Blackbox Blackbox
Get Started

Legal

Privacy Policy

Effective date: March 11, 2026 · Last updated: March 11, 2026

Blackbox ("Blackbox," "we," "us," or "our") operates the blackbx.dev website and the Blackbox Headquarters platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Information You Provide

  • Account information: name, email address, company name, billing address, and payment details when you create an account or subscribe to a plan.
  • Communications: any information you provide when you contact us via email, contact forms, or support channels.
  • Client data: business data, CRM records, lead information, and other operational data you upload to or process through the Service ("Client Data").

1.2 Information Collected Automatically

  • Usage data: pages visited, features used, timestamps, session duration, and interaction patterns within the Service.
  • Device data: IP address, browser type and version, operating system, device identifiers, and referring URLs.
  • Cookies and similar technologies: we use essential cookies for authentication and session management. We use analytics cookies only with your consent where required by law.

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service, including deploying and managing your virtual teams.
  • Process transactions and send related billing information.
  • Respond to your inquiries and provide customer support.
  • Monitor and analyze usage patterns to improve the Service.
  • Detect, prevent, and address technical issues and security threats.
  • Send administrative communications, including service updates and security alerts.
  • Comply with legal obligations.

3. Client Data

Client Data you process through the Service (including CRM records, lead data, email content, and analytics outputs) is processed solely to provide the Service to you. We do not sell Client Data. We do not use Client Data to train machine learning models outside the scope of your account. Client Data is logically segregated per account and is not shared between clients.

4. AI Processing

The Service uses artificial intelligence to process Client Data for the purposes you configure — such as lead auditing, performance scoring, and report generation. AI processing occurs on secure infrastructure. Outputs generated by the Service (reports, scorecards, analytics) are derived from your Client Data and belong to you.

We may use third-party AI model providers (such as OpenAI and Anthropic) to process Client Data in the course of delivering the Service. When we do, such processing is governed by our data processing agreements with those providers, which prohibit them from using your data for their own training purposes.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

  • Service providers: third-party vendors who assist us in operating the Service (hosting, payment processing, analytics, AI model providers), subject to confidentiality obligations.
  • Legal compliance: when required by law, subpoena, court order, or governmental request.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to affected users.
  • With your consent: when you explicitly authorize a disclosure.

6. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Access controls and role-based permissions.
  • Regular security assessments and monitoring.
  • Incident response procedures.

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your account information for as long as your account is active or as needed to provide the Service. Client Data is retained for the duration of your subscription and deleted within 90 days of account termination, unless a longer retention period is required by law or requested by you. You may request deletion of your data at any time by contacting us.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal information.
  • Object to or restrict certain processing activities.
  • Data portability — receive your data in a structured, machine-readable format.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at [email protected].

9. International Transfers

Your information may be transferred to and processed in countries other than your country of residence, including Canada and the United States. Where such transfers occur, we ensure appropriate safeguards are in place to protect your data in accordance with applicable law.

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will delete it promptly.

11. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised effective date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: