bondour.
Apply

Privacy

What we collect.
What we don’t.

Bondour is a Swiss initiative. We follow Swiss revFADP and the EU GDPR/ePrivacy framework. This page tells you, in plain language, every place data leaves your device. And how to stop it.

§ I

Application data

When you submit the application form, we store your name, age band, email, the answer to “what are you building?”, and the optional Instagram handle and invite code. The IP address is salted and hashed at the edge. We use the hash for rate-limiting and never reverse it.

Stored on Neon Postgres (Frankfurt, EU). Read by Bondour founders only. Deleted on request, immediately, by emailing legal@bondour.com.

§ II

Session cookie

A single, strictly-necessary cookie keeps you signed in to the members area after you authenticate. HttpOnly, SameSite=Lax, Secure. Cleared when you sign out or when the session expires.

No tracker, no third party, no consent required under ePrivacy Art. 5(3). It does only what it needs to do for the page you asked for.

§ III

Meta Pixel

We use the Meta Pixel from Meta Platforms, Inc. (US) to measure how the marketing campaigns we run on Facebook and Instagram actually reach the people we mean to reach. The pixel sends Meta the URL of the page you visited, the event (page view, application submitted, email confirmed), the referrer, and a Facebook-set cookie if you have one.

Meta is the data controller for that information once it leaves your browser. Their privacy notice is at facebook.com/privacy/policy. We rely on the EU-US Data Privacy Framework (Meta is certified) and Standard Contractual Clauses for transfers outside the EEA.

The pixel is on by default. The control panel below disables it on this device at any time, takes effect immediately, and never expires until you re-enable it. No account or contact required.

§ IV

Your control

Swiss revFADP Art. 6(7) and GDPR Art. 21. Object at any time, on any device, without contacting us.

Current setting

Loading…

Your choice is stored on this device only. Clearing browser storage or visiting from a different device resets to the default (active).

§ V

Your rights

You can ask us to access, correct, port, or delete the data we hold on you. You can object to any tracking at any time. You can complain to a supervisory authority, the Swiss FDPIC for residents of Switzerland, or your local DPA elsewhere in the EEA. We respond personally, in writing, within thirty days.

The single channel for all of these is legal@bondour.com.

Back to the landing