Privacy Policy

Introduction

We at BonBoi take the protection of your personal data very seriously. This privacy policy explains how we collect, use, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). This policy applies to all services provided through our platform and website at bonboi.io.

Data Collection and Usage

We collect and process the following personal information:

  • Authentication data (names and email addresses) through OAuth services
  • Usage data and analytics through Bing and Google Analytics, including:
    • IP addresses (anonymized)
    • Browser type and version
    • Operating system information
    • Access times and dates
    • Pages visited and features used
The legal basis for processing this data is:
  • Performance of our service contract with you
  • Your explicit consent for analytics
  • Our legitimate interests in improving our services
We use this data exclusively for:
  • Account creation and management
  • Providing and maintaining our service
  • Analyzing anonymized usage statistics to improve user experience
  • Security and fraud prevention
  • Communication about service-related issues

Data Sharing and Third Parties

We do not sell, rent, or trade your personal information to third parties. We may share your data with:

  • Service providers who assist in operating our platform (under strict data processing agreements)
  • Law enforcement when required by law
  • OAuth providers for authentication purposes only

Cookies and Tracking

We use essential cookies and similar technologies to:

  • Maintain your session and authentication status
  • Remember your preferences
  • Collect anonymous analytics data via Google Analytics and Bing
You can control cookie settings through your browser preferences.

Data Storage and Security

Your data is stored on secure servers located in Germany (EU). We implement comprehensive security measures including:

  • Industry-standard SSL/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Secure password hashing
  • Multi-factor authentication
  • Regular security audits and updates
  • Access controls and monitoring
We retain your data for the duration of your account usage and up to 30 days after account termination. After this period, your data is permanently deleted from our systems.

Your Rights

Under GDPR and CCPA, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing
  • Right to restrict processing
  • Right to withdraw consent at any time
To exercise these rights, please email privacy@bonboi.io. We will respond to your request within 30 days.

Data Protection Officer

Our Data Protection Officer can be contacted at:
Email: dpo@bonboi.io

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the effective date. Continued use of our service after such changes constitutes your consent to the changes.

Contact Information

For any privacy-related concerns, requests, or complaints, please contact us at:

KL Kris Laumann UG
Manteuffelstr 49
10999 Berlin (Germany), EU
Email: privacy@bonboi.io

You also have the right to lodge a complaint with your local data protection authority.

Last updated: January, 2025