Privacy Policy for Boglr

Last Updated: November 16, 2024

1. Introduction

boglr ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our subscription management application.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and password
  • Authentication Data: OAuth tokens when using social sign-in (Google, Apple)

2.2 Financial Information via Plaid

We use Plaid Technologies, Inc. ("Plaid") to connect your bank accounts. When you link your bank account:

  • Plaid collects your banking credentials and transaction data
  • We receive transaction data, account balances, and account metadata from Plaid
  • We do NOT store your bank login credentials
  • For more information, see Plaid's Privacy Policy at https://plaid.com/legal/

2.3 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on the application
  • Device Information: Browser type, operating system, IP address
  • Cookies: Session cookies for authentication and functionality

3. How We Use Your Information

We use your information to:

  • Provide subscription tracking and management services
  • Detect and analyze recurring subscription payments
  • Send notifications about upcoming payments and subscription changes
  • Improve our service and develop new features
  • Communicate with you about your account
  • Comply with legal obligations

4. Data Sharing and Disclosure

4.1 We DO NOT Sell Your Data

We do not sell, rent, or trade your personal or financial information to third parties. We share data only with the service providers listed below, who process it on our behalf under protections equivalent to this policy, and only to deliver Boglr's features to you.

4.2 Service Providers

We share information with trusted service providers:

  • Plaid: For secure bank account connectivity
  • AWS: For hosting and infrastructure (encrypted storage)
  • Better Auth: For authentication services
  • Google LLC (Gemini API): For optional AI features, only with your explicit permission — see Section 4.4

4.4 AI Features and Third-Party AI Processing (Google Gemini)

Boglr's optional AI features ("Ask Boglr" chat, talk mode, and AI insights) are powered by Google LLC's Gemini API. These features are OFF until you explicitly enable them in the app, and you can turn them off at any time in Settings.

What is sent to Google when you use AI features:

  • The questions you type, and — in talk mode — your voice audio, which streams to Google for speech processing
  • Summaries of your financial data needed to answer your question: transactions (date, merchant, amount, category, account nickname and last-4 digits), account balances, recurring payments and subscriptions, budget status, and net worth summaries
  • We never send your name, email, login credentials, full account numbers, or internal user identifiers

Why: solely to generate your AI answers and insights. Never for advertising, profiling, or sale.

Google's obligations: Boglr uses Google's paid Gemini API. Under Google's Gemini API Additional Terms, Google acts as a data processor, does not use your prompts or responses to train its models, and retains inputs and outputs for up to 55 days solely to detect abuse and meet legal requirements. Google provides protections for this data that are the same as or equal to those described in this policy. See Google's terms: https://ai.google.dev/gemini-api/terms

Your control: no data is shared with Google until you tap "Enable AI features" in the consent screen shown before first use. You can revoke this permission at any time in Settings, which immediately stops all AI data sharing. All other Boglr features work without AI enabled.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request.

5. Data Security

We implement industry-standard security measures:

  • Encryption in Transit: All data transmitted using TLS 1.2 or higher
  • Encryption at Rest: Database encryption via AWS DynamoDB
  • Session Security: Better Auth sessions with signed cookies and JWT-protected API access
  • Access Controls: Role-based access with JWT tokens
  • Secure Authentication: OAuth with Google and Apple via Better Auth
  • Infrastructure Security: AWS managed services with automatic security patches

6. Data Retention and Deletion

6.1 Retention Period

  • Active Accounts: We retain your data while your account is active
  • Transaction History: Retained for subscription tracking purposes
  • Deleted Accounts: Data is deleted within 30 days of account deletion

6.2 Your Right to Delete

You can request deletion of your account and all associated data at any time through your account settings or by contacting us.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Data Portability: Request a copy of your data in a portable format
  • Opt-Out: Unsubscribe from marketing communications

To exercise these rights, contact us at admin@boglr.com.

8. Children's Privacy

boglr is not intended for users under 18. We do not knowingly collect information from children under 18. If you believe a child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and stored on servers located in the United States. By using boglr, you consent to such transfers.

10. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising privacy rights

11. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Authentication and session management (required)
  • Analytics: Understanding how users interact with our service (optional)

You can control cookies through your browser settings, but disabling essential cookies may limit functionality.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting the updated policy with a new "Last Updated" date
  • Sending an email notification (for significant changes)

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices:

Email: admin@boglr.com Website: https://boglr.com

14. Data Protection Officer

For privacy-related inquiries or to exercise your rights, contact our Data Protection Officer at admin@boglr.com.

← Back to Home