Privacy Policy

Effective 2026-04-24

This policy explains what personal information Board86 collects when you use this service, how we use it, and the choices you have. It is written in plain English. Where it matters, we note the relevant obligations under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

Who we are

Board86 is operated as a sole proprietorship based in Ontario, Canada. For any privacy questions, email chi@board86.com.

What we collect

Account information — your email address, used to sign you in and contact you about the service.
Business data you upload — invoices, receipts, labour reports, sales/POS exports, inventory counts, and any files or notes you attach.
Derived data — fields extracted from your uploads (e.g. vendor, totals, line items) stored to power the dashboards.
Technical data — standard web logs (IP, user agent, timestamps) from our hosting and error-reporting providers, used to keep the service running and debug problems.

How we use it

We use your data to provide the service: ingest your uploads, run extraction, store the results, and render them back to you in the app. We do not sell your data, do not share it with advertisers, and do not use it to train machine-learning models.

Aggregated benchmarking (optional)

If — and only if — you turn on benchmarking in your Settings, we may include de-identified pricing from your invoices in aggregate cohort statistics shared with other restaurants who have also opted in. This is off by default and you can turn it off any time.

What we share when you opt in:

Only ranges, never single points. A benchmark for an item shows the 25th, 50th, and 75th percentile across the cohort — never an identifiable price from any single restaurant.
K-anonymity floor of 5. A cohort must contain at least 5 opted-in restaurants matching on region and concept before any benchmark is returned. Below that, no result is shown.
No restaurant names or owner identities are ever included in the cohort outputs. Only your own restaurant's name is shown back to you in your own reports.
Excluded automatically: credits, samples, comp lines, and any invoice you mark as private.

If you opt out, your data is excluded from cohorts going forward. We keep a record of when you consented (and when you withdrew) for our own audit purposes.

Who else processes it

We use a small set of trusted service providers to run the service. Your data is processed by:

Supabase (database, authentication, storage, server functions) — our project is hosted in AWS us-east-2 (Ohio, USA).
Anthropic — we send the contents of your uploaded invoices and POS reports to Anthropic's Claude API to extract fields. Anthropic acts as a subprocessor; per Anthropic's API terms, your data is not used to train their models.
Postmark — processes inbound email (the optional "forward your POS reports here" flow) and any outbound transactional emails.
Glitchtip — receives anonymized error reports from the app.

Cross-border transfer

Because our database and most subprocessors are located in the United States, your information is transferred to and stored outside Canada. U.S. law may allow local authorities to access data stored there. By using Board86, you consent to this transfer. If you have questions about this, contact us.

How long we keep it

While your account is active, we keep your data so the service works. If you ask us to close your account and delete your data, we'll purge it within 30 days. Some information may remain in routine backups for a short period after that before being overwritten.

Your rights

Under PIPEDA you have the right to:

Ask what personal information we hold about you.
Ask us to correct information that is inaccurate.
Ask us to delete your account and associated data.
Withdraw your consent to our processing (note: this may mean we can no longer provide the service).

To exercise any of these, email chi@board86.com. If you're unhappy with how we've handled your request, you can file a complaint with the Office of the Privacy Commissioner of Canada.

Security

We take reasonable steps to protect your data: all traffic is encrypted in transit (HTTPS/TLS), database access is gated by row-level security so one account can't read another's data, and sensitive credentials live in isolated secret storage, not in source code. No system is perfectly secure — if you notice a vulnerability, please email us.

Changes to this policy

If we make material changes to this policy, we'll update the effective date at the top and, where practical, notify you by email.