Bonjour AI
Privacy

Your data belongs to you

GDPR-native. Zero-Knowledge by default. No dark patterns.

Controller

Un pour tous et tous pour un (RNA W751278475) is the data controller for Bonjour.

What we collect

  • Account: name, email, hashed password, role.
  • Usage: activity log (kept for analytics and auditability).
  • Payments: handled by Stripe and PayPal — we never see card numbers.
  • Sanctuary files: encrypted in your browser; we cannot read them.

Sanctuary mode

When Sanctuary mode is on, files and AI drafts are encrypted with AES-GCM 256 before they leave your device. Keys live in RAM and are wiped when you close the tab.

48-hour rule

Files uploaded in Sanctuary mode are auto-deleted after 48 hours. The activity log stays for statistical analysis but never contains file contents.

Your rights

Access, rectification, erasure, portability, restriction and objection — write to contact@unpourtousettouspourun-asso.fr. You may also lodge a complaint with the CNIL.

Sub-processors

Cloudflare (hosting), Supabase (database & auth, EU region), Stripe, PayPal, Lovable AI Gateway.