Back to Home

Privacy Policy

Effective: May 12, 2026

1. Our Commitment to Privacy

BonVage ("we", "us", "our") is committed to protecting your privacy. We operate on a simple principle: your data belongs to you. We do not sell, share, rent, or trade your personal information with third parties for their commercial purposes. Ever.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (required for account identification and communication)
  • Name (for personalisation within the platform)
  • Password (stored using industry-standard bcrypt hashing — we cannot read your password)

2.2 Trip & Travel Data

Information you voluntarily provide while using BonVage:

  • Trip itineraries, destinations, and dates
  • Budget and expense information
  • Journal entries, photos, and travel documents
  • Traveler details (names, ages, passport info you choose to store)
  • Health information (allergies, medical conditions — only if you provide it)

2.3 Technical Data

We automatically collect limited technical data to keep the service running:

  • IP address and approximate geolocation (country/region level only)
  • Browser type and device information
  • Pages visited and feature usage (anonymised analytics)
  • Login timestamps and session data

3. How We Use Your Information

We use your information only to:

  • Provide and operate the BonVage service
  • Authenticate your identity and secure your account
  • Send essential service communications (password resets, security alerts, trip invitations)
  • Improve the platform based on anonymised, aggregated usage patterns
  • Respond to support requests

We do not use your data for targeted advertising, profiling, or any purpose other than delivering and improving BonVage.

4. Your Content Remains Yours

All content you upload to BonVage — including photos, journal entries, documents, and travel plans — remains your intellectual property. We do not claim any ownership rights over your content. We do not use your photos, writing, or uploads for marketing, training, or any purpose beyond displaying them to you and the collaborators you explicitly invite.

You may export or delete your content at any time. When you delete content, it is permanently removed from our servers within 30 days, including all backups.

5. Data Sharing — What We Don't Do

We will never:

  • Sell your personal data to anyone
  • Share your data with advertisers
  • Use your content to train AI models
  • Provide your data to data brokers
  • Share your travel plans with third parties without your explicit consent

We may share data only in these limited circumstances:

  • With your permission: When you invite collaborators to a trip, they see the trip data you share
  • Service providers: We use essential infrastructure providers (hosting, email delivery, payment processing) who process data on our behalf under strict data processing agreements
  • Legal requirements: If compelled by a valid legal order, we will notify you unless legally prohibited from doing so

6. Data Security

We protect your data with:

  • Encryption in transit (TLS/HTTPS on all connections)
  • Encryption at rest for sensitive data
  • Bcrypt password hashing with per-user salts
  • JWT-based authentication with token rotation
  • Rate limiting and brute-force protection
  • Content Security Policy (CSP) headers
  • Regular security updates and dependency audits
  • Role-based access controls for all trip data

7. Data Retention

  • Active accounts: We retain your data for as long as your account is active
  • Deleted accounts: When you delete your account, all personal data is permanently erased within 30 days
  • Backups: Encrypted backups are retained for disaster recovery and are purged on a rolling schedule
  • Analytics: Anonymised, aggregated analytics data may be retained indefinitely as it cannot be linked to individuals

8. Your Rights

You have the right to:

  • Access your personal data (available through your profile and settings)
  • Correct inaccurate information at any time
  • Delete your account and all associated data
  • Export your data in a portable format
  • Withdraw consent for optional data processing
  • Object to processing based on legitimate interests

To exercise any of these rights, contact us at privacy@bonvage.com.

9. Cookies

We use only essential cookies required for the service to function:

  • Authentication cookie: Keeps you logged in across sessions
  • Session preferences: Remembers your UI settings

We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

10. Children's Privacy

BonVage is not intended for children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. International Data Transfers

Your data is stored on servers located in secure data centres. If your data is transferred across borders, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.

12. Changes to This Policy

If we make material changes to this policy, we will notify you via the platform and request your acknowledgement before you continue using the service. Minor clarifications or formatting changes do not require re-acceptance.

13. Contact Us

For privacy-related questions or concerns:
Email: privacy@bonvage.com
General support: support@bonvage.com

Return to Homepage