BLAM8

Privacy Policy

Last updated: 22 June 2026

Draft pending final legal review — bracketed items to be completed before publication.

This Privacy Policy explains how [LEGAL ENTITY] ("BLAM8", "we", "us", "our"), which operates the BLAM8 platform ("Business Logistics Automated") at blam8.haail.dev, collects, uses, stores and shares personal data. It applies to the businesses that subscribe to BLAM8 ("Customers") and to the individuals whose data is processed through the service.

Our role (controller vs processor)

For your account and billing data we act as a controller. For the email, calendar and operational content we process on your behalf when you connect a mailbox, we act as a processor and you are the controller — you are responsible for having a lawful basis to process the data of the people who email you, and for telling them about it where required.

The data we process

  • Account & identity — your name and email address from Microsoft or Google single sign-on, and your tenant/company record.
  • Mailbox content — when you connect a mailbox, we read incoming messages so the agent can draft replies, and we store those drafts and a record of handled emails (sender, subject, status, timestamps, and — temporarily — message and draft text).
  • Calendar data — if you enable Scheduling, we read free/busy events to compute capacity and write the bookings you confirm.
  • Configuration & knowledge — the business brief, tone, rules, examples and knowledge sources (files, URLs, notes) you provide to ground the agent.
  • Operational records — if you use Scheduling/Fleet/TMS modules: bookings, vehicles, drivers, proof-of-delivery, pricing and invoices you create through the service.
  • Authentication tokens — the OAuth tokens that let us access your mailbox/calendar, encrypted at rest.
  • Usage & billing — metered usage events (for cost/allowance) and subscription/billing metadata (card details are handled by Stripe, never by us).

How we use it & our lawful bases

We use the data solely to provide and operate the service: reading incoming mail, drafting replies, sending only the replies a human approves (or, where you switch on full-auto, the messages your configuration authorises), running the scheduling/fleet features you enable, metering usage, and supporting and securing the platform. Under UK GDPR our lawful bases are performance of our contract with you and our legitimate interests in operating, securing and improving the service. We do not sell personal data, and we do not use your content to train third-party AI models.

Google user data — Limited Use

BLAM8's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data to provide and improve the user-facing features described in this policy (reading your inbound email to draft replies, sending replies you approve, and the calendar features you enable).
  • We do not transfer Google user data except as necessary to provide or improve those features, to comply with applicable law, or as part of a merger or acquisition with adequate safeguards — and, where required, with your consent.
  • We do not use Google user data for serving advertisements.
  • We do not allow humans to read your Google user data unless: (a) you give specific consent (e.g. to debug a message); (b) it is necessary for security, abuse prevention, or to comply with law; or (c) the data is aggregated and anonymised for internal operations. We also do not use it to train generalised AI/ML models.

We request the minimum Google scopes needed: read-only inbox access (gmail.readonly), send (gmail.send) for approved replies, and calendar events (calendar.events) for Scheduling.

Microsoft data

For Microsoft 365 mailboxes we request only least-privilege Microsoft Graph permissions — read mail, send mail, calendar read/write, and your basic identity — used solely to provide the same features. We never receive your Microsoft password, and access can be revoked at any time.

Automated drafting (AI)

Replies are drafted by a large language model (Anthropic's Claude). By default a human reviews and approves every reply before it is sent; full-auto sending is an explicit per-mailbox opt-in. The agent uses only the knowledge you provide as its source of facts and defers when it is unsure. Anthropic does not use API inputs or outputs to train its models.

Storage, security & isolation

Each Customer's data is isolated at the database level using row-level security. Sign-in and mailbox/calendar access use Microsoft or Google OAuth — never your password. Data is encrypted in transit (TLS), and OAuth tokens are encrypted at rest. Access to production systems is restricted and audited.

Sub-processors

We share only what each provider needs to deliver its part of the service:

  • Microsoft & Google — mailbox/calendar access and single sign-on, via OAuth.
  • Anthropic (USA) — drafting replies; your email content is sent as the prompt. Does not train on API data.
  • Voyage AI (USA) — generates embeddings of your knowledge sources for retrieval.
  • Supabase (UK, London / eu-west-2) — database, authentication and vector storage.
  • Stripe — subscription billing; card details go straight to Stripe and never touch our systems.
  • Render (EU, Frankfurt) — application hosting.

International transfers

Some sub-processors (Anthropic, Voyage) are located in the United States. Where personal data is transferred outside the UK/EEA, we rely on appropriate safeguards such as the UK International Data Transfer Addendum or EU Standard Contractual Clauses.

Retention

The content of handled emails (the incoming message and the drafted reply) is automatically redacted after 90 days; we keep only the audit record — sender, subject, status and timestamps. OAuth tokens are deleted when you disconnect a mailbox. Knowledge sources are kept until you delete them or close your account. Account and billing records are kept for as long as your account is active and for a reasonable period afterwards to meet legal and accounting obligations.

Deleting your data

You can disconnect any mailbox at any time, which deletes its OAuth tokens and stops all processing for that mailbox. You can request closure of your account and deletion of your data, which removes your mailboxes' tokens, knowledge sources, configuration and operational records, and redacts retained email logs. Contact us at hello@blam8.com to make a deletion request; we will action verified requests without undue delay.

Your rights

Under UK GDPR you have the right to access, rectify, erase, restrict or object to the processing of your personal data, and to data portability. To exercise these rights, contact hello@blam8.com. Where we act as a processor for a Customer's email data, requests from that Customer's contacts should be directed to the Customer (the controller); we will assist the Customer in responding. You also have the right to complain to the UK Information Commissioner's Office (ico.org.uk).

Cookies

We use only strictly-necessary cookies to keep you signed in and to protect against cross-site request forgery. We do not use advertising or third-party tracking cookies.

Children

BLAM8 is a business service not directed at children and is not intended for anyone under 18.

Changes to this policy

We will update this page and notify account contacts before adding a new sub-processor or materially changing how we process personal data.

Contact

Data controller: [LEGAL ENTITY], [REGISTERED ADDRESS] (company no. [COMPANY NO.], ICO reg. [ICO REG NO.]). For any privacy question or to exercise your rights, contact hello@blam8.com.