Privacy Policy

Last updated: August 25, 2025

1. Introduction

This Privacy Policy (“Policy”) describes how SaaS Experts, Inc. (“we,” “us,” “our”), the owner and operator of the BoastPost brand, collects, uses, and safeguards the personal information you (“you” or “your”) provide when using our AI-powered content repurposing platform or related services (collectively, the “Platform”).

By using or accessing any BoastPost services, you agree to the practices described in this Policy. If you do not agree, please discontinue use of our Platform and refrain from providing any personal information.

This Privacy Policy has been drafted to comply with various privacy regulations including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and other applicable laws.

2. Who We Are

Company Name: SaaS Experts, Inc.

Brand: BoastPost (at https://boastpost.com)

Primary Purpose: We operate a Software-as-a-Service (SaaS) application that helps organizations use AI to repurpose existing content (for example: articles, web pages, newsletters, videos, and internal content) into social posts and other short-form marketing assets. The Platform lets teams import source content, generate variations, collaborate on edits/approvals, and export or publish drafts (where integrations are enabled).

Data Controller: For the purposes of the GDPR, SaaS Experts, Inc. is the data controller for personal information collected through our Platform.

Data Protection Representative: For individuals in the EU/EEA, our designated EU representative can be contacted at: privacy+eu-representative@boastpost.com

3. Categories of Data Subjects

This Privacy Policy applies to the following categories of individuals:

• Software-as-a-Service (SaaS) Application Users: Individuals who create accounts and use our AI content repurposing tools.
• Website Visitors: Individuals who visit boastpost.com or its subdomains.
• Support Recipients: Individuals who contact us for technical support or assistance.

4. Information We Collect

4.1 Account & Subscription Details

• Contact Information: When you create an account or subscribe to our services, we collect your name, email address, billing address, company information, and other details needed to manage your account and subscription.
• Payment Information: Payments are processed by third-party providers (e.g., Stripe, PayPal). We do not store complete credit card details on our servers.
• User Roles & Permissions: We collect information about user roles (for example, administrator and team member) and workspace access permissions.

4.2 SaaS Application Data

• Workspace & Account Settings: Workspace names, team settings, roles/permissions, brand or writing guidelines you provide (e.g., voice/tone notes), templates, preferences, and configuration data.
• Source Content: Content you submit to the Platform for repurposing, such as URLs, pasted text, uploaded documents, transcripts, and related metadata. You may also upload media assets (e.g., images) to use in outputs.
• Generated Outputs: Draft social posts and other generated content (including variations), along with metadata such as format type, timestamps, and generation settings.
• Edit, Review & Approval Data: Edits, comments, review notes, approvals, assignments, and workflow/status information associated with drafts and campaigns.
• Publishing/Export Data (if enabled): Information needed to export, schedule, or publish content through connected third-party services (for example, connected account identifiers, publishing logs/status). We do not store your third-party passwords; integrations typically use tokens provided by the third party.
• Usage Analytics: Platform usage patterns, feature utilization, and performance optimization data.

4.3 Website & Platform Analytics

• Technical Information: IP addresses, browser types, device information, operating systems, and pages visited across our platform.
• Cookies & Tracking: We use cookies and similar technologies to improve user experience, analyze usage patterns, and provide personalized content. You can control cookie preferences through your browser settings.

4.4 Support & Communications

• Help Desk Communications: When you contact support, you may provide information such as account details, screenshots, error logs, or technical configurations.
• Marketing Communications: With appropriate consent, we collect email addresses and preferences for newsletters, product updates, and promotional content. You can unsubscribe at any time.

4.5 AI Processing Data

• Prompts & Instructions: Inputs you provide to generate or revise content (for example, goals, audience, tone/voice notes, platform selection, and formatting constraints).
• Model Inputs & Outputs: Portions of your source content and related context that are processed to produce generated drafts and variations, along with the resulting outputs.
• Safety & Quality Signals: Basic metadata used to prevent abuse and improve reliability (for example, rate limits, error logs, and content policy enforcement events).

4.6 Categories of Personal Information (for California Privacy Rights)

In accordance with the CCPA/CPRA, we collect the following categories of personal information:

• Identifiers: Names, email addresses, IP addresses, domain names, business identifiers.
• Commercial Information: Services purchased, subscription details, transaction history.
• Internet Activity: Browser information, website interaction data, search queries, platform usage.
• Geolocation Data: General location data based on IP address or business location.
• Professional Information: Company name, job title, business services, industry specialization.
• Inferences: Derived data about preferences, behaviors, or business characteristics based on platform usage.

5. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data on the following legal bases:

• Performance of Contract: Processing necessary to fulfill our contractual obligations, including providing SaaS services and delivering customer support.
• Legitimate Interests: Processing that serves our legitimate business interests, such as improving our Platform, ensuring security, preventing fraud, analyzing usage patterns, and marketing to existing customers, where these interests are not overridden by your rights and freedoms.
• Consent: Processing based on your specific, informed, and unambiguous consent, such as for marketing communications, certain cookies, or optional data sharing features. You have the right to withdraw consent at any time.
• Legal Obligation: Processing necessary to comply with applicable laws, regulations, tax requirements, or legal proceedings.

We only collect and process the minimum amount of data necessary for the stated purposes.

6. How We Use Your Information

Platform Operation & Service Delivery

We use your information to provide, maintain, and improve our SaaS application services. This includes account management, subscription processing, feature delivery, and platform performance optimization.

Content Repurposing, Generation & Collaboration

We process your source content, instructions, and settings to generate drafts and variations of social posts and other marketing assets. This may include running content through AI systems to produce outputs and to support editing, revisions, and approvals. Where third-party AI processing providers are used, we share only what is reasonably necessary to provide the requested functionality.

Customer Service & Support

Support communications and technical information help us troubleshoot issues, improve our Platform, and provide assistance.

Communication & Marketing

We send service-related communications including account updates, security notices, and platform changes. Marketing communications are sent only with appropriate consent and include opt-out mechanisms.

Platform Improvement & Analytics

We analyze aggregated and anonymized usage data to improve platform functionality, develop new features, and optimize user experience. This helps us enhance our collaboration tools and maintain service quality.

Legal Compliance & Safety

We may process your information to comply with legal obligations, respond to legal claims, prevent fraud, or protect the rights and safety of users and the public.

7. How We Share Your Information

Service Providers & Partners

We share limited personal information with third parties who perform services on our behalf (payment processors, hosting providers, email services, analytics tools). These providers are contractually required to protect your data and use it only for specified services.

Third-Party Integrations

With your authorization, we may share data with integrated services such as payment processors or analytics tools. You maintain control over these integrations and can revoke access at any time.

Legal Requirements & Safety

We may disclose your information if required by law or if we believe it is necessary to comply with legal obligations, enforce our terms, protect rights and property, or ensure user and public safety.

Business Transfers

If SaaS Experts, Inc. is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, with continued protection under this Policy or notification of changes.

No Sale of Personal Information

We do not sell your personal information to third parties for monetary or other valuable consideration as defined under the CCPA/CPRA. We do not share your personal information with third parties for cross-context behavioral advertising purposes.

8. Data Retention & Security

Data Retention Periods

• Account Information: Retained for the duration of your account plus 2 years for business records.
• SaaS Application Data: Projects, content items, annotations, comments, tasks, and collaboration data retained according to user settings and subscription terms, typically for the duration of active accounts plus historical access as needed.
• Transaction Data: Financial records retained for 7 years to comply with tax and accounting requirements.
• Support Communications: Retained for 2 years from resolution for service improvement.
• Marketing Preferences: Retained until you unsubscribe or withdraw consent.

Security Measures

We implement comprehensive safeguards including encryption of data in transit and at rest, access controls, regular security assessments, staff training, and incident response procedures. Our security measures are designed to protect against unauthorized access, alteration, disclosure, or destruction of your personal information. However, no method of transmission over the internet or electronic storage is completely secure.

Data Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users and relevant supervisory authorities as required by applicable law, including GDPR requirements.

9. Your Rights & Choices

9.1 European Privacy Rights (GDPR)

If you are located in the European Economic Area, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the personal data we hold about you, including your account information, project data, and collaboration records.
• Right to Rectification: You can request that we correct inaccurate or incomplete information in your account or other records.
• Right to Erasure: You can request that we delete your personal data (subject to certain exceptions for legal or business obligations).
• Right to Restriction of Processing: You can request that we restrict the processing of your data under certain circumstances.
• Right to Data Portability: You can request to receive your data in a structured, commonly used, and machine-readable format.
• Right to Object: You can object to our processing of your personal data based on legitimate interests or for direct marketing.
• Right Against Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing that produce legal effects.
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw that consent at any time.

To exercise these rights, please contact us using the details provided in the “Contact Us” section. We will respond to your request within 30 days.

9.2 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You can request information about the personal information we have collected, used, disclosed, and sold.
• Right to Delete: You can request the deletion of your personal information (subject to certain exceptions for legal obligations).
• Right to Opt-Out of Sale/Sharing: You can opt out of the sale of your personal information and the sharing of your personal information for cross-context behavioral advertising.
• Right to Correct: You can request that we correct inaccurate personal information.
• Right to Limit Use of Sensitive Personal Information: You can limit the use and disclosure of sensitive personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.

To exercise these rights, you can:

• Submit a request via email to privacy@boastpost.com
• Use the “Do Not Sell My Personal Information” link in the footer of our website

We will verify your identity before responding to your request. You may designate an authorized agent to make requests on your behalf.

9.3 Platform-Specific Rights & Choices

SaaS Application Users

• Account Management: You can update, modify, or delete your account information at any time through your account settings.
• Workspace & Content Control: You can export, modify, or delete workspace content and data, including source content you’ve submitted, generated drafts, templates/settings, and review/approval history (subject to your plan and legal retention requirements).
• Draft & Asset Management: You can create, edit, regenerate, export, or delete drafts and associated assets.
• Collaboration Control: You can invite or remove team members, manage access levels, and control sharing settings for workspaces, drafts, and campaigns.

All Users – General Rights

• Access & Correction: You can request to view, update, or correct your personal information by contacting us at privacy@boastpost.com.
• Data Deletion & Portability: You can request the deletion or portability of your personal data where applicable by law. We will honor requests as required but may retain certain data for legal or business obligations.
• Marketing Opt-Out: If you receive marketing emails from us, you can unsubscribe anytime by clicking the link in the email or contacting us directly.
• Cookie Control: Most web browsers allow you to control cookies through their settings. We provide a cookie consent banner on our website that allows you to select which categories of cookies you wish to accept. Disabling cookies may affect certain functionalities.

10. International Data Transfers

The personal information we collect may be transferred to and stored in countries outside of your jurisdiction, including the United States, where our servers are located. These countries may have different data protection laws than your country of residence.

For transfers from the European Economic Area (EEA) to countries not deemed to provide an adequate level of data protection, we implement appropriate safeguards such as:

• Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses in our agreements with service providers and partners.
• Data Processing Agreements: We enter into data processing agreements with all third-party service providers that access personal data of European Union (EU) residents.
• Adequacy Decisions: Where available, we rely on European Commission adequacy decisions for certain countries.

You can request a copy of these safeguards by contacting us using the details in the “Contact Us” section.

11. Third-Party Links & Integrations

BoastPost services may contain links to third-party sites or services. We are not responsible for their content or privacy practices. We encourage you to review the privacy policies of any third-party services you use.

When our Platform integrates with third-party services (such as payment processors or analytics tools), those services may collect data according to their own privacy policies. We recommend reviewing those policies before connecting such services.

Specific third-party integrations may include:

• Payment processors for subscription fees
• Analytics tools for platform improvement

12. AI Processing & Automated Content Generation

BoastPost uses AI to help you transform source content into social posts and other marketing assets. This section explains what data is involved when you use AI features.

Source Content You Submit

When you paste text, upload a document, or provide a URL for repurposing, we process that content to generate drafts and variations. If you provide a URL, we may fetch and process the content at that URL to perform the repurposing request.

Prompts & Instructions

We process the instructions you provide (for example: platform targets, audience, tone/voice notes, formatting constraints, and any edits you request) to generate or revise outputs.

AI Processing Providers

To deliver AI features, we may use third-party AI processing providers. When we do, we share only the portions of your source content and instructions that are reasonably necessary to produce the requested output, along with limited technical metadata (for example, request identifiers and error logs). Providers are contractually restricted to use the data only to provide the services to us.

Data Transmission

Content and instructions are transmitted to our servers when you submit them. When third-party AI processing is used, relevant inputs are transmitted to that provider only for the duration and purpose of completing the generation or revision request.

Data Storage

We store your submitted source content and generated outputs in your workspace so you can edit, export, and manage them. You can delete source content and outputs within the Platform (subject to retention described in Section 8 and any legal obligations).

Training & Improvement

We do not use your private workspace content to publicly publish examples. Whether third-party AI providers may use data to improve their models depends on the provider and configuration. Where available, we use settings and contractual terms intended to prevent providers from using your content for training outside of providing the service to us.

Safety Controls

We may process limited data to prevent abuse, enforce content policies, and maintain platform security (for example, rate limiting, fraud detection, and monitoring for prohibited use).

13. Children’s Privacy

Our Platform is intended for business and professional use and is not designed for children under the age of 16. We do not knowingly collect information from anyone under 16. If you believe we have inadvertently collected such data, please contact us immediately so we can remove it.

14. Cookie Policy

Our website uses cookies and similar technologies to enhance user experience. We categorize cookies as follows:

• Strictly Necessary Cookies: Essential for website functionality, account access, and platform security. These cannot be disabled.
• Performance/Analytics Cookies: Help us understand how visitors interact with our website and platform features.
• Functional Cookies: Enable enhanced functionality, personalization, and remember your preferences.
• Targeting/Advertising Cookies: Used to deliver relevant advertisements and marketing content.

You can manage your cookie preferences through our cookie banner or your browser settings.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or business practices. When we do, we will post the updated version at https://boastpost.com/privacy and note the effective date.

If changes are significant, we will:

• Notify you by email (if we have your email address)
• Display a prominent notice on our website
• In some cases, obtain your consent again if required by law

Your continued use of BoastPost services after any revisions become effective indicates your acceptance of the updated Policy.

16. Data Protection Contact

For questions related to data protection and privacy compliance, including General Data Protection Regulation (GDPR) inquiries, please contact us at:

Email: privacy@boastpost.com
Subject Line: “Data Protection Inquiry”

17. Contact Us

If you have questions or concerns regarding this Privacy Policy or our data practices, please reach out:

Email: privacy@boastpost.com
General Inquiries: support@boastpost.com
Postal Address: SaaS Experts, Inc., 136 Arthurs Rd, Troutman NC USA
For EU/EEA Inquiries: privacy+eu-representative@boastpost.com
For California Privacy Requests: privacy+california-privacy@boastpost.com

You also have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.