๐ Our commitment: Boofer is built on the principle that privacy is a fundamental right.
We collect the minimum data necessary to operate the service and will never sell your personal
information to third parties.
1 Information We Collect
We collect only what is necessary to provide and improve the Boofer service:
Account Information:
- Your chosen username / handle (publicly visible)
- Email address (for account recovery only, never shown publicly)
- Profile photo (optional, stored encrypted)
- Your assigned virtual phone number (generated by Boofer)
Usage Data:
- App version and device type (for compatibility)
- Crash reports and error logs (anonymized)
- Feature usage statistics (no personal identifiers)
We do NOT collect:
- Your real phone number
- Message content (all messages are end-to-end encrypted)
- Call recordings or transcripts
- Contact lists from your device
- Location data
2 How We Use Your Information
We use the information we collect to:
- Create and maintain your Boofer account
- Deliver messages, calls, and notifications to the correct recipients
- Provide account recovery services via email
- Detect and prevent fraud, abuse, and security breaches
- Fix bugs and improve app stability
- Respond to support requests
We do not use your data for targeted advertising or sell it to data brokers.
3 Data Storage & Security
Your data is stored on secure servers provided by Supabase (hosted on AWS). We implement
industry-standard security practices:
- All data in transit is encrypted using TLS 1.3
- Data at rest is encrypted using AES-256
- Regular security audits and penetration testing
- Access to production systems is limited to authorized personnel only, with full audit logging
- Automated anomaly detection for suspicious access patterns
4 End-to-End Encryption
All messages and media sent through Boofer are end-to-end encrypted. This means:
- Only you and your intended recipient(s) can read your messages
- Boofer servers store only encrypted ciphertext โ we cannot read your messages
- Even in the event of a server breach, your message content remains unreadable
- Voice and video call audio/video streams are encrypted in transit
๐ Encryption keys are derived on your device and never leave it. Your private key is tied to your
device and is never transmitted to our servers.
5 Data Sharing
We do not sell, trade, or rent your personal information. We may share limited data with:
- Service providers โ Infrastructure partners (Supabase, Firebase) that help us
deliver the service, bound by data processing agreements
- Law enforcement โ Only when legally compelled by a valid court order. Due to our
encryption architecture, we can provide only metadata (account info, IP logs) โ never message
content
- Safety situations โ If we have a good-faith belief that disclosure is necessary to
prevent imminent risk of serious harm
6 Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access โ Request a copy of the data we hold about you
- Correction โ Update inaccurate personal information
- Deletion โ Request deletion of your account and associated data
- Portability โ Receive your data in a portable format
- Objection โ Object to certain types of data processing
To exercise any of these rights, contact us at shaadowplatforms.g92192@gmail.com.
We will respond within 30 days.
7 Children's Privacy
Boofer is not directed to children under the age of 13. We do not knowingly collect personal information
from children under 13. If we discover that a child under 13 has provided us with personal information,
we will promptly delete such information.
If you are a parent or guardian and believe your child has provided us with personal information, please
contact us at shaadowplatforms.g92192@gmail.com.
8 Data Retention
We retain your data for as long as your account is active or as needed to provide you services:
- Account data is retained until you delete your account
- Messages are retained on servers only until delivered, then purged (unless you enable cloud backup)
- Crash logs are anonymized and deleted after 90 days
- Security audit logs are retained for 12 months
Upon account deletion, we will delete or anonymize your personal data within 30 days, except as required
by law.
9 Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting the new policy on this page with an updated "Last Updated" date
- Sending an in-app notification for material changes
Your continued use of Boofer after changes take effect constitutes your acceptance of the revised policy.
10 Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please reach out: