Privacy Policy

This Privacy Policy applies to personal data processed by SimplyBoost through our website, lead capture forms, communication channels, customer onboarding, and related services.

Data controller details: SimplyBoost, 3438 Utrecht, Netherlands. Contact us at hello@simplyboost.io for privacy requests.

We follow a data-minimization approach and collect only the information reasonably needed to respond, qualify leads, and deliver our services.

Depending on your interaction, we may collect:

• Basic contact and identity data: name, public profile name/handle, work email, phone number, company, and message history.
• Website interaction data: page URL, form submission details, event timestamps, browser type, and IP address.
• Channel conversation data from integrations such as WhatsApp, Instagram, and Facebook Messenger (for example message text, date and time, and profile metadata you choose to share on those platforms).
• Service and operational data such as support tickets, onboarding notes, and account-level configuration details.
• Cookie preference and strictly necessary cookie data (see Cookie section and Cookie Policy).

We do not intentionally collect special-category personal data, and we ask users not to share highly sensitive information in routine conversations.

Integration-specific examples:

• Website: form fields you submit (such as name, email, phone), page URL, and timestamp.
• WhatsApp: phone number, profile name, message content, and message timestamps.
• Instagram: public username/display name, direct-message content, and message timestamps.
• Facebook Messenger: public profile name, message content, and message timestamps.

We collect personal data directly and indirectly from:

• Website interactions, including contact forms, demo requests, and chat widgets integrated on your site.
• WhatsApp conversations where our automation is used to respond, qualify, or route inquiries.
• Instagram and Facebook Messenger conversations when those channels are connected for customer engagement or lead capture.
• Emails, calls, and meetings with you or your authorized team.
• Essential infrastructure logs and security telemetry required to keep our services reliable.

We process personal data for legitimate business and legal purposes:

• To provide, configure, operate, and improve our services and automations.
• To respond to inquiries, demos, and customer support requests.
• To enable secure sign-in, account linking, and session management where Google authentication is used.
• To process and route conversations coming from integrated channels such as WhatsApp, Instagram, Facebook, and website widgets.
• To process contracts, invoices, and compliance obligations.
• To monitor platform performance, security, and abuse prevention.
• To send relevant product updates, insights, and marketing messages where lawful.
• To enforce our legal terms and protect business interests.

For individuals in the EEA/UK and similar jurisdictions, we rely on one or more of these legal bases:

• Performance of a contract or pre-contractual steps.
• Legitimate interests, balanced against your privacy rights.
• Consent, where required by law (which you may withdraw).
• Compliance with legal obligations.

We use a consent dialog on our website to let you choose cookie preferences. At present, we primarily use strictly necessary cookies (such as storing your cookie consent choice) and security-related infrastructure signals.

We do not currently rely on advertising cookies for personalized ads on this site. If optional analytics or marketing cookies are introduced in the future, they will be controlled through the same consent mechanism.

See our Cookie Policy for detailed cookie categories, duration, and controls.

We may share personal data with:

• Trusted vendors and subprocessors (hosting, analytics, CRM, support, payment, and communication tools).
• Platform providers for integrated channels (including Meta services such as WhatsApp, Instagram, and Facebook) when messages are processed through those channels.
• Professional advisers such as legal and accounting partners.
• Authorities or regulators where required by law, court order, or to protect rights and safety.
• A successor entity in case of merger, acquisition, or asset transfer.

We do not sell personal data for money. Where "sale" or "sharing" is legally defined (for example under certain U.S. state laws), you may request to opt out where applicable.

Your personal data may be processed in countries outside your place of residence. Where required, we use appropriate safeguards such as contractual clauses and vendor due diligence to protect transferred personal data.

If you choose to sign in with Google, we may receive basic profile information such as your name, email address, and profile image, depending on the scopes you grant.

Google user data is used only for authentication, account security, and features you explicitly enable. We do not sell Google user data and we do not use it for unrelated advertising purposes.

Where applicable, our use of data obtained from Google APIs is limited to the practices disclosed in this policy and is intended to align with the Google API Services User Data Policy requirements.

You can revoke Google access at any time through your Google account permissions settings.

When Meta integrations are enabled, we process message and profile metadata made available through WhatsApp, Instagram, and Facebook APIs to support lead capture, support automation, and conversation routing.

Meta platform data is processed only for service functionality requested by our customers and authorized users. We do not sell this data.

For user data deletion requests related to Meta-connected interactions, use our public data deletion instructions at /data-deletion or contact us at hello@simplyboost.io.

We retain personal data only as long as needed for the purposes described in this policy, including contractual, operational, legal, accounting, and dispute-resolution requirements.

Retention periods vary by data type and legal obligations. When data is no longer required, we delete or anonymize it.

We implement reasonable technical and organizational safeguards to protect personal data, including access controls, encryption measures where appropriate, monitoring, and secure service provider practices.

No system is completely secure. We encourage secure communication practices when sharing sensitive information.

Depending on your location, you may have rights to:

• Access personal data we hold about you.
• Correct inaccurate or incomplete personal data.
• Request deletion of personal data.
• Restrict or object to certain processing activities.
• Request portability of eligible personal data.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a supervisory authority where applicable.

You can request deletion of your personal data by emailing hello@simplyboost.io with the subject line "Data Deletion Request" and sufficient details to identify your record.

Our deletion process includes:

• Identity verification to prevent unauthorized deletions.
• Review and deletion/anonymization of applicable records across active systems.
• Notification when the request is completed, denied, or requires clarification.

Typical response time is within 30 days, subject to legal and operational constraints. In complex cases, this may be extended where permitted by law.

Data may be retained where required for:

• Legal, regulatory, or tax obligations.
• Security, fraud prevention, and abuse mitigation.
• Establishing, exercising, or defending legal claims.
• Backup systems until secure rotation schedules complete.

A dedicated deletion instructions page is available at /data-deletion.

Our services are not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal data from children. If you believe a child submitted personal data, contact us so we can take appropriate action.

Our website and communications may include links to external websites, integrations, or services that are not operated by us. Their privacy practices are governed by their own policies, and we encourage you to review those policies before sharing personal data.

We may update this Privacy Policy from time to time. Material updates will be posted on this page with a revised "Last Updated" date and, if required, additional notice.

Privacy requests and inquiries can be sent to hello@simplyboost.io.

Mailing address: SimplyBoost, 3438 Utrecht, Netherlands. Phone: +31 6 44384676.

For related legal terms, visit Contact and Cookie Policy.