BOLinkz
Log inGet started

Legal

Privacy Policy

Last updated: April 18, 2026

Who this applies to

This policy describes how BOLinkz (“we,” “us,” or “our”) collects, uses, and shares information when you use our website and services at bolinkz.com and related subdomains (the “Service”). By using the Service, you agree to this policy.

What we collect

  • Account and sign-in: When you create an account or sign in, we collect your email address. Authentication is handled with Auth.js (email-based one-time codes; no passwords in the product). Those codes are delivered by transactional email through Resend. Session and account records are stored in our database (Supabase), including tables used by the Auth.js adapter.
  • Documents and loads: PDFs, references, party information, and related metadata you upload or create in the app.
  • Proof of delivery (POD): When a receiver signs, we collect their e-signature image, printed name, GPS coordinates, timestamp, and basic device information (for example browser type and platform). This is embedded in the signed PDF and stored as an audit record — similar to information that would appear on a paper bill of lading.
  • Share and view links: Tokens and access metadata needed to show documents to people you choose to share with.
  • Technical and usage data: IP address, approximate location derived from IP, user agent, pages viewed, and interactions with the Service. We use this for security, debugging, and product improvement.
  • Billing (paid plans): Plan and subscription status through our billing provider (Polar). We do not store full payment card numbers on our servers; payment details are handled by Polar and its payment processors.

How we use information

  • Provide the Service: Authenticate you, store and display documents, generate share links, and produce signed POD PDFs.
  • Security and abuse prevention: Detect fraud, protect accounts, and enforce our Terms of Service.
  • Improve the product: Understand how features are used and fix issues, including through analytics described below.
  • Communicate with you: Sign-in codes, service messages, and responses to requests you send us.
  • Legal compliance: Where required by applicable law.

Analytics (Microsoft Clarity)

We use Microsoft Clarity on the Service. Clarity may record how you use our pages (for example clicks, scrolls, and session replays) and use cookies and similar technologies to help us understand usability and improve the product. Clarity is operated by Microsoft; Microsoft's handling of data is described in Microsoft's Privacy Statement. We do not use Clarity to sell your personal information or to run third-party advertising on our behalf.

Cookies and similar technologies

We use cookies and local storage that are necessary for sign-in and session security. Clarity may set its own cookies or use storage to distinguish sessions for analytics. You can control cookies through your browser settings; blocking some cookies may limit parts of the Service.

Service providers

We use trusted vendors to run the Service. They process data on our instructions and are contractually obligated to protect it where applicable. Categories include: hosting and infrastructure (for example Vercel), database and file storage (Supabase), transactional email (Resend), billing (Polar), and analytics (Microsoft Clarity). Their own terms and privacy policies also apply to their processing.

What we don't do

  • We do not sell your personal information.
  • We do not use your documents for advertising or to train unrelated third-party AI models.
  • We do not make your documents available to anyone except you and people you explicitly share with (plus our systems as needed to operate the Service).

Retention and deletion

We keep information for as long as your account is active and as needed to provide the Service, comply with law, resolve disputes, and enforce our agreements. Signed POD records are designed to be durable proof of delivery. You may delete your account and associated data from account settings where the product allows it; some information may be retained in backups for a limited period or where retention is required by law.

Security and international transfers

We use industry-standard measures including encryption in transit (TLS) and encryption at rest for stored data where supported by our providers. Our vendors may process data in the United States and other countries where they operate. If we transfer personal data from the European Economic Area, United Kingdom, or Switzerland, we rely on appropriate safeguards such as standard contractual clauses where required.

Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, or to object to or restrict certain processing. You can delete your account and much of your data from your account settings. To exercise other rights or ask questions, contact us at the email below. We will verify your request where the law requires it. If you are in the European Economic Area, you may also lodge a complaint with your local data protection authority.

California residents: you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, to delete certain information, and to opt out of “sale” or “sharing” (we do not sell personal information as defined by the CCPA). We do not knowingly sell or share personal information of minors under 16.

Children's privacy

The Service is not directed to children under 13 (or the age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us and we will take appropriate steps to delete it.

Third-party sites

The Service may contain links to third-party websites. We are not responsible for their privacy practices. Please read their policies before providing information to them.

Changes to this policy

We may update this policy from time to time. We will post the new version on this page and update the “Last updated” date. If changes are material, we will provide additional notice as appropriate (for example by email or in-app message). Continued use of the Service after changes means you accept the updated policy.

Contact

For privacy requests, questions about this policy, or to reach our team: support@bolinkz.com. Please include enough detail for us to help you. We aim to respond within a reasonable time.

    Privacy Policy · BOLinkz