted in transit using TLS 1.2+
Sensitive data is encrypted at rest
Authentication uses secure, hashed passwords
Session management uses encrypted tokens
Regular security audits and vulnerability assessments
Access controls limit employee access to user data

While we take reasonable steps to protect your information, no system is completely secure. We cannot guarantee absolute security.

5. Data Retention

Account data: Retained for the duration of your account, plus 90 days after account closure
Usage data: Retained for up to 24 months for analytics purposes, then aggregated or deleted
Business database: Continuously maintained and updated; individual records are retained as long as the business information remains publicly available
AI-generated content: Email drafts and generated content are retained while your account is active and for 90 days after account closure
Billing records: Retained for 7 years as required by Australian tax law

You can request deletion of your data at any time (see Section 6).

6. Your Rights

Under the Australian Privacy Principles, you have the right to:

6.1 Access

Request access to the personal information we hold about you. We will respond to access requests within 30 days.

6.2 Correction

Request correction of inaccurate or incomplete personal information. You can update most account information directly through your account settings.

6.3 Deletion

Request deletion of your personal information. We will delete your data within 30 days of a verified request, except where we are required by law to retain it.

6.4 Data Portability

Request an export of your data in a machine-readable format. You can export your prospect lists and generated content through the Service at any time.

6.5 Opt-Out

Opt out of marketing communications at any time by clicking “unsubscribe” in any marketing email or adjusting your notification settings.

6.6 Complaint

Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the Australian Privacy Principles. We encourage you to contact us first so we can attempt to resolve the issue.

To exercise any of these rights, contact us at privacy@boosta.so.

7. Cookies

7.1 Essential Cookies

Required for the Service to function. These handle authentication, session management, and security. You cannot opt out of essential cookies while using the Service.

7.2 Analytics Cookies

Help us understand how the Service is used. These are anonymized and do not track you across other websites. You can opt out of analytics cookies through your browser settings.

We do not use advertising or tracking cookies. We do not participate in cross-site tracking networks.

8. Web Crawling

Boosta uses automated web crawlers to collect publicly available business information from the internet. Our crawling practices:

We only collect information that businesses have made publicly available on their websites
We respect robots.txt directives
We identify our crawler via its user-agent string
We do not crawl password-protected or private pages
We do not collect personal information about individuals from crawled websites (we focus on business-level data such as products, services, and company descriptions)
Business owners can request removal of their data by contacting us at privacy@boosta.so

9. AI Processing

We use artificial intelligence (including large language models) to:

Analyse your business profile and generate your Ideal Customer Profile (ICP)
Match your ICP against our business database
Generate personalised email content suggestions
Summarise and structure business intelligence

Important points about our AI processing:

AI-generated content (including emails) is provided as suggestions only. You are responsible for reviewing and approving all content before sending.
Your business profile data may be processed by third-party AI providers (currently OpenAI) under strict data processing agreements.
We do not use your data to train third-party AI models. Our data processing agreements explicitly prohibit this.
AI matching scores and explanations are generated based on publicly available business information and your stated preferences.

10. International Data Transfers

Your data may be processed in countries outside Australia where our service providers operate (including the United States). Where data is transferred internationally, we ensure appropriate safeguards are in place through contractual obligations with our service providers.

11. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 30 days before they take effect. The “Effective date” at the top of this policy indicates when it was last updated.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Privacy inquiries: privacy@boosta.so
General inquiries: hello@boosta.so
Support: support@boosta.so

Office of the Australian Information Commissioner (OAIC)

Website: www.oaic.gov.au
Phone: 1300 363 992

Privacy Policy