Privacy

Boma is an invitation-only service that helps small private communities share moments in a calm, chronological space. The service is operated by Eunoia Systems Ltd (company details and registered office to be inserted).

Depending on how you use Boma, we may process categories of information such as:

• Account and contact data — for example phone number or email address used to sign in with a one-time code, and profile details you choose to provide (such as display name).
• Community and membership data — which boma you belong to, your role (for example steward), and invitations issued on your behalf.
• Content you post — text, photos, and other material you submit inside a boma, subject to community moderation rules.
• Technical and security data — limited logs and diagnostics needed to run the service securely (for example authentication events, abuse prevention, and error reporting).

We use this information to:

• Provide, secure, and improve the Boma product;
• Authenticate you and keep communities invitation-only;
• Allow stewards to administer their boma in line with the product's design; and
• Meet legal obligations where they apply.

Our legal bases (for example contract, legitimate interests, or consent) depend on context and jurisdiction. Where OTP sign-in or optional features require consent, we will present clear choices in the product.

Each boma has people with administrative responsibilities ("stewards"). Stewards may see member contact information needed to invite people and run the community, and may moderate content according to tools we provide. They act on behalf of their group, not as employees of Eunoia Systems Ltd.

We use trusted service providers to host the application, store data, send authentication messages, and operate backups and security monitoring. A current list of sub-processors and locations will be published or provided on request as the service matures.

We keep information only as long as needed for the purposes above, including legal, security, and dispute resolution needs. Some content may persist in backups for a limited period after deletion from the live product. Exact retention schedules are to be finalised in the data processing documentation.

If data is processed outside your country, we will rely on appropriate safeguards (for example standard contractual clauses) where required by law.

Subject to applicable law, you may have rights to access, correct, delete, restrict, or object to certain processing, and to port data. To exercise these rights, contact us using the details below. You may also lodge a complaint with your local supervisory authority.

Boma is not directed at children. We do not knowingly collect personal information from anyone under the age required for lawful consent in their region without appropriate guardian involvement.

We will update this page when our practices change. For material changes we will provide additional notice where appropriate (for example by email to account holders or a banner in the product).

Draft terms of use: Terms and conditions.

Questions about this draft: privacy@eunoia.systems (placeholder — replace with a monitored inbox).