← Back to Home

Privacy Policy

Last updated: April 17, 2026

1. Introduction

BoF Engage ("AIMEE"), operated by AIM Labs ("we", "us", "our"), is a multi-tenant lead automation and customer engagement platform. This Privacy Policy explains how we collect, use, store, and protect information when you use our platform at bofengage.com and related services.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), South Africa's Protection of Personal Information Act (POPIA), and other relevant legislation.

2. Information We Collect

2.1 Account Information

When you register for BoF Engage, we collect your name, email address, phone number, company name, industry, and website URL. This information is used to create and manage your account.

2.2 Lead Data

Our platform processes lead information that you or your integrations provide, including names, email addresses, phone numbers, and other contact details. You are the data controller for your lead data; we act as a data processor on your behalf.

2.3 Third-Party Integration Data

When you connect third-party services, we collect and store:

  • Meta (Facebook/Instagram): Ad account information, campaign performance data, lead form submissions, page information. Access tokens are encrypted using AES-256-GCM encryption.
  • Google Ads: Campaign data, lead form submissions, account identifiers. Credentials are encrypted at rest.
  • Email Service Providers (Resend, SendGrid): Email delivery status, open/click tracking data.
  • Social Media Platforms: Account identifiers, post content, engagement metrics.

2.4 Website Tracking Data

When you install our tracking pixel on your website, we collect visitor data including page views, session duration, scroll depth, click events, form interactions, device type, browser, referrer URL, and UTM parameters. Visitors are identified via anonymous visitor IDs stored in cookies.

2.5 Email Tracking Data

When you send emails through our platform, we track delivery status, opens (via tracking pixel), link clicks, bounces, and unsubscribes to provide campaign analytics.

3. How We Use Your Information

  • Provide and operate the BoF Engage platform and its features
  • Process and display lead data, campaign performance, and analytics
  • Send email campaigns and transactional emails on your behalf
  • Generate lead scores and engagement analytics
  • Synchronize data with connected third-party platforms
  • Provide customer support and respond to inquiries
  • Improve our platform and develop new features
  • Comply with legal obligations

4. Data Storage and Security

Your data is stored on secure servers hosted by Render (cloud infrastructure). We implement the following security measures:

  • AES-256-GCM encryption for sensitive credentials (API keys, access tokens)
  • Multi-tenant data isolation ensuring each organization's data is completely separated at the database level
  • HTTPS encryption for all data in transit
  • Role-based access control within each tenant organization
  • Secure OAuth 2.0 authentication for all third-party integrations
  • Password hashing using bcrypt

5. Multi-Tenant Data Isolation

BoF Engage is a multi-tenant platform. Each organization ("tenant") operates in a fully isolated data environment. Your leads, campaigns, templates, analytics, and integrations are invisible to and inaccessible by other tenants. Tenant isolation is enforced at the database query level on every operation.

6. Third-Party Services

We integrate with third-party services to provide platform functionality. Each integration only accesses data you explicitly authorize:

  • Meta Platforms (Facebook, Instagram): Ad campaign data and lead retrieval via Meta Marketing API
  • Google: Google Ads campaign data and lead form submissions
  • Resend / SendGrid: Email delivery services
  • Social platforms (Twitter/X, Reddit): Content publishing and engagement tracking

We do not sell, rent, or share your data with third parties for their own marketing purposes.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. Upon account deletion, we will delete or anonymize your data within 30 days, except where we are required to retain it for legal or compliance purposes.

8. Your Rights

Depending on your jurisdiction, you have the following rights:

  • Access: Request a copy of all personal data we hold about you
  • Rectification: Request correction of inaccurate personal data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Data Portability: Request an export of your data in a machine-readable format
  • Objection: Object to certain types of data processing
  • Restriction: Request that we limit how we use your data
  • Withdraw Consent: Withdraw previously given consent at any time

To exercise any of these rights, contact us at support@aimilabs.com.

9. Cookies

We use cookies for authentication (session management) and analytics. Our tracking pixel uses cookies to identify returning visitors on your websites. These include:

  • pl_visitor_id: Anonymous visitor identifier (30-day expiry)
  • aimee_session: Session tracking (session-scoped)
  • Authentication cookies: Secure session tokens for logged-in users

10. Children's Privacy

BoF Engage is a business-to-business platform and is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our platform or sending you an email. Your continued use of the platform after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

AIM Labs
Email: support@aimilabs.com
Website: bofengage.com