Bonjoro Pty Ltd Privacy policy
Bonjoro Pty Ltd based at 50 Yallambe Road, Australia 2081 – hereafter referred to as Bonjoro) value their customers and respect their privacy. The Data Processor under the UK Data Protection Act 1998 and GDPR is Bonjoro Pty Ltd, 50 Yallambe Road, Australia 2081. The Data Controller under the UK Data Protection Act 1998 and GDPR is The User of the Bonjoro Platform. Please read the following carefully to understand how we will collect, use and maintain your personal information. It also describes your choices regarding use, access and correction of your personal information. This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website. The provisions of this Policy apply to all such mobile access and use of mobile devices. This Policy will be referenced by all such mobile applications or mobile optimized websites.
We will use the information that we collect about you in accordance with the following depending on your jurisdiction:
  • The Data Protection Act 2018, UK
  • The Privacy Act 1988, Australia
  • The EU General Data Protection Regulation (Regulation EU 2016/679), (‘GDPR’) which becomes effective from 25 May 2018
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, credit card information or other details to help you with your experience.
  • Identity Data includes first name, maiden name, last name, username or similar identifier.
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details -– with your permission if you elect to make a purchase. These details are held by a Third Party payments processor and Bonjoro does not retail access to your full CC number -– Stripe, www.stripe.com. To view their privacy policy please see: https://stripe.com/au/privacy
  • Transaction Data includes details about payments to and from you and other details of services you have purchased from us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
  • Profile Data includes your username and password, purchases or orders made by you, settings, feedback and survey responses (where applicable).
  • Usage Data includes information about how you use our website, products and services.
  • Special Categories of Personal Data - Your image, classified as biometric data and data that might reveal your race and ethnic origins, obtained with your permission when you record video messages using our platform to your elected recipients.
  • Marketing and Communications Data includes your preferences in receiving emails and communications from us. This also includes us making a note of conversations we have had with you in person and/or communications you sent to us through our CRM or other platforms. This helps us to manage our relationship with you and ensures you only receive communications from us that are relevant and timely.
According to the GDPR legislation we will process Special Categories of Personal Data about you as an unavoidable consequence of the intrinsic nature of the Bonjoro service. Specifically your image - classified as biometric data. In allowing you to send video communication to your recipients we send data that could be used to identify you and your race or ethnic background. We do not use this information for any other purpose than the operation of the platform in allowing you to send video messages and fulfilling our contract with you. By opting in to an account and using the Bonjoro service, you give permission for us to process this information and send videos to your elected recipients that contain images of you. We give you control of the video by restricting download of the videos on the recipient end and giving you complete control to delete any video stored by Bonjoro at request.
When do we collect information?
We collect information from you, with your permission, when you register on our site, start a subscription, Open a Support Ticket or enter information on our site.
How do we collect information about you:
We collect different information about you in a number of ways: Information you give us: When you create an account on our website, buy a subscription, sign up to our newsletter, request marketing materials, give us feedback, we will store the personal information you give to us such as your name, email address, postal address - with your permission when you accept this privacy policy and our terms of service. We will also keep a record of your purchases. Automated technologies or interactions As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Information from third parties We occasionally receive information about you from third parties as set out below: Analytics providers such as Google Publicly available data sources such as: ClearBit Advertising networks such as Facebook Search information providers such as Google AdWords
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
  • To quickly process your transactions.
  • To follow up with them after correspondence (live chat, email or phone inquiries)
Specifically the use of your information is almost always used in executing contracted activities for you - i.e. the sending of Bonjoros to your elected recipients, executing subscription payments, responding to support requests. Please see the table below for more information:
Purpose/Activity
Type of data
Lawful basis for processing including basis of legitimate interest
To register you as a new customer
(a) Identity (b) Contact
(a) Performance of a contract with you
To process and deliver your subscription purchase including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us
(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications
(a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey
(a) Identity (b) Contact (c) Profile (d) Marketing and Communications
(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To enable you to use the core platform functionality - send video messages to your elected recipients
(a) Identity (b) Contact (c) Profile (d) Usage (e) Special Categories of Personal Data - your image
(a) Performance of a contract with you (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business ,to track interaction on your behalf with your communications and pass that information to and from your account)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
(a) Identity (b) Contact (c) Technical
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation
To use data analytics to improve our website, products/services, marketing and communications with you, customer relationships and experiences
(a) Technical (b) Usage
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider (Stripe) and are not stored or processed on our servers. Your videos and personal information is stored using a GDPR ready 3rd party provider AWS ( https://aws.amazon.com/compliance/gdpr-center/) in a controlled environment with limited access.
Do we transfer data internationally?
Yes, Bonjoro will transfer data internationally in performance of our contract with you to deliver your video messages. By agreeing to this Privacy Policy you consent to us transferring your information outside your jurisdiction in order to carry out our contract with you. Note: We will never sell or transfer your data to Third Parties for advertising or marketing purposes. We may share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your personal information only as necessary to provide these services to us, to which these services may include:
  • Payment processing
  • Providing customer service
  • Sending marketing communications
  • Conducting research and analysis
  • Providing cloud computing infrastructure
  • Video processing and transcoding
For most recipients of your data this involves only your email address, profile photo and the bio you enter into your account settings. These functions are vital for us to deliver the Bonjoro service for your use. We have audited these providers and they have all publicly expressed that they are GDPR compliant.
Access
Upon request Bonjoro will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or by contacting us at the contact information below. We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service. Bonjoro Pty Ltd acknowledges that you have the right to access your personal information. Bonjoro has no direct relationship with the individuals - primarily our Users nominated Bonjoro recipients - whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Bonjoro's Client (the data controller). If requested to remove data we will respond within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
Do we use 'cookies'?
Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember you and facilitate the process of logging in to your account. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
We use cookies to:
  • Understand and save user's preferences for future visits.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off, some features will be disabled. Some of the features that make your site experience more efficient and may not function properly. However, you will still be able to place orders The Web Portal.
Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information (PII) unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Voluntary Disclosure of Personally Identifiable Information
When using Bonjoro, Users elect to send PII to their own nominated recipients in the form of; i) their email address and ii) their likeness in the form of self-recorded video. We will not repurpose this content in any way without authorisation. We do reserve the right to scan video material for abusive, illegal, or other content that violates our Terms of Service. The User cannot hold Bonjoro accountable for the subsequent use of transmitted PII by the recipient.
Recipient PII handling and disclosure
While using Bonjoro the System will capture the email address of your recipients, as well as publicly available information from social media and other internet sources. We do not sell, trade, or otherwise transfer to outside parties this information, it is solely for the purpose of providing the Service. This information will be retained on our servers, as well as a record of the Bonjoro sent to the recipient for tracking and reporting. E can delete this information on request. You are responsible for the distribution and publishing of any testimonial content collected using our testimonials tool. Permissions should be sought and confirmed using the functionality included in the Service or through other channels. Bonjoro will not use, sell or share any testimonial content you collect. You agree to hold harmless and indemnify Bonjoro from and against any third party claim arising from your use of the testimonial content you collect. Requests regarding the Service Data. If we receive a request from a Testimonial Provider (data subject) asking to exercise data subject’s rights with regard to their submission, we will forward such a request to the respective data controller (You). This could be a request to, but not limited to, temporarily to permanently delete their testimonial, cease publication, or alter the testimonial in some way.
How do We handle your Social Logins?
Our Service offers you the ability to register and login using your third-party social media account details (like your Google logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, profile picture as well as other information you choose to make public on such social media platform. We will use the information we receive only for the purposes that are described in this privacy notice or that are otherwise made clear to you on the relevant Website. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use and share your personal information, and how you can set your privacy preferences on their sites and apps.
Third-party links
We do not include or offer third-party products or services on our website.
Google
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en We use Google AdSense Advertising on our website. Google, as a third-party vendor, uses cookies to serve ads on our site. Google's use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.
We have implemented the following:
  • Demographics and Interests Reporting
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together Track engagement with the site and service
Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
According to CalOPPA, we agree to the following:
Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above.
You will be notified of any Privacy Policy changes:
  • On our Privacy Policy Page
Can change your personal information:
  • By logging in to your account
How does our site handle Do Not Track signals?
We don't honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because: It's required for Account Holders to use the service
Does our site allow third-party behavioral tracking?
It's also important to note that we do not allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur: We will notify you via email within one calendar month We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders.
  • Send you additional information related to your product and/or service
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at
- Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Contacting Us If there are any questions regarding this privacy policy, you may contact us using the information below.
www.bonjoro.com 50 Yallambe Road Berowra Sydney, NSW 2081 Australia hello@bonjoro.com