Security as a first-class feature
This page is maintained by the Bonjour team to answer common security and privacy questions.
This page describes controls we operate today. It is not an independent certification.
Authentication & access
Email + password with hashed storage; role-based access via a dedicated roles table; row-level policies on every user-facing table.
Encryption
TLS in transit. Sanctuary mode adds AES-GCM 256 encryption in the browser before upload; keys never leave your device's RAM.
Data hosting
Application: Cloudflare edge. Database & auth: managed EU-region infrastructure.
Retention
Sanctuary files: 48-hour auto-delete. Activity log kept for auditability and aggregate analytics.
Reporting a vulnerability
Email contact@unpourtousettouspourun-asso.fr with the subject prefix [SECURITY]. We reply within 24 hours.
Shared responsibility
Bonjour provides the platform controls above. Members are responsible for their own passwords, device security, and the accuracy of the data they enter.