Privacy Policy

Last updated:

BosOptimizations, Inc. ("BosOptimizations", "we", "us"), operating under the product brand BosOpt Automations, provides custom business-operations software, integrations, and consulting services to client organizations. This Privacy Policy explains what information we handle in the course of providing those services, why, and how it is protected.

Who this policy applies to

This policy applies to:

• Visitors to our public website at bosoptimization.com.
• Employees and authorized representatives of BosOptimizations client organizations who use software we operate on behalf of those clients.
• Anyone who contacts us by email or other channels listed on our website.

What we collect

Public-website visitors

The marketing site at bosoptimization.com does not set tracking cookies, does not use third-party analytics, and does not solicit personal information. Standard server access logs (IP address, user-agent, timestamps) are retained transiently by our hosting provider for security and abuse prevention.

Client-portal users

When you sign in to a BosOptimizations-operated portal on behalf of a client organization, we collect and process:

• Your Google Workspace email address, profile name, and profile picture (used to identify you as a logged-in user).
• OAuth tokens granting limited, scoped access to Google Workspace data (Sheets, Drive, Gmail send) on behalf of your organization. Tokens are stored server-side, encrypted at rest, and used only to perform the specific actions you initiate via the portal.
• Action logs recording which tools you ran, with what inputs, and the outcome — used for support, troubleshooting, and auditing on behalf of your client organization.

Email contacts

If you email us at info@bosoptimization.com or support@bosoptimization.com, we retain the message and your email address to reply and follow up.

How we use it

We use information solely to provide and operate the services contracted by your organization, to communicate with you about those services, and to comply with legal obligations. We do not sell, rent, or share personal information with third parties for marketing purposes.

Third-party platforms we operate within

BosOptimizations-built systems integrate with the following platforms only when the operating client organization has authorized the integration:

• Google Workspace (Sheets, Drive, Gmail) — via OAuth, scoped to actions you initiate.
• Intuit QuickBooks Online — via the Intuit Developer API, with the client organization's explicit authorization.
• Twilio — for SMS communication where the client has opted in. BosOptimizations' 10DLC registration with Twilio governs deliverability and consent handling.
• Other services as documented in each client's master configuration (e.g. HubSpot, Asana, Folk, Slack).

Compliance with platform requirements

Where we operate inside a third-party platform, we comply with that platform's developer requirements:

• Google API Services User Data Policy — we use Google user data only to deliver the features the user explicitly initiates, do not use it for advertising, do not transfer it except as necessary to provide our services, and do not allow humans to read it except where required for security, legal, or with the user's explicit consent.
• Intuit Developer Code of Conduct — QuickBooks data is used solely to perform the integrations for which the client has connected the QuickBooks account.
• Twilio Acceptable Use — SMS sent on behalf of a client is sent only to recipients who have provided prior express consent through that client's own intake or sign-up process.

Security

Production systems run on infrastructure operated by BosOptimizations and are isolated per client. Credentials, OAuth tokens, and API keys are stored in OS-level encrypted credential storage, never in source code. Access requires multi-factor authentication. Backups are encrypted asymmetrically and held off the production server.

Retention & deletion

Operational logs are retained for the duration of the client engagement plus a reasonable archival period for support and audit. Upon written request from an authorized representative of a client organization, we will delete or return that organization's data within 30 days, subject to any legal retention obligations.

Your rights

If you are an end user of a BosOptimizations-operated portal acting on behalf of a client organization, requests to access, correct, or delete information should be directed to your own organization's administrator in the first instance — they are the data controller. If you believe we are mishandling your information, you may contact us directly at info@bosoptimization.com.

Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated to existing client organizations.

Contact

BosOptimizations, Inc.
Boston, Massachusetts, USA
info@bosoptimization.com

← Back to home