BOOK_A_CALL →
BOOK_A_CALL →

Privacy Policy_

01Scope

This policy covers the blackoffice.ai website and the Black Office platform. Where we process business documents, ledger entries and similar operational data on behalf of a customer workspace ("Customer Data"), we act as a processor under the customer's instructions and the applicable data processing agreement; the customer is the controller of that data.

02What we collect

We do not buy data about you, and we do not collect advertising identifiers.

03How we use it

Model training: Customer Data is never used to train models shared across customers. Models fine-tuned on your data, where offered, serve your workspace only.

04When we share

We do not sell personal information, and we do not share it for cross-context behavioral advertising.

05Security

All data is encrypted in transit and at rest. Access is role-scoped and logged; production access requires hardware-key MFA. The platform maintains SOC 2 Type II controls, region-pinned storage options, and continuous monitoring with a 99.99% uptime record for critical agent infrastructure. Report vulnerabilities to security@blackoffice.ai; disclosures are acknowledged within 24 hours.

06Retention

Customer Data and audit records are retained while your workspace is active. After termination, exports remain available for 30 days, after which data is deleted on a rolling schedule (at most 90 days), except where law requires longer retention (for example financial records). Service telemetry is retained up to 13 months in aggregate form.

07Your rights

Depending on your jurisdiction (including under GDPR and UK GDPR), you may request access, correction, export, deletion or restriction of your personal data, and object to certain processing. Write to privacy@blackoffice.ai; we respond within 30 days. If you are in the EEA or UK, you may also lodge a complaint with your supervisory authority. For data inside a customer workspace, we will route your request to the workspace controller.

08Cookies

This marketing site sets no tracking or advertising cookies and loads no third-party analytics. The application uses strictly necessary cookies only: session authentication and CSRF protection. Because nothing optional is set, there is no cookie banner to click. You're welcome.

09International transfers

We operate from the United States and Germany. Where personal data is transferred across borders, we rely on appropriate safeguards, including Standard Contractual Clauses and region-pinned storage where selected by your workspace.

10Children

The Service is for businesses and is not directed to children under 16. We do not knowingly collect data from children; if you believe a child has provided us data, contact privacy@blackoffice.ai and we will delete it.

11Changes

We will announce material changes to this policy by email or in-product notice before they take effect. The "last_updated" stamp above always reflects the current version.

12Contact

Black Office, Inc. privacy team: privacy@blackoffice.ai · all channels: /contact. Our EU representative can be reached at the same address, subject line "EU_REP".