Boatman Logo

Privacy Policy

Privacy Policy for Boatman
Last Updated: February 2026

1. The “Plain English” Summary

We built Boatman because we wanted a tool for thinking, not for being tracked. Here is our promise to you in simple terms:

  • We do not sell your data. Not now, not ever.
  • You own your notes. You can export them or delete your account at any time.
  • We use AI to help you think. To do this, we send your text to OpenAI (our AI provider). We use their “Business API,” which means they do not use your data to train their models.
  • We don’t look. While we technically have database access as administrators, we have strict internal rules against reading user data unless you explicitly ask us to help you debug something.

2. What Data We Collect

We collect only what is necessary to provide the “Second Brain” experience:

  • Account Information: Your email address (for logging in).
  • User Content: The notes, journals, goals, and essays you write in the app.
  • Generated Data:
    • Vector Embeddings: We convert your text into mathematical lists of numbers (vectors) to power the “Related Notes” feature.
    • Psychological Profile: The AI generates a private profile (e.g., “Core Values,” “Current Phase”) based on your writing to generate better journal prompts.
  • Usage Data: Logs of when you log in or encounter errors, used solely for debugging.

3. How We Use Your Data

We use your data for one purpose: to make Boatman smarter for you.

  • Semantic Search: We compare your notes to find hidden connections.
  • AI Synthesis: We use Large Language Models (LLMs) to generate “School of Life” style journal prompts, daily digests, and pattern recognition.
  • Communication: To send you critical updates (like “We released a new feature”).

4. Third-Party Processors (The AI Stack)

We are a small team. We rely on trusted infrastructure to keep your data safe.

  • Supabase (Database): Stores your encrypted notes and user data. See Supabase Security.
  • OpenAI (Intelligence): We send anonymized snippets of your text to OpenAI to generate embeddings and insights. We use their API Platform, which guarantees that your data is not used to train their future models. See OpenAI API Privacy.
  • Vercel (Hosting): Runs the code that powers the application.

5. Security

  • Encryption at Rest: Your data is stored on encrypted discs in our database provider (Supabase).
  • Row Level Security (RLS): We enforce strict database rules that prevent any user from reading another user’s data. Even if someone hacked the “front door” of the website, the database would reject their request for your specific notes.

6. Your Sovereignty (Rights)

  • The “Kill Switch”: You can delete your account at any time. This is a “Hard Delete.” It wipes your user row, all your notes, all your vectors, and your profile from our database instantly. It cannot be undone.
  • Export: You have the right to request a copy of all your data in a readable format (JSON/Markdown).

7. Changes to This Policy

As Boatman evolves from a beta tool to a mature product, we may update this policy. We will notify you via email if we make significant changes to how we handle your privacy.

8. Contact

Boatman is built and maintained by a human, not a corporation. If you have questions about your privacy, email me directly at: shantanu.nagras@gmail.com