BoostSpec

Privacy Policy

Last updated: March 15, 2024

Introduction and Scope

BoostSpec, Inc. ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered PC optimization services, website, and related applications (collectively, the "Services").

This policy applies to all users of our Services, including visitors to our website, registered users, and enterprise customers. By using our Services, you consent to the data practices described in this policy.

Information We Collect

We collect various types of information to provide and improve our Services:

  • Personal Information: Name, email address, phone number, billing address, and payment information when you create an account or subscribe to our services
  • System Information: Hardware specifications, operating system details, installed software inventory, driver versions, and system configuration data necessary for optimization analysis
  • Performance Data: CPU usage patterns, memory utilization, storage performance metrics, network activity, and application response times
  • Usage Analytics: How you interact with our software, feature usage statistics, optimization results, and user interface interactions
  • Diagnostic Information: System performance logs, error reports, crash dumps (anonymized), and optimization outcomes to improve our service quality
  • Communication Records: Support tickets, chat logs, email correspondence, and feedback submissions
  • Device Information: IP address, browser type, device identifiers, and operating system version for security and compatibility purposes
  • Location Data: General geographic location (country/region level) for service optimization and compliance with local regulations
  • Cookies and Tracking Data: Website usage patterns, session information, and preference settings as detailed in our Cookie Policy
  • Third-Party Integration Data: Information from connected services and applications that you authorize us to access
  • Enterprise Data: For business customers, we may collect additional organizational information, user management data, and deployment statistics

How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Provide personalized PC optimization recommendations, system analysis, and performance improvements tailored to your specific hardware configuration
  • AI Algorithm Enhancement: Train and improve our machine learning models to deliver more accurate diagnostics and effective optimization strategies
  • Performance Monitoring: Continuously monitor system health, track optimization effectiveness, and provide real-time performance insights
  • Customer Support: Respond to inquiries, troubleshoot issues, provide technical assistance, and deliver personalized optimization guidance
  • Billing and Account Management: Process payments, manage subscriptions, send invoices, and maintain accurate account records
  • Security and Fraud Prevention: Detect and prevent unauthorized access, identify suspicious activities, and protect against security threats
  • Product Development: Develop new features, improve existing functionality, and create better user experiences based on usage patterns
  • Communication: Send service updates, security notifications, optimization reports, and important account information
  • Legal Compliance: Meet regulatory requirements, respond to legal requests, and ensure compliance with applicable laws and regulations
  • Research and Analytics: Conduct anonymized research to advance PC optimization techniques and publish industry insights
  • Quality Assurance: Monitor service performance, identify bugs, and ensure optimal user experience across all platforms
  • Personalization: Customize user interfaces, recommend relevant features, and adapt our services to individual user preferences and workflows

Information Sharing and Disclosure

BoostSpec does not sell, trade, or rent your personal information to third parties. We may share information only in the following limited circumstances:

  • Service Providers: Trusted third-party vendors who assist in delivering our services, including cloud hosting providers, payment processors, and customer support platforms, all under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, subpoena, or to protect our rights, property, and safety, or that of our users and the public
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, with advance notice to affected users and continued protection under this policy
  • Consent-Based Sharing: When you explicitly authorize us to share information with specific third parties or integrated services
  • Anonymized Data: Aggregated, anonymized performance statistics and industry insights that cannot be traced back to individual users
  • Emergency Situations: To prevent imminent harm to persons or property, or to investigate suspected illegal activities
  • Professional Advisors: Lawyers, accountants, and other professional advisors bound by confidentiality obligations
  • Regulatory Authorities: Government agencies and regulatory bodies when required for compliance or investigation purposes
  • Enterprise Administrators: For business accounts, designated administrators within your organization may access user data and usage statistics

Data Security and Protection

We implement comprehensive security measures to protect your information:

  • Encryption: All data transmission uses TLS 1.3 encryption, and sensitive data is encrypted at rest using AES-256 encryption standards
  • Access Controls: Multi-factor authentication, role-based access controls, and principle of least privilege for all personnel
  • Infrastructure Security: SOC 2 Type II compliant data centers with 24/7 monitoring, intrusion detection, and physical security controls
  • Regular Audits: Quarterly security assessments, penetration testing, and vulnerability scans by independent security firms
  • Data Minimization: We collect only the information necessary for service delivery and delete data when no longer needed
  • Incident Response: Comprehensive breach response procedures with user notification within 72 hours of discovery
  • Employee Training: Regular security awareness training and background checks for all personnel with data access
  • Backup and Recovery: Secure, encrypted backups with tested disaster recovery procedures to ensure data availability
  • Network Security: Firewalls, intrusion prevention systems, and network segmentation to protect against unauthorized access
  • Compliance Monitoring: Continuous monitoring for compliance with GDPR, CCPA, and other applicable privacy regulations

Your Privacy Rights

You have the following rights regarding your personal information:

  • Right to Access: Request a copy of all personal information we hold about you, including data sources and processing purposes
  • Right to Rectification: Correct inaccurate or incomplete personal information in your account or our records
  • Right to Erasure: Request deletion of your personal information, subject to legal and contractual obligations
  • Right to Portability: Receive your data in a structured, machine-readable format for transfer to another service provider
  • Right to Restrict Processing: Limit how we process your information in certain circumstances
  • Right to Object: Opt-out of certain types of data processing, including direct marketing and automated decision-making
  • Right to Withdraw Consent: Revoke previously given consent for data processing activities
  • Right to Lodge Complaints: File complaints with relevant data protection authorities if you believe your rights have been violated
  • Right to Notification: Be informed of data breaches that may affect your personal information
  • Right to Human Review: Request human review of automated decisions that significantly affect you
  • Right to Data Minimization: Request that we limit data collection to what is strictly necessary for service provision

To exercise these rights, contact our Data Protection Officer at privacy@boostspec.com or use our online privacy portal.

Data Retention and Deletion

We retain your information only as long as necessary for the purposes outlined in this policy:

  • Account Data: Retained for the duration of your account plus 3 years for legal and tax purposes
  • System Performance Data: Anonymized and aggregated after 12 months, with individual data deleted after 24 months
  • Support Communications: Retained for 5 years to maintain service quality and resolve future issues
  • Billing Information: Kept for 7 years as required by financial regulations and tax laws
  • Marketing Data: Deleted immediately upon unsubscribe or account deletion request
  • Security Logs: Maintained for 13 months for security monitoring and incident investigation
  • Backup Data: Automatically purged from backup systems within 90 days of primary deletion
  • Legal Hold Data: Retained as required by legal proceedings or regulatory investigations
  • Anonymized Analytics: May be retained indefinitely as it cannot be linked to individual users

International Data Transfers

BoostSpec operates globally and may transfer your information to countries outside your residence. We ensure adequate protection through:

  • Adequacy Decisions: Transfers to countries with European Commission adequacy decisions
  • Standard Contractual Clauses: EU-approved contractual protections for transfers to other countries
  • Certification Programs: Partners certified under Privacy Shield successor frameworks
  • Binding Corporate Rules: Internal policies ensuring consistent global privacy protection
  • Explicit Consent: Your specific consent for transfers when other safeguards are not available
  • Data Localization: Option to store data within specific geographic regions for enterprise customers
  • Transfer Impact Assessments: Regular evaluation of transfer risks and additional safeguards

Children's Privacy

Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover that we have collected information from a child under 16, we will delete such information immediately. Parents or guardians who believe their child has provided us with personal information should contact us at privacy@boostspec.com.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. We will notify you of material changes through:

  • Email notification to your registered address
  • Prominent notice on our website and application
  • In-app notifications for significant changes
  • 30-day advance notice for changes that expand data collection or sharing

Your continued use of our Services after the effective date of changes constitutes acceptance of the updated policy.

Contact Information

For privacy-related questions, concerns, or to exercise your rights, please contact us:

Data Protection Officer: privacy@boostspec.com

Privacy Hotline: +1 628 370 5194

Mailing Address:
BoostSpec, Inc.
Attn: Privacy Department
5215 E Cambridge Ave
Phoenix, AZ 85008, USA

EU Representative: privacy-eu@boostspec.com

Response Time: We respond to privacy requests within 30 days