Privacy Policy

Last Updated: February 12, 2025

1. Introduction

This Privacy Policy explains how Bored Service Desk LLC ("Bored Service Desk," "we," "our," or "us") processes your personal information in connection with your use of our website (boredservicedesk.com), application (app.boredservicedesk.com), and all related services (collectively, the "Services").

To the extent that the European General Data Protection Regulation ("GDPR") or the United Kingdom General Data Protection Regulation ("UK GDPR") apply to personal data that we process, we act as a "data controller." To the extent that the California Consumer Privacy Act ("CCPA") applies, we act as a "business."

2. Data Collection and Use

2.1 Categories of Personal Data

When you use our Services, we collect the following types of personal data:

Identity Data

  • First and last name
  • User credentials
  • Company role and title

Contact Data

  • Email address
  • Phone number
  • Business address

Account Data

  • Company name and details
  • Department information
  • User preferences and settings

Service Data

  • Service requests and tickets
  • Chat messages and communications
  • File uploads and attachments
  • Support interaction history

Payment Data

  • Payment instrument information
  • Billing address
  • Transaction history
  • Subscription details

Usage Data

  • Access logs and timestamps
  • Feature usage patterns
  • Platform interaction metrics
  • Performance analytics

Technical Data

  • IP addresses
  • Browser type and version
  • Device information
  • Operating system details
  • Connection information

AI Interaction Data

  • Service request queries
  • AI model responses
  • Feedback on AI interactions
  • Tool usage patterns

2.2 Aggregated Data

We collect, use and share aggregated data such as statistical or demographic data for any purpose. While this data may be derived from your personal data, it does not directly or indirectly reveal your identity and is not considered personal data.

3. Data Collection Methods

We collect data through:

3.1 Direct Interactions

  • Account registration
  • Service request submissions
  • Communications with support
  • File uploads
  • Profile updates

3.2 Automated Technologies

  • Cookies and similar technologies
  • Usage tracking
  • Error logging
  • Analytics tools

3.3 Third Parties

  • Authentication providers (Clerk)
  • Payment processors (Stripe)
  • AI service providers
  • Integration partners

4. Use of Your Data

4.1 Primary Purposes

We use your data for:

  • Providing the Services
  • Processing service requests
  • Managing user accounts
  • Facilitating communications
  • Processing payments
  • Providing support

4.2 Additional Uses

  • Service improvement
  • Performance monitoring
  • Security and fraud prevention
  • Analytics and research
  • Marketing (with consent)

4.3 Legal Bases for Processing

We process personal data based on:

  • Contract performance
  • Legal obligations
  • Legitimate interests
  • Consent (where applicable)

5. Data Sharing

5.1 Service Providers

We share data with trusted service providers who assist us in:

  • Cloud infrastructure and hosting (including Cloudflare, Azure)
  • Identity and authentication (including Clerk)
  • Payment processing (including Stripe)
  • AI and machine learning services (including Helicone, Langsmith, Pinecone)
  • Real-time communications (including Pusher)
  • Search and analytics
  • Monitoring and error tracking

All service providers must:

  • Use your data only as necessary to provide their services
  • Maintain confidentiality and security of your data
  • Comply with applicable data protection laws

A complete list of our third-party service providers and their privacy policies is available upon request by contacting support@boredservicedesk.com. We regularly review and update this list as our service providers change.

5.2 Legal Requirements

We may disclose data:

  • To comply with laws
  • To respond to legal requests
  • To protect our rights
  • To prevent fraud

6. Data Security

We implement appropriate security measures including:

  • Encryption at rest and in transit
  • Access controls
  • Security monitoring
  • Regular security assessments
  • Incident response procedures

7. Data Retention

7.1 Retention Periods

Basic/Pro Tiers:

  • Active account data: While account is active
  • Service requests: 12 months from resolution
  • Chat logs: 6 months from creation
  • System logs: 90 days
  • Analytics data: 24 months

Enterprise Tier:

  • Custom retention policies
  • Configurable backup schedules
  • Optional extended retention
  • Custom archival solutions

7.2 Data Deletion

Basic/Pro Tiers:

  • 30-day grace period for data export after account termination
  • Soft deletion of accessible data
  • Hard deletion after 60 days
  • Backup retention per regulatory requirements

Enterprise Tier:

  • Custom termination process
  • Agreed export timeframe
  • Verified data destruction
  • Compliance certification if required

8. Your Rights

8.1 General Rights

Depending on your location, you may have rights to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Data portability
  • Withdraw consent

8.2 European Rights (GDPR/UK GDPR)

Additional rights include:

  • Right to object to processing
  • Right to lodge complaints with authorities
  • Right to information about international transfers

8.3 California Rights (CCPA)

Additional rights include:

  • Right to know about personal information collection and sharing
  • Right to opt-out of personal information sales
  • Right to non-discrimination

8.4 Exercising Your Rights

To exercise your rights:

  • Email: support@boredservicedesk.com
  • Mail: 68 White St STE 194, Red Bank, NJ 07701

We will respond within required timeframes and may need to verify your identity.

9. Cookies

9.1 Cookie Types

We use:

  • Essential cookies
  • Performance cookies
  • Functionality cookies
  • Analytics cookies
  • Marketing cookies (with consent)

9.2 Cookie Control

Control cookies through:

  • Browser settings
  • Platform preferences
  • Our cookie management tool

10. Children's Privacy

Our Services are not directed to children under 13. We do not knowingly collect data from children under 13. If we learn we have collected such data, we will delete it.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes through:

  • Platform notifications
  • Email communications
  • Website notices

12. Contact Information

For privacy questions or concerns:

Bored Service Desk LLC 68 White St STE 194 Red Bank, NJ 07701 Email: support@boredservicedesk.com

13. Enterprise Customer Information

Enterprise customers require a separate agreement and receive:

  • Custom data handling
  • Dedicated infrastructure
  • Enhanced security controls
  • Custom retention policies
  • SSO integration options

This Privacy Policy does not supersede any Enterprise Agreement. Where there is any conflict between this Privacy Policy and an Enterprise Agreement, the terms of the Enterprise Agreement will control.