Legal

Privacy Policy

This Privacy Policy explains what information BlindBox collects, how we use it, when we share it, how long we keep it, and the choices you have when you use the website, apps, account services, billing tools, and optional AI features.

Effective date: May 11, 2026

1. Scope and who this policy covers

This Privacy Policy applies to the BlindBox marketing website, downloadable apps, account services, billing and donation checkout, and related support and documentation.

  • When this policy says "BlindBox," "we," "our," or "us," it means the operators of the BlindBox website, apps, and related services.
  • This policy covers information collected directly from you, information collected automatically when you use our website or apps, and information we receive from third-party services you choose to connect.
  • Third-party services such as Google, Microsoft, Apple, Polar, your email provider, and your calendar provider have their own privacy policies and practices. This policy does not replace theirs.

2. Key definitions and how to read this policy

Privacy laws use terms that can be technical, so this section explains how some of the most important ones are used in this document.

  • “Personal information” or “personal data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an identified or identifiable person.
  • “Sensitive personal information” can include items such as precise account credentials, password-related information, financial information, and certain demographic data that receives heightened treatment under some privacy laws.
  • “Process” or “processing” means almost anything we do with information, including collecting, storing, organizing, using, disclosing, transmitting, analyzing, deleting, or otherwise handling it.
  • “Service providers,” “processors,” or similar terms refer to vendors and contractors that handle information on our behalf for operational purposes rather than for their own unrelated use.
  • References to “you” may refer to a website visitor, account holder, donor, subscriber, support contact, or user of the BlindBox apps, depending on context.

3. Information we collect

The information we collect depends on how you interact with BlindBox and which features you use.

  • Website and support information: if you email us, call us, or start a donation checkout, we may collect your name, email address, phone number, organization, country, message, and anything else you choose to share.
  • BlindBox account information: we may collect your email address, full name, password hash and salt, account session information, and account-related timestamps such as creation, login, and verification events.
  • Onboarding and profile information: if you provide it, we may store primary mailbox details, provider name, locale, time zone, and onboarding or demographic details such as gender, birthday, or age range.
  • Billing and donation information: we may collect customer email, subscription plan and status, trial status, checkout identifiers, billing portal usage, donation amount, donation cadence, donor identity details, and contact-consent preferences. Payment card details are handled by our payment processor rather than stored by BlindBox.
  • Connected service information: when you connect an email or calendar provider, BlindBox may process the mailbox address, provider type, OAuth or session tokens, calendar targets, and mailbox connection metadata needed to authenticate and provide the feature you requested.
  • Attachment AI information: if you use optional AI attachment features, BlindBox may process the attachment file content, file name, MIME type, generated summaries or transcripts, attachment hashes, model name, and usage and quota records.
  • Device, app, and website data: we may receive IP address, browser type, device details, approximate diagnostics, request metadata, referrer data, download requests, and app or service logs needed for security, abuse prevention, and operations.
  • Local storage and on-device data: BlindBox apps may store sessions, preferences, accessibility settings, inbox state, mailbox metadata, and cached analysis results on your device. The marketing site also uses limited browser storage for interface behavior.

4. Sources of information

BlindBox can receive personal information from several sources depending on the features you use.

  • Directly from you when you create an account, contact us, request support, configure preferences, begin a billing flow, or provide donation information.
  • Automatically from your browser, device, app session, or network connection when you load pages, download files, sign in, use app features, or interact with our backend services.
  • From connected providers you authorize, such as mailbox, calendar, authentication, payment, or AI providers, when they return account identifiers, tokens, billing status, or other integration data needed to provide the feature you requested.
  • From operating logs, fraud-prevention systems, error reporting, and internal service records created as part of running, debugging, securing, and supporting BlindBox.

5. How we use information

We use personal information to operate BlindBox, support users, protect the service, and improve accessibility-focused workflows.

  • To provide the website, downloadable software, connected mailbox and calendar features, account creation, sign-in, password reset, verification, and customer support.
  • To process subscriptions, trials, billing status, donations, customer portal access, fraud prevention, receipts, financial records, and related account administration.
  • To run optional AI attachment features, including sending file content for analysis, caching results, and tracking usage against your plan limits.
  • To remember settings, accessibility preferences, connected accounts, and local app state so BlindBox can reopen in a useful and familiar way.
  • To secure the service, investigate abuse or technical problems, monitor performance, enforce our Terms of Service, and comply with applicable law.
  • To understand which pages, features, downloads, and support flows are working well or need improvement, especially where that helps accessibility, reliability, and onboarding.
  • To create internal records that document authentication activity, billing state, support history, accessibility issues, and operational actions that affect the safety or continuity of the service.

6. Legal bases for processing

If privacy laws such as the GDPR apply to our processing, we generally rely on one or more of the following legal bases.

  • Performance of a contract: to provide BlindBox, maintain accounts, process subscriptions or donations, and deliver features you request.
  • Legitimate interests: to secure the service, prevent abuse, improve the product, maintain records, and respond to support inquiries.
  • Consent: where we rely on your choice, such as when you submit optional information or use optional AI attachment analysis features.
  • Legal obligation: when we need to retain or disclose information for tax, accounting, security, fraud-prevention, or other legal compliance reasons.

7. How we share information

We do not sell personal information for money. We share information only when needed to run BlindBox, complete a transaction, honor your choices, or comply with law.

  • Email and calendar providers you choose to connect, such as Google, Microsoft, Apple, and other mailbox providers, so BlindBox can access the account or calendar functionality you requested.
  • Payment and billing providers, including Polar, to create checkouts, manage subscriptions, process donations, and provide customer billing tools.
  • AI service providers, currently Google Gemini as configured by BlindBox, when you choose to run attachment summaries, transcripts, or related accessibility analysis.
  • Email delivery and infrastructure providers that help us send verification or password-reset emails when those features are configured.
  • Hosting, storage, logging, security, and operational providers that help us run the website, backend services, downloads, and support systems.
  • Professional advisers, regulators, law enforcement, or other third parties when disclosure is reasonably necessary to protect rights, investigate misuse, enforce our terms, or comply with legal obligations.
  • A successor or acquirer if BlindBox is involved in a merger, acquisition, financing, reorganization, or asset sale, subject to the treatment of data in that transaction.

8. Deidentified and aggregated information

Some privacy laws distinguish between identifiable information and information that no longer reasonably identifies a person.

  • We may create aggregated, statistical, or deidentified information from personal information for operational analysis, service improvement, accessibility research, planning, security, capacity management, and similar internal purposes.
  • When we treat information as deidentified, we expect it to be maintained in a form that is not reasonably intended to identify a specific individual, except as allowed by applicable law.
  • Aggregated or deidentified information may not be subject to the same rights and limitations as identifiable personal information under all privacy laws.

9. Cookies, browser storage, and similar technologies

BlindBox uses a limited set of browser and on-device storage tools for functionality rather than advertising.

  • The marketing site currently uses browser local storage for small interface behaviors and requests font files from Google Fonts, which means your browser may send technical request information such as IP address and user-agent to Google when the site loads those fonts.
  • BlindBox apps may store session state, preferences, accessibility settings, cached mailbox data, and related local application data on your device so the app can function properly.
  • We do not currently use third-party advertising cookies or cross-site behavioral advertising tags on the marketing site.
  • Because the website and apps rely on some local storage for core functionality, disabling all storage may affect sign-in persistence, preferences, or interface behavior.

10. California online tracking disclosures

This section is included to address disclosures commonly expected under California’s online privacy requirements, including do-not-track related disclosures.

  • The BlindBox website does not currently respond to browser do-not-track signals in a standardized way because there is not a single universally accepted technical standard for those signals across websites and services.
  • BlindBox does not currently use on-page third-party behavioral advertising tags or cross-context advertising tools on the marketing site.
  • When the website loads third-party resources such as Google Fonts, those third parties may receive technical request information like your IP address, browser information, and related network metadata. Their handling of that information is governed by their own privacy notices and practices.
  • We do not currently state that other parties may collect personally identifiable information about your online activities over time and across unrelated third-party websites through BlindBox for cross-context behavioral advertising, but third-party providers whose resources are called by your browser may collect technical request data under their own systems.

11. Automated processing and AI-assisted features

BlindBox uses software automation to authenticate sessions, manage billing state, and power certain accessibility features, but this is not the same as fully automated decision-making with legal or similarly significant effects.

  • BlindBox may automatically check session validity, refresh billing status, validate connected services, measure quota consumption, and generate attachment summaries or transcripts using configured AI tools.
  • BlindBox does not currently describe its service as making solely automated decisions that produce legal or similarly significant effects about users in the sense used by the GDPR.
  • AI-generated output is meant to assist accessibility and workflow. It should not be treated as guaranteed accurate, authoritative, or complete, and users should review important content independently.

12. How long we keep information

Retention depends on the kind of information, why we collected it, and what we need to keep for operations, security, accounting, or legal compliance.

  • BlindBox account records are generally kept while your account remains active and for a reasonable period afterward to resolve disputes, maintain security, or satisfy legal obligations.
  • BlindBox account sessions may remain valid for up to 365 days unless they expire, are revoked, or are otherwise terminated sooner.
  • Email verification tokens are short-lived and currently expire after 48 hours. Password-reset tokens are short-lived and currently expire after 1 hour once issued.
  • Billing, donation, fraud-prevention, and accounting records may be retained as long as needed for financial reporting, audits, tax compliance, chargeback handling, and related legal requirements.
  • Attachment analysis outputs and usage records may be retained until they are deleted, overwritten, or no longer needed for service delivery, plan enforcement, or support.
  • Data stored locally on your own device generally remains there until you remove it, sign out, clear local storage, disconnect accounts, uninstall the app, or overwrite the data with newer state.
  • When deciding retention periods, we consider the nature of the information, the feature involved, security needs, fraud-prevention needs, recordkeeping obligations, dispute risks, and whether we still need the information to provide the service you requested.

13. Security

We use technical and organizational measures designed to protect information, but no system can promise perfect security.

  • BlindBox stores account passwords as salted password hashes rather than plaintext passwords.
  • We use access controls, transport security where available, token-based authentication, and operational logging to help secure the service.
  • You are responsible for keeping your devices, mailbox credentials, and account credentials secure and for notifying us if you suspect unauthorized access.
  • If you connect third-party mailbox or calendar providers, the security of those accounts also depends on the protections you enable with those providers, such as strong passwords and multi-factor authentication.
  • No website, application, storage environment, or transmission method can be guaranteed completely secure, so BlindBox cannot promise absolute security.

14. California and other U.S. state privacy notices

Certain U.S. state privacy laws grant residents specific rights and impose obligations only when a business and a given processing activity fall within the scope of those laws.

  • If the California Consumer Privacy Act, as amended, or a similar U.S. state privacy law applies to our processing of your personal information, you may have rights to know, access, correct, delete, obtain a copy of certain information, opt out of certain sales or sharing, limit certain uses of sensitive personal information, and receive equal treatment for exercising your rights, subject to exceptions and verification requirements.
  • Based on BlindBox’s current implementation, we do not describe our website or services as selling personal information for money, and we do not currently use the marketing site for cross-context behavioral advertising. If our practices materially change, we will update this policy and provide any disclosures or choice mechanisms required by law.
  • Where permitted by law, an authorized agent may submit certain privacy requests on your behalf. We may require proof of that authority and verification of your identity before completing the request.
  • If a state privacy law requires an appeal process after a rights request is denied, we will tell you how to seek further review in our response where applicable.

15. Your choices and privacy rights

Depending on where you live and subject to applicable exceptions, you may have legal rights over your personal information.

  • You may be able to access, correct, or update parts of your account information inside BlindBox or by contacting us.
  • You may request deletion of your BlindBox account and associated personal information by contacting us. We may keep limited information where necessary for security, billing, accounting, dispute resolution, or legal compliance.
  • You can disconnect connected inboxes or calendars, cancel paid subscriptions through the available billing portal or provider tools, and stop using optional AI features at any time.
  • If laws such as the California Consumer Privacy Act or similar state laws apply to our processing, you may have rights to know, access, correct, or delete certain information and to receive equal service for exercising those rights.
  • If laws such as the GDPR or UK GDPR apply to our processing, you may also have rights to object, restrict processing, withdraw consent where applicable, request portability, and lodge a complaint with your local supervisory authority.
  • You may also have choices through your device, browser, mailbox provider, calendar provider, or payment provider that affect how information is stored, synced, retained, or shared.
  • To exercise privacy rights, contact us at the address listed below. We may need to verify your identity, confirm account ownership, or request additional information before completing a request.

16. International transfers

BlindBox and some of its providers may process information in the United States and other countries where privacy laws may differ from those in your home jurisdiction.

  • If you access BlindBox from outside the United States, you understand that your information may be transferred to and processed in countries where we or our providers operate.
  • Where required by applicable law, we will use reasonable steps to support lawful transfer mechanisms for cross-border processing.

17. Additional notice for EEA, UK, and similar jurisdictions

Users in the European Economic Area, the United Kingdom, and jurisdictions with similar privacy frameworks may expect additional detail about controller transparency and rights handling.

  • This policy is intended to provide the categories of information typically required in transparency notices, including the types of data processed, purposes of processing, legal bases, recipients, retention principles, international transfer expectations, and rights information.
  • Where we rely on consent, you may withdraw that consent going forward, although doing so will not affect processing that was already lawful before withdrawal.
  • Where we rely on legitimate interests, those interests generally include securing the service, preventing abuse, improving accessibility workflows, maintaining operational records, and running the product effectively for users.
  • If you are dissatisfied with how we handle a privacy request, you may have the right to complain to the supervisory authority in the country where you live, work, or believe the issue occurred.

18. Children’s privacy

BlindBox is not directed to children under 13, and we do not intend to knowingly collect personal information from children under 13 through the service.

  • If you believe a child under 13 has provided us personal information, contact us so we can investigate and take appropriate action.
  • If local law sets a higher minimum age for digital consent, users in that region should use BlindBox only with any required parent, guardian, or other authorized consent.

19. Material changes and notice practices

Privacy notices need to evolve when products, features, vendors, or legal requirements change.

  • We may revise this Privacy Policy when BlindBox launches new features, changes data flows, changes vendors, changes billing or donation processes, or needs to address legal or regulatory developments.
  • If we make a material change, we may update the effective date, publish the revised policy on the website, and provide additional notice inside the service or through other reasonable channels when appropriate.
  • The version posted on this website is the current version unless a different version is expressly stated for a separate product or feature.

20. Changes to this policy and how to contact us

We may update this Privacy Policy from time to time to reflect service changes, legal developments, or operational needs.

  • When we make material changes, we will update the effective date on this page and may provide additional notice where appropriate.
  • If you have privacy questions or want to submit a privacy request, contact BlindBox at hello@blindbox.email or 404-513-3348.