top of page

Boost GDPR Privacy Policy

Effective Date: April 2025

At Boost, we are committed to protecting and respecting your privacy. This GDPR Privacy Policy (“Policy”) explains how we collect, use, store, and protect your personal data, in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This Policy applies to individuals whose personal data we process in the course of providing our products and services.

1. Introduction

As a healthcare SaaS provider, we process personal data for a variety of reasons, including the provision of services, billing, customer support, and improving user experience. This Policy explains how we handle your data, the rights you have in relation to it, and how you can exercise those rights.

2. Data Controller

Boost is the data controller of the personal data you provide to us. Our contact details are as follows: legal@boostresults.com

3. Types of Personal Data We Collect

We may collect and process the following types of personal data:
 

  • Contact Information
    Name, email address, phone number, job title, company details.
     

  • Billing Information
    Payment details, invoices, and billing addresses.
     

  • Healthcare Data
    Medical records, patient information, and health-related data (as required for the services you use).
     

  • Technical Data
    IP addresses, browser type, device details, and other technical information related to your use of our platform.
     

  • Usage Data
    Information about how you use our website and services, such as login times, features accessed, and errors encountered.

4. How We Use Your Personal Data

We collect and process your personal data for the following purposes:

  • To Provide Our Services
    To deliver, maintain, and support our healthcare SaaS platform.
     

  • To Manage Customer Accounts
    To process and manage subscriptions, billing, and account-related information.
     

  • To Improve Our Services
    To enhance the functionality and security of our platform, monitor usage, and improve user experience.
     

  • To Comply with Legal Obligations
    To meet regulatory requirements, including those specific to healthcare data (e.g., HIPAA compliance).
     

  • To Communicate with You
    To send you service-related information, updates, and notifications.

5. Legal Basis for Processing Your Data

Under the GDPR, we must have a valid legal basis to process your personal data. The legal bases we rely on include:

  • Contractual Necessity
    We process your personal data to fulfill our contractual obligations with you (e.g., providing access to our platform).
     

  • Legal Obligation
    We may process your data to comply with legal requirements, such as healthcare regulations and data protection laws.
     

  • Legitimate Interests
    We may process personal data where we have a legitimate interest in doing so (e.g., improving our services, marketing communications).
     

  • Consent
    In certain cases, we may ask for your explicit consent to process your data, particularly for sensitive data (e.g., health-related information).

6. How We Share Your Personal Data

We do not sell, rent, or lease your personal data. However, we may share your data with trusted third-party service providers to fulfill our contractual obligations or provide services, such as:

  • Cloud Hosting Providers
    To host our platform and store data securely.
     

  • Payment Processors
    To handle billing and payment transactions.
     

  • Healthcare Partners
    In cases where we need to integrate with third-party healthcare providers or services.
     

  • Compliance Authorities
    To comply with legal obligations or respond to lawful requests from authorities (e.g., for audits or investigations).
     

These third-party providers are contractually obligated to safeguard your data and use it only for the purposes we have specified.

7. International Data Transfers

As part of our operations, your personal data may be transferred to and stored in countries outside the European Economic Area (EEA) that may not have the same level of data protection as your country. Where this occurs, we ensure that appropriate safeguards are in place, such as the use of Standard Contractual Clauses (SCCs) or other legal mechanisms, to ensure your data is adequately protected.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. Once your data is no longer needed, it will be securely deleted or anonymized in accordance with our data retention policies.

9. Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access
    You can request access to the personal data we hold about you.
     

  • Right to Rectification
    You can request corrections to inaccurate or incomplete data.
     

  • Right to Erasure
    You can request the deletion of your personal data under certain conditions.
     

  • Right to Restriction of Processing
    You can request the restriction of processing of your personal data in certain circumstances.
     

  • Right to Data Portability
    You can request a copy of your personal data in a machine-readable format to transfer to another service.
     

  • Right to Object
    You can object to the processing of your data, including for marketing purposes.
     

  • Right to Withdraw Consent
    If you have provided consent for specific processing activities, you can withdraw your consent at any time.
     

  • Right to Lodge a Complaint
    If you believe your rights have been violated, you can lodge a complaint with a supervisory authority in your jurisdiction.

 

To exercise these rights, please contact us using the contact details provided above.

10. Security of Your Personal Data

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or alteration. These include encryption, secure data storage, and regular security assessments to ensure that your data remains safe.

11. Cookies and Tracking Technologies

For information about how we use cookies and other tracking technologies, please refer to our Cookie Policy for further details.

12. Changes to This Privacy Policy

We may update this Policy from time to time to reflect changes in our practices, legal requirements, or business needs. We will notify you of any significant changes by posting a notice on our website or through our platform.

13. Contact Us

If you have any questions, concerns, or requests regarding your personal data or this Policy, please contact us: legal@boostresults.com

By using our website, products or services, you acknowledge that you have read, understood and consent to this Policy.

bottom of page