Data Use Policy

How We Handle Your Data

Blast Office is designed with a local-first approach to data handling. This page explains how your data is processed, stored, and protected.

Data Processing

When you use AI features in Blast Office, your inference requests are proxied through our server to the AI provider. This means:

• Your prompts and AI responses pass through our server during processing
• By default, this data is not stored on our servers
• Server-side logging is optional and can be enabled by you or your organization administrator

Logging

Logging in Blast Office is fully configurable:

• Individual users: Logging is off by default. You can enable it if you want to maintain server-side records of your conversations.
• Organizations: Logging is on by default to support compliance and auditing requirements. Organization administrators can configure this setting.
• Local logs: All conversation and activity logs are stored locally on your device.
• Server logs: When enabled, server-side logs are stored securely and accessible only to authorized users.

Content Safety

Blast Office includes content safety filters that may flag certain conversations. Flagged content is handled in accordance with our content safety policies and may be reviewed to ensure compliance.

GDPR Compliance

Blast Office is committed to GDPR compliance. You have the right to:

• Download your data: Request a complete export of all your user data through the web app at app.blastoffice.com. See our guide to downloading your data.
• Delete your account: Request permanent deletion of your account and all associated data through the web app. See our guide to account deletion.

No Website Tracking

This website does not track you. We do not use cookies, analytics, or any other tracking technologies on blastoffice.com.

Data Storage

Blast Office uses a local-first approach to data storage:

• Documents, chat history, and settings are stored on your device
• Knowledge bases and embeddings are stored locally
• Account information and billing are stored on our server
• Inference data passes through our server but is not stored by default

Third-Party Data Processing

Blast Office integrates with third-party services for specific functionality:

• Inference Provider: AI model requests are processed by our inference provider. Requests are not stored by the provider beyond what is necessary for processing.
• Billing Provider: Payment and subscription data is processed by our billing provider in accordance with PCI DSS standards.
• Authentication Provider: Identity and SSO data is managed by our authentication provider with enterprise-grade security controls.

We carefully vet all third-party providers to ensure they meet our privacy and security standards.