Privacy Policy

This Privacy Policy describes how Boundix ("we," "us," or "our") collects, uses, and handles your personal information when you use our scope protection and payment tracking platform.

Information We Collect

Account Information

When you create a Boundix account, we collect:

• Email address - Used for account authentication, notifications, and communications
• Name and profile information - Used to personalize your experience and identify you in the platform
• Business details - Business name, address, and contact information for invoices and PDF agreements
• Authentication credentials - Encrypted passwords or OAuth tokens for secure login

Project and Client Data

When you use Boundix to manage your freelance projects, we collect:

• Client information - Names, email addresses, company names, and notes you add about clients
• Project details - Project titles, descriptions, scope items, revision limits, and milestone information
• Financial data - Project amounts, milestone payments, currency preferences (we do not store payment card details)
• Activity logs - Actions taken on projects for audit trail purposes

Portal Data

When clients access their project portal, we collect:

• Email addresses - For scope approval verification and comment identification
• Comments and feedback - Messages and revision requests submitted through the portal
• Approval records - Timestamps and email addresses of scope and change order approvals

Usage Information

We automatically collect:

• Device information - Browser type, operating system, and device identifiers
• Log data - IP addresses, access times, pages visited, and actions taken
• Cookies and similar technologies - For session management and analytics

How We Use Your Information

We use the collected information to:

Provide Core Services

• Create and manage your Boundix account
• Enable project creation, scope tracking, and milestone management
• Facilitate client portal access and approval workflows
• Generate PDF scope agreements
• Send email notifications about project activities

Improve Our Platform

• Analyze usage patterns to enhance features
• Debug issues and improve performance
• Develop new functionality based on user needs

Communicate With You

• Send transactional emails (scope approvals, payment reminders, change orders)
• Notify you of account and service updates
• Respond to support requests

Ensure Security

• Prevent fraud and unauthorized access
• Monitor for suspicious activity
• Enforce our Terms of Service

Comply With Legal Obligations

• Respond to legal requests
• Meet regulatory requirements
• Protect our legal rights

Data Storage and Security

Where We Store Your Data

Your data is stored on secure servers provided by:

• Neon Tech - PostgreSQL database for application data
• Vercel - Application hosting and edge functions

All data is stored in secure data centers with industry-standard physical and electronic security measures.

How We Protect Your Data

We implement comprehensive security measures including:

• Encryption - Data encrypted in transit (TLS/SSL) and at rest
• Access controls - Role-based access with authentication requirements
• Row Level Security - Database policies ensuring users only access their own data
• Regular audits - Security reviews and vulnerability assessments
• Secure development practices - Following OWASP guidelines and best practices

Data Sharing

We Do Not Sell Your Data

We will never sell your personal information to third parties.

Third-Party Services

We share data with trusted service providers who help us operate Boundix:

• Dodo Payments - Subscription billing and payment processing
• Resend - Transactional email delivery
• Vercel - Application hosting and analytics
• Google - OAuth authentication (if you choose to sign in with Google)

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

Client Portal Access

When you send a project to a client, they can access:

• Project scope and deliverables
• Payment milestones and due dates
• Change order requests
• Comment threads on scope items

Clients access this information via unique, secure portal links without creating accounts.

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.

Your Rights

Access and Portability

You can:

• View all your data through your Boundix dashboard
• Export your project data and activity logs (Pro feature)
• Request a complete copy of your personal data

Correction

You can update your:

• Profile information
• Business details
• Client information
• Project details

through your account settings and project pages.

Deletion

You can:

• Delete individual clients and projects
• Delete your entire account through Settings > Account > Delete Account

Account deletion permanently removes all your data, including projects, clients, scope items, milestones, and activity logs.

Objection and Restriction

You can:

• Opt out of marketing communications via notification preferences
• Disable specific notification types in Settings
• Request restriction of certain data processing

Data Portability

You can export your data in JSON or CSV format through the activity export feature (available to Pro users).

Cookies and Tracking

Essential Cookies

We use essential cookies for:

• Session management and authentication
• Security features (CSRF protection)
• User preferences (theme, sidebar state)

Analytics Cookies

With your consent, we may use analytics to understand how users interact with Boundix. You can opt out of analytics through your browser settings or our cookie preferences.

Third-Party Cookies

Our payment processor (Dodo Payments) may set cookies for fraud prevention and payment processing.

Data Retention

We retain your data for as long as your account is active. After account deletion:

• Most data is deleted immediately
• Backup copies are purged within 30 days
• Anonymized analytics data may be retained indefinitely

For legal and compliance purposes, we may retain certain records as required by law.

Children's Privacy

Boundix is not intended for users under 16 years of age. We do not knowingly collect data from children. If we learn we have collected data from a child, we will delete it promptly.

International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required.

Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

• Post the updated policy on this page
• Update the "Last Updated" date
• Notify you via email for significant changes

Continued use of Boundix after changes constitutes acceptance of the updated policy.

California Privacy Rights (CCPA)

California residents have additional rights:

• Right to Know - What personal information we collect and how we use it
• Right to Delete - Request deletion of your personal information
• Right to Opt-Out - Opt out of sale of personal information (we do not sell data)
• Right to Non-Discrimination - Equal service regardless of privacy choices

European Privacy Rights (GDPR)

EEA residents have additional rights under GDPR:

• Legal basis for processing - We process data based on contract performance, legitimate interests, and consent
• Data Protection Officer - Contact us for DPO inquiries
• Supervisory authority - You may lodge complaints with your local data protection authority

Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

Boundix 123 Freelancer Lane San Francisco, California 94102 United States

Email: support@freelanceguard.com Phone: +1 (555) 123-4567