Privacy Policy

Amazing TX LLC (the "Company") establishes this Privacy Policy regarding the handling of users' personal information and usage data in "BoarderX" (the "Service"), an AI workspace application.

1. Information We Collect

The Company collects the following information in providing the Service.

• Account information: email address, display name, and password (stored in hashed form)
• User content: conversation data on Boards, Decision records, and projects, categories, tags, and similar items
• App usage data: usage activity, operation logs, and plan/limit usage
• Billing-related information: plan type and transaction identifiers from Apple / Google / Stripe (the Company does not collect or retain credit card numbers)
• BYOK API keys: AI provider API keys registered by the user (stored encrypted in our server-side database)

2. Purposes of Use

• To provide, maintain, and improve the Service
• To provide AI Agent response generation and the Decision recording feature
• To manage plan limits and process billing and subscriptions
• To verify identity, respond to inquiries, and send important notices
• To prevent misuse and ensure security

3. Handling of BYOK (API Keys)

The API keys for each AI provider that a user registers with the Service are encrypted using an industry-standard encryption method (AES-256-GCM) and stored within our secure database. Such API keys are automatically decrypted and used by the system only when processing AI Agent calls based on the user's instructions (including sharing within a Workspace under the Team plan). The Company will never manually view or use the contents of the keys outside of administrative purposes, nor provide or sell them to any third party.

4. Provision to Third Parties

The Company will not provide users' personal information to third parties, except in the following cases.

• Where the user has given consent
• Where required by law, or where necessary to protect the life, body, or property of a person
• Where provided to the external services (subcontractors) listed below, to the extent necessary to provide the Service

5. External Services

The Service uses the following external services to provide its features. The handling of information by each service is governed by that provider's own privacy policy.

• AI providers (OpenAI, Anthropic, Google, etc.): to process conversation content and generate responses based on the user's instructions (Note: Data transmitted via the API is, as a general rule, not utilized by the respective providers for AI model training purposes in accordance with their enterprise policies.)
• Apple App Store / Google Play: to process in-app purchases
• Stripe: to process payments on the web version
• SendGrid: to send emails such as invitations and password resets

6. Data Management and Security

The Company appropriately manages the information it collects and strives to prevent leakage, loss, or damage. We implement reasonable security measures, such as encryption of communications and encrypted storage of sensitive information including API keys. Data collected through the Service may be transferred to, stored, and processed in the United States and on the secure infrastructure of our subcontractors.

7. Retention Period and Deletion

The Company retains information for the period necessary to achieve the purposes of use. Users may request the deletion of their related data by applying to delete their account (excluding information that the Company is legally required to retain).

8. Contact

For inquiries regarding this Policy, or requests for disclosure, correction, or deletion, please contact us at .