The Operators of Boarderless.app ("we," "us," or "our") operate the Service. This Privacy Policy explains how we collect, use, and protect your information when you use our Service. We are committed to transparency and the Principle of Least Privilege.
Our Privacy Posture: User Agency First
Boarderless is built around user agency. We do not inspect your canvas, monitor your app traffic, retain your creative files on our servers, or employ content surveillance systems as a condition of using the app. Our safety boundaries are narrow and technical: we may reject formats or requests that can execute code, abuse our infrastructure, compromise Google Drive integration, or threaten the Service itself. These boundaries are designed to protect accounts and infrastructure without taking custody of your work or policing lawful expression.
1. Information We Collect & Legal Basis
- Free Canvas: You may use the Free tier without creating an account. Free boards stay in that browser's local storage; Boarderless does not create a server-side anonymous identity or upload board content for Free use.
- Google identity and payments: Google sign-in is requested only when you deliberately begin a Personal or Pro subscription. We receive your Google email, Google user ID, and profile name needed to create and manage that account; we never receive your Google password. Stripe processes payment information and provides us subscription-status metadata.
- Support: If you submit a support request, we send only the name, reply email, and message you enter to our Google Feedback Sheet. We do not automatically attach board content or diagnostic data.
- Payment Data: Subscription upgrades (Personal and Pro tiers) are processed securely by Stripe. We do not store or process your credit card numbers or billing details. Stripe provides us only with payment status metadata (e.g., subscription active, payment failed), which is used solely to determine your tier entitlements.
- Automatically Collected Connection Logs: Our hosting provider (Porkbun Secure Static Hosting) automatically logs standard network details, including your IP address, browser type, and timestamps, to serve the application files securely.
- Anonymous Diagnostics: We may capture anonymous client-side error stack traces and device details (e.g., OS version, WebGL capabilities) automatically upon application errors or crashes solely to troubleshoot performance issues and optimize canvas rendering. No personal information or canvas design content is ever transmitted.
2. Cookies & Tracking Technologies
Boarderless uses minimal tracking technologies to run the Service:
- Google Analytics: We use Google Tag Manager (gtag.js) on our landing, promotional, and documentation pages to collect anonymous, aggregated traffic statistics. No canvas content or private design data is analyzed.
- Google Ads: We use the Google Ads tracking tag (gtag.js) on our pages to measure the performance and conversion rate of our advertising campaigns.
- Local Storage & IndexedDB: We use local storage mechanisms (
localStorageandIndexedDB) to persist local canvas data (drawings, layouts, shapes), user interface preferences (e.g., theme settings, panel layouts), and active login session tokens. Ai provider API keys are not written to persistent local storage; they are held in tab-scoped session storage and cleared when that browser tab closes. We use standard third-party marketing cookies solely for tracking the performance of our Google Ads campaigns.
2A. Optional Ai Provider Connections
The Ai Partner can connect directly from your browser to Google Gemini, OpenAI, Anthropic Claude, Z.AI/GLM, a local model, or another OpenAI-compatible endpoint that you choose. This connection is optional and begins only when you select a provider, supply any required API key, and submit an Ai Partner request.
- What is sent: The instruction you submit, the current structural board snapshot needed to identify and modify Objects (including Object text, IDs, coordinates, dimensions, and styles), and the currently selected Object IDs are sent to the selected provider. Images are not included in these structural interpretation requests.
- Where it goes: Requests go directly from your browser to the endpoint shown or selected in the Ai Partner. Boarderless does not proxy, inspect, retain, or sell the request, response, or API key.
- Provider terms apply: The selected provider independently processes the request under its own privacy policy, retention settings, account terms, and billing rules. For custom endpoints, the endpoint operator controls those practices.
- Key handling: User-supplied keys are kept only for the current browser tab. Closing the tab clears them. The key is sent only to the chosen provider endpoint to authenticate the request.
3. Subscription Tiers
Free Canvas does not require an account. Personal and Pro subscriptions require a deliberate Google sign-in before Stripe Checkout. Pro users may separately choose to connect Google Drive.
- Free: No charge and no account required. One active local board, up to five archived local boards, eight canvas Objects, twenty session-only undo steps, PNG and
.bdrl.jsonexport. Canvas data is stored locally in your browser's IndexedDB. - Personal: Paid monthly or annual subscription via Stripe. Canvas data is stored locally in your browser's IndexedDB.
- Pro: Paid monthly or annual subscription via Stripe. Includes cloud synchronization directly to your own Google Drive (see §4). We do not host your canvas data.
Tier limits (object counts, undo history, board counts) are enforced client-side as a UX convenience and server-side for features that involve our infrastructure.
4. Google OAuth & Google Drive Scopes
Boarderless.app integrates with Google APIs for Pro-tier cloud synchronization and authentication. We follow the strict Principle of Least Privilege:
https://www.googleapis.com/auth/drive.file: To read, write, and access only the specific files created or opened by the Boarderless application.https://www.googleapis.com/auth/drive.appdata: To store app-specific configuration files in a secure, hidden application data folder.openid,https://www.googleapis.com/auth/userinfo.email, andhttps://www.googleapis.com/auth/userinfo.profile: To verify your identity and check subscription entitlement status.
- Your Data, Your Drive: Pro-tier synced board files live in your Google Drive, not on our servers.
- No Arbitrary Content Relay: Drive sync and export features are intended to write Boarderless-generated board/export files, not arbitrary executable content supplied by a device. We may block active document/image formats, malformed payloads, or requests that would put unsafe content into a user's Drive through Boarderless.
- Connection Severance: If you disconnect your Google Account or delete your Boarderless.app account, we will sever the OAuth connection. We will not modify or delete files previously synced to your Google Drive; you retain full control over those files in your Google account.
5. Data Storage, Localization, & Retention
- Local Data (Free & Personal): Your canvas layouts, shapes, images, and text are stored locally in your browser's IndexedDB and are not transmitted to our servers. If you explicitly use the optional Ai Partner, the limited structural board context described in §2A is transmitted directly to your selected provider.
- Cloud Data (Pro): Canvas data is synced to your own Google Drive space. We do not store board content on our servers.
- No Traffic Monitoring or Content Retention: We do not intercept, decrypt, or retain the contents of your app traffic for content review. Standard hosting logs and optional anonymous diagnostics are used for security, reliability, and performance only.
- Account Metadata Retention: Account metadata (your Google Email and Stripe subscription status) is stored securely. If you delete your account, we flag it for deletion and permanently purge it from our systems within thirty (30) days.
6. Security & Data Breach Notifications
While we store minimal personal data (restricted to account metadata such as Google Email and subscription status), we take security seriously. In the unlikely event of a security breach compromising this metadata, we will notify affected users via email within the timelines required by applicable law.
7. Children's Privacy
Our Service is not directed to children under 13, and we do not knowingly collect personal data from children under 13.
8. Your CCPA & GDPR Rights
Depending on your location, you may have the following rights:
- The Right to Know/Access: You can request a summary of the personal data we hold (which is limited to your Google Email and subscription status).
- The Right to Delete: You can delete your account and all associated metadata at any time.
- The Right to Opt-Out: We do not sell or share personal data to third parties for advertising purposes.
To exercise these rights, you may contact us through the contact form on our website.
9. Changes to this Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date at the top of this document.
10. Contact Information
If you have any questions about this Privacy Policy or your data, you may contact us through the contact form on our website.
*(Note: Legal structure updates will be published here upon LLC formation.)*
