Effective Date: June 17, 2026
This Privacy Policy explains how B.O.S.S. Improve (including the EMaiLBOSS desktop application and bossimprove.com website) collects, uses, protects, and shares your personal information.
Summary of Architecture: EMaiLBOSS is a desktop application (installed client). Sensitive user data, including authentication tokens and any locally saved application settings, is stored on your device. Email and calendar data is accessed directly from Google APIs and Microsoft APIs (including Microsoft Graph for Outlook and Calendar) and processed locally; we do not operate a cloud server to store your Gmail or Outlook messages or calendar events.
1. Information We Collect
- Google and Microsoft User Data: To provide automation features, EMaiLBOSS accesses account data you authorize through Google APIs (including Gmail and Calendar APIs) and/or Microsoft APIs (including Microsoft Graph for Outlook and Calendar). This may include reading email headers, bodies, attachments, and calendar events. This data is accessed directly from your device to the applicable provider APIs.
- Local Authentication Tokens: OAuth 2.0 tokens used to authenticate with Google or Microsoft are encrypted and stored securely on your local file system (e.g., AppData on Windows). These are never transmitted to our servers.
- Personal Information (Website): When you interact with our website or request demos, we may collect your name, email, and organization details.
- Usage Data: We may collect anonymized, aggregate technical telemetry (e.g., app version, error logs) to improve application stability; this telemetry does not include Gmail, Outlook, or calendar message/event content.
2. How We Use Your Information
- To categorize incoming emails based on your custom rules.
- To draft suggested replies using Artificial Intelligence (OpenAI).
- To identify and create calendar events based on user inputs.
- To provide, personalize, and improve the EMailLBOSS program and our website.
Google and Microsoft API Data
EMaiLBOSS's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide and improve user-facing features you request within the app, and we do not use Google user data for advertising or sell Google user data. EMaiLBOSS also integrates with Microsoft APIs for Outlook and Calendar features when you authorize Microsoft access. Microsoft account data is used only to provide the user-facing features you request, and we do not sell Microsoft user data or use it for advertising.
3. Data Storage, Transfers & Sharing
- Desktop Processing & No Email Cloud Storage by Us: Email and calendar data is accessed directly from your device to Google APIs and/or Microsoft APIs. We do not operate a cloud service that stores your Gmail or Outlook messages or calendar events on our servers. Data is processed in memory and/or stored locally on your device in application configuration files.
- AI Processing (OpenAI): When you explicitly trigger an automation (e.g., categorization or draft reply), the application may transmit limited email content (such as the subject line, message body, and relevant thread context) to OpenAI over HTTPS to generate a result. We do not sell this data, do not use it for advertising, and do not use it to build marketing profiles. We do not provide this data to OpenAI for the purpose of training models. This transfer occurs only to provide the specific user-requested feature.
- Attachments: Email attachments are not transmitted to OpenAI unless you explicitly enable or trigger a feature that requires attachment analysis. If enabled, only the minimum necessary attachment text/content is transmitted for that user-requested task.
- Google and Microsoft API Data Use: We use information received from Google APIs and Microsoft APIs only to provide and improve user-facing features you request within EMaiLBOSS. We do not use Google or Microsoft user data for serving advertisements, and we do not sell Google or Microsoft user data.
- Service Providers (Website): For website interactions, we may use trusted third-party providers (hosting, payment processors) under confidentiality obligations.
4. Data Retention & Deletion
- Local App Data: EMaiLBOSS retains configuration data and OAuth tokens on your device until you uninstall the app or delete the local configuration folder.
- Google and Microsoft Account Data: Email and calendar content is retrieved from Google APIs and/or Microsoft APIs when you use the app. We do not store your Gmail or Outlook messages or calendar events on our own servers.
- AI Requests: Content sent to OpenAI is transmitted for the purpose of generating the requested output. We do not intentionally store this content on our servers. Any retention by OpenAI is governed by OpenAI's terms and policies.
5. Data Security
- We utilize the principle of least privilege. The application only requests the scopes necessary to perform the tasks you initiate.
- Since data is stored locally, your data security relies primarily on the security of your own device (access controls, disk encryption, etc.).
- We use industry-standard security measures to safeguard data collected via our website.
6. Your Choices
- Revoking Access: You can revoke EMaiLBOSS's access to your Google Account at any time via the Google Security settings page. You can revoke Microsoft account access through your Microsoft account privacy/security settings.
- Uninstalling: Uninstalling the desktop application removes the local application files. You may manually delete the configuration folder in your user directory to remove all local data and tokens.
- Marketing Opt-Out: You may unsubscribe from marketing emails at any time.
7. Children's Privacy
Our Services are not intended for use by children under the age of 16 and we do not knowingly collect their personal information. If we learn that personal data has been collected from a person under 16, we will delete it promptly.
8. International Data Transfers
If you are accessing our Services outside the United States, please be aware that your data may be processed and stored in the U.S. or other countries where our service providers operate. We ensure transfers comply with applicable data protection laws (e.g., GDPR) through standard contractual clauses or other lawful mechanisms.
9. Your State & Local Privacy Rights
- California Residents: Under the California Consumer Privacy Act (CCPA), you have rights to access, delete, and correct your personal information, and to opt out of "sales" of personal data. Since we do not sell personal data, the opt-out right does not apply, but you may still request access or deletion.
- Other U.S. States: Residents of Virginia, Colorado, Utah, and other jurisdictions may have similar rights under their state privacy laws. Contact us for more information.
10. Cookies & Tracking Technologies
We and our third-party partners use cookies, web beacons, and similar technologies to analyze website usage, improve performance, facilitate secure sessions, and personalize content. You can manage cookie settings through your browser or device preferences. Disabling cookies may limit certain features.
11. Changes to This Privacy Policy
We may update this policy periodically to reflect changes in legal requirements or our services. When we do, we will update the "Effective Date" above and post the revised policy here. We encourage you to review this policy regularly.
12. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
B.O.S.S. Improve
1400 Village Square Blvd #3-80069, Tallahassee, FL 32312
Email: info@bossimprove.com
Phone: (813) 445-5004