Bonjour AI
Trust & security

Security as a first-class feature

This page is maintained by the Bonjour team to answer common security and privacy questions.

This page describes controls we operate today. It is not an independent certification.

Authentication & access

Email + password with hashed storage; role-based access via a dedicated roles table; row-level policies on every user-facing table.

Encryption

TLS in transit. Sanctuary mode adds AES-GCM 256 encryption in the browser before upload; keys never leave your device's RAM.

Data hosting

Application: Cloudflare edge. Database & auth: managed EU-region infrastructure.

Retention

Sanctuary files: 48-hour auto-delete. Activity log kept for auditability and aggregate analytics.

Reporting a vulnerability

Email contact@unpourtousettouspourun-asso.fr with the subject prefix [SECURITY]. We reply within 24 hours.

Shared responsibility

Bonjour provides the platform controls above. Members are responsible for their own passwords, device security, and the accuracy of the data they enter.