Skip to main content
Skip to main content

Security

Your data, protected.

Boosta is built with security-first principles. Your sales intelligence and business data are encrypted, access-controlled, and hosted in Australia.

Data hosting and encryption

  • All data hosted in Australia on secure, managed infrastructure
  • Encryption at rest using AES-256
  • Encryption in transit using TLS 1.2+ for all connections
  • Database backups encrypted and retained with point-in-time recovery

Authentication

  • Passwords hashed with bcrypt (cost factor 12)
  • Secure session management with signed, HttpOnly cookies
  • Email verification required for all accounts
  • Session tokens rotated on privilege changes

Access control

  • Role-based access: Owner, Admin, and Member roles
  • API key scoping with per-key permissions
  • Team-level data isolation - users only see their own data
  • Admin actions are audited

Web crawling practices

  • Only publicly available business information is collected
  • robots.txt directives are respected
  • Crawl rate limits prevent excessive load on target sites
  • No personal data is scraped - only business-level information

AI data handling

  • AI queries are stateless - no training on your data
  • Only the minimum context needed is sent to AI providers
  • Our AI providers do not retain your data for training
  • All AI interactions are logged for auditability

Infrastructure

  • Enterprise-grade infrastructure with automated health checks
  • Isolated processing for background jobs
  • Continuous monitoring with Sentry error tracking
  • Automated deployments with rollback capability

Compliance

  • Compliant with Australian Privacy Principles (APPs)
  • Registered with the OAIC (Office of the Australian Information Commissioner)
  • Privacy policy and terms of service publicly available
  • Data processing aligned with the Privacy Act 1988

Data retention and deletion

  • You can delete your account and all associated data at any time
  • Business intelligence data is refreshed regularly to stay current
  • Inactive accounts are notified before any data cleanup
  • Data deletion requests are processed within 30 days

Security concern?

If you discover a security vulnerability or have concerns about data handling, please contact us immediately. We take all reports seriously and respond within 24 hours.

Report a security concern

From signup to your first ten matches: 15 minutes.

No credit card. No sales call. No CSV upload. Describe your ideal customer in one sentence - we do the rest.

Get Boosta freeSee Pricing

Last updated: