At Boreal Labs, we believe in complete transparency about how we collect and use your data. This page explains what information we access, why we need it, and how we protect it.
Google Sign-In
What We Access
When you sign in with Google, we request access to:
- Email address — Used to create and manage your account
- Basic profile information (name, profile picture) — Used to personalize your experience
What We Don't Access
We do NOT access:
- Your Gmail messages or contacts
- Your Google Drive files
- Your Google Calendar events
- Any other Google services beyond basic profile information
Why We Need This
We use Google OAuth solely for secure authentication. Your email address allows us to:
- Create and maintain your account
- Send you important service notifications
- Provide customer support when needed
Payment Processing (Stripe)
How Payments Work
All payment processing is handled securely by Stripe, a PCI-DSS Level 1 certified payment processor. This means:
- We never see or store your complete credit card number
- We never have access to your CVV or security code
- All payment data is encrypted and securely processed by Stripe
- We only receive confirmation that a payment was successful
What We Store
For billing purposes, we store:
- Last 4 digits of your card (provided by Stripe)
- Card brand (Visa, Mastercard, etc.)
- Card expiration month and year
- Billing email address
- Transaction history and receipts
Usage Data & Analytics
To improve our services, we collect anonymous usage data:
- Pages visited and features used
- Time spent on the platform
- Device type and browser information
- General geographic location (city/country level)
This data is aggregated and anonymized. We use it to understand how people use our services and identify areas for improvement.
How Long We Keep Your Data
- Active accounts: We retain your data while your account is active
- Deleted accounts: Account data is permanently deleted within 30 days of account closure
- Billing records: We keep transaction records for 7 years to comply with financial regulations
- Analytics data: Anonymous usage data is retained indefinitely for research and improvement
Your Data Rights
You have complete control over your data. You can:
- Request a copy of all data we have about you
- Correct any inaccurate information
- Delete your account and all associated data
- Revoke Google OAuth access at any time through your Google Account settings
- Export your data in a portable format
To exercise any of these rights, contact us at [email protected]
How We Protect Your Data
- All data transmission uses industry-standard SSL/TLS encryption
- Data at rest is encrypted using AES-256 encryption
- Regular security audits and penetration testing
- Strict access controls — only authorized personnel can access user data
- Two-factor authentication for all administrative access
- Regular backups to prevent data loss
Third-Party Services
We partner with trusted third-party services to provide our platform:
Google (Authentication)
Stripe (Payment Processing)
Questions or Concerns?
If you have any questions about how we handle your data, please don't hesitate to reach out:
Email: [email protected]
Address:
Boreal Labs
Operated by James Forrest (Sole Proprietor)
2727 Prince Edward St.
Vancouver, BC, Canada
V5T 4V8
Note: This page is designed to provide clear, accessible information about our data practices. For complete legal details, please refer to our Privacy Policy.