Security, Privacy & Compliance

Trust Model

Boo starts read-only. It watches, learns, and answers questions. When it proves competent, you grant more permissions. Every permission is explicit, every action is logged.

Data Privacy

  • No model training: Customer data is never used to train AI models, including those of third-party providers. This is the default for every provider Boo Lab works with.
  • Data isolation: Each customer gets a private, vault-encrypted memory. Nothing is shared across workspaces.
  • Customer control: You control what Boo accesses through the permissions you grant. Revoke access to any tool at any time.

Data Handling

Aspect Detail
Encryption At rest and in transit (TLS)
Storage location US-based managed cloud infrastructure
Access control Role-based
Data residency All LLM inference via APIs in the United States
Hosting Railway and AWS (customer data). Vercel (marketing site only).
LLM tenancy Logically isolated per customer. Prompts/responses never shared.

LLM Providers

Boo uses three model providers — always disclose all three:

  1. Anthropic (Claude)
  2. OpenAI (GPT)
  3. Google (Gemini)

All providers process data under per-request API terms with no model training.

Sub-Processors (18 total)

Full list maintained at boolab.ai/legal/subprocessors.

Category Services
Cloud infrastructure Railway, Vercel, Cloudflare, GitHub (Container Registry), AWS, E2B
Model providers Anthropic, OpenRouter, OpenAI, Google (Gemini)
Search & web retrieval Exa, Tavily, BrowserUse
Billing Stripe
Support & communications Resend, Slack (Salesforce), Linear
Security & monitoring PostHog

Important distinction: Customer-connected integrations (Slack, GitHub, Linear, etc. that customers connect to Boo) are NOT sub-processors — they are the customer's own tools accessed on their behalf.

Compliance

  • SOC 2: Being pursued
  • HIPAA: Not compliant
  • GDPR: DPA available at boolab.ai/legal/dpa
  • SSO: Supports Okta, Google Workspace, Microsoft Entra ID, OneLogin, JumpCloud, PingOne, Auth0, and any SAML 2.0-compatible IDP

Contacts

Extraction Probe Detection

Boo includes built-in detection for attempts to extract its internals (system prompts, identity, secrets, guardian bypass). The intent classifier flags four categories of extraction probes. There is an active effort to wire these detections into the error logging pipeline for PostHog visibility.

Sources (4)

public-web
Boo Lab - Security, Trust, and Data Privacy
slack
Slack Marketplace Submission — Privacy & Data Governance Responses
slack
Sub-Processors Register — Legal Compliance Decision
slack
Security — Extraction Probe Detection & PostHog Alerting