Privacy Policy

1. What We Collect

When you use BOADERLESS, we collect:

• Account information: name, email address, password (hashed)
• Profile data: nationality, travel plans, visa type, timeline
• Documents: passport scans, transcripts, bank statements, and other supporting files you upload
• AI conversation history from the intake chat
• Application data: form fields, submission status, reference numbers

2. How We Use Your Data

We use your information solely to:

• Power the AI-driven visa application process
• Extract data from your documents (OCR)
• Prepare and track your application
• Send transactional emails (submission confirmations, status updates)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Data Storage & Security

Your data is stored on Supabase (PostgreSQL), hosted on AWS infrastructure with encryption at rest and in transit. Documents are stored in Supabase Storage with access restricted to your account via Row Level Security policies.

AI processing is performed via the Google Gemini API. Document contents may be sent to Google for analysis. By using BOADERLESS, you consent to this processing.

4. Data Retention

We retain your account data for as long as your account is active. You may request deletion of your account and all associated data at any time by emailing privacy@boaderless.com. Deletion will be completed within 30 days.

5. Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data
• Export your data in a machine-readable format

To exercise these rights, contact us at privacy@boaderless.com.

6. Cookies

BOADERLESS uses cookies solely to manage authentication sessions. We do not use tracking or advertising cookies.

7. Contact

Questions about this policy? Contact us at privacy@boaderless.com.