← Back to Home

Privacy Policy

Last updated: February 2025

1. Introduction

This Privacy Policy explains how BOS ("we", "us", or "our"), operated by Azuri Ventures, a British Virgin Islands company, collects, uses, shares, and protects your personal information when you use our services. Azuri Ventures is the data controller responsible for your personal information.

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

Information You Provide

  • Account Information: Name, email address, and password when you create an account
  • Profile Information: Avatar image and notification preferences
  • Brand Data: Brand names, taglines, mission statements, values, colors, fonts, target audiences, and other brand-related information you create
  • Product Information: Product names, descriptions, prices, images, specifications, and related data
  • Social Media Connections: When you connect social accounts (Instagram, Facebook), we receive account identifiers, page access tokens, and basic profile information
  • Payment Information: Processed securely by Stripe; we store only your Stripe customer ID, not your payment card details
  • Communications: Information you provide when contacting support or providing feedback

Information Collected Automatically

  • Usage Data: Features used, content generated, actions taken within the Service
  • Credit Transactions: Records of credit consumption and purchases
  • Log Data: IP address, browser type, pages visited, time and date of visits, time spent on pages
  • Device Information: Device type, operating system, unique device identifiers

Information from Third Parties

  • OAuth Providers: When you sign in with Google or Meta, we receive your name, email, and profile picture
  • Referral Information: If you join via a referral, we record the referral relationship

3. How We Use Your Information

We use collected information to:

  • Provide the Service: Create and manage your account, process transactions, deliver AI-generated content
  • Improve the Service: Analyze usage patterns, diagnose technical issues, develop new features
  • Communicate: Send transactional emails, service updates, and marketing communications (with your consent)
  • Personalize: Tailor content and recommendations based on your usage
  • Ensure Security: Detect fraud, prevent abuse, and enforce our Terms of Service
  • Legal Compliance: Comply with applicable laws and respond to legal requests

4. AI Processing and Your Data

Our Service uses artificial intelligence to generate marketing content. When you use AI features:

  • Your brand data, product information, and prompts are sent to AI providers to generate content
  • AI providers include Google (Gemini) and other services for specialized tasks (image generation, video generation)
  • We do not use your data to train AI models; AI providers process your data according to their API terms
  • Generated content is stored in our systems for your access and may be cached for performance
  • AI chat conversations (Copilot) are processed in real-time and may be logged for service improvement

5. Information Sharing

We do not sell your personal information. We share information only in these circumstances:

Service Providers

We share data with third-party providers and affiliated entities who help operate our Service:

  • Cloud infrastructure and hosting providers
  • Payment processors
  • AI service providers
  • Email delivery services
  • Social media platforms (when you connect accounts)
  • Analytics and error monitoring services

Other Circumstances

  • Legal Requirements: When required by law, court order, or government request
  • Protection of Rights: To protect our rights, privacy, safety, or property, or that of our users or the public
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users
  • With Consent: When you explicitly consent to sharing

6. Data Retention

We retain your data according to the following policies:

  • Account Data: Retained while your account is active. You can request deletion at any time.
  • Brand Data: When you delete a brand, it is soft-deleted and retained for 30 days for recovery. After 30 days, detailed brand data (products, proposals, competitors, generated content) is permanently deleted. Brand names are retained for billing traceability.
  • Generated Content: Stored as long as the associated brand exists. Deleted when the brand is permanently deleted.
  • Usage and Billing Records: Retained for accounting, compliance, and dispute resolution purposes, typically for 7 years.
  • Log Data: Retained for up to 90 days for security and debugging purposes.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Secure password hashing using industry-standard algorithms
  • Encryption of OAuth tokens and sensitive credentials
  • Access controls and authentication for internal systems
  • Regular security assessments and monitoring

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own, including the United States where our service providers operate. These countries may have different data protection laws. By using our Service, you consent to such transfers. We ensure appropriate safeguards are in place through contractual obligations with our service providers.

9. Cookies and Tracking Technologies

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, understand how you use the site, and improve your experience.

How We Use Cookies

Essential Cookies (Required)

These cookies are necessary for the Service to function and cannot be disabled:

  • Authentication: Keep you signed in and secure your session
  • Security: Protect against cross-site request forgery and other threats
  • Load Balancing: Distribute traffic across servers for reliability
  • User Preferences: Remember settings like theme (dark/light mode)

Functional Cookies

These cookies enhance your experience by remembering your choices:

  • Language: Remember your preferred language
  • Interface: Remember UI preferences (sidebar state, view modes)
  • Recent Activity: Remember recently viewed brands or content

Analytics Cookies

These cookies help us understand how you use the Service:

  • Usage Patterns: Which features are used most frequently
  • Performance: Page load times and error rates
  • Navigation: How users move through the application

We use this information in aggregate to improve the Service. We do not use third-party analytics services that track you across websites.

Cookies We Use

| Cookie Name | Purpose | Duration | Type | |-------------|---------|----------|------| | access_token | Authentication | Session | Essential | | refresh_token | Session renewal | 30 days | Essential | | theme | Dark/light mode preference | 1 year | Functional | | _csrf | Security token | Session | Essential |

Third-Party Cookies

Some third-party services integrated into BOS may set their own cookies:

  • Stripe: Payment processing. See Stripe's Cookie Policy (https://stripe.com/cookies-policy/legal)
  • Google: OAuth authentication. See Google's Cookie Policy (https://policies.google.com/technologies/cookies)

We do not control third-party cookies. Please review their policies for more information.

Local Storage

In addition to cookies, we use browser local storage for caching application state for faster loading, storing draft content before submission, and remembering UI preferences. Local storage data remains on your device until cleared and is not transmitted to our servers.

Managing Cookies

You can control cookies through your browser settings. Common options include:

  • Block all cookies: Note that this will prevent the Service from functioning
  • Block third-party cookies: Allows essential functionality while limiting tracking
  • Delete cookies: Remove existing cookies (you will be signed out)
  • Private/Incognito mode: Cookies are deleted when you close the browser

Do Not Track

Some browsers include a "Do Not Track" (DNT) feature. We currently do not respond to DNT signals because there is no industry standard for how to interpret them. However, we do not use third-party tracking services that follow you across websites.

10. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing of your data for certain purposes
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise these rights, contact us at support@azuriventures.com. We will respond within 30 days.

Account Controls

You can update your account information, manage notification preferences, and delete brands through your account Settings.

11. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by businesses
  • Right to opt-out of sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising CCPA rights

To make a CCPA request, contact support@azuriventures.com with "CCPA Request" in the subject line.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • All rights listed in Section 10 above
  • Right to lodge a complaint with your local data protection authority
  • Right to information about international data transfers

Our legal bases for processing your data include: performance of our contract with you, your consent, our legitimate interests (improving the Service, security), and compliance with legal obligations.

13. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete such information.

14. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

16. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users and relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach.

17. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: support@azuriventures.com Subject Line: Privacy Inquiry

We will respond to your inquiry within 30 days.

v2.6.0