Privacy Policy

Effective Date: January 20, 2025
Last Updated: January 20, 2025

BOND App Inc. ("Bond," "Company," "we," "us," or "our") is committed to protecting your privacy and handling your data responsibly. This Privacy Policy explains how we collect, use, store, share, and protect information when you use our executive briefing platform and related services (the "Service").

This Privacy Policy applies to all users of Bond's Service, including enterprise customers and their authorized users.

1. Information We Collect

1.1 Information You Provide

We collect information that you provide directly when you:

  • Create an account or register for the Service

  • Configure integrations with third-party platforms

  • Contact customer support or communicate with us

  • Participate in surveys or provide feedback

This information may include:

  • Account Information: Name, email address, company name, job title, and authentication credentials

  • Billing Information: Payment method details, billing address, and purchase history (processed by third-party payment processors)

  • Profile Information: User preferences, settings, and configuration choices

1.2 Data from Third-Party Integrations

To provide our executive briefing service, Bond connects to and retrieves data from your authorized third-party business applications, including:

  • Communication platforms (e.g., Slack, Gmail, Microsoft Teams)

  • Project management tools (e.g., Linear, Jira, Asana)

  • Calendar services (e.g., Google Calendar, Microsoft Outlook)

  • File storage (e.g., Google Drive, Dropbox)

  • Other business tools you authorize

Data retrieved may include:

  • Messages, conversations, and email content

  • Meeting schedules, attendees, and notes

  • Project tasks, issues, and updates

  • Document metadata and content

  • User activity and interactions within connected platforms

We only access data from third-party platforms that you explicitly authorize and configure.

1.3 Automatically Collected Information

When you use the Service, we automatically collect:

  • Usage Data: Features accessed, pages viewed, actions taken, time spent, and interaction patterns

  • Device Information: Device type, operating system, browser type and version, IP address

  • Log Data: Access times, error logs, referral URLs, and system activity

  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to maintain sessions, remember preferences, and analyze usage (see Section 9)

2. How We Use Your Information

We use collected information for the following purposes:

2.1 Service Delivery

  • Provide, operate, maintain, and improve the Service

  • Generate personalized executive briefings by analyzing your business data

  • Facilitate integrations with third-party platforms

  • Authenticate users and manage accounts

  • Process transactions and send transaction notifications

2.2 Communication

  • Send service-related notifications and updates

  • Respond to inquiries and provide customer support

  • Send administrative messages about account or subscription changes

  • Communicate about new features, updates, or changes to our policies (with your consent where required)

2.3 Analytics and Improvement

  • Analyze usage patterns to improve Service functionality and user experience

  • Conduct research and development for new features

  • Monitor and analyze trends, usage, and activities

  • Detect, prevent, and address technical issues and security vulnerabilities

2.4 Legal and Security

  • Comply with legal obligations and enforce our Terms of Service

  • Protect against fraud, abuse, and security threats

  • Resolve disputes and enforce agreements

  • Protect the rights, property, and safety of Bond, our users, and the public

2.5 AI and Machine Learning

We use artificial intelligence and large language models (LLMs) to:

  • Process and analyze your business data to generate insights

  • Create personalized executive briefings and summaries

  • Extract key information and identify trends

Important: We do not use your business data to train, fine-tune, or improve third-party AI models. Your data is processed by AI systems solely to generate insights for your use and is not retained by AI service providers for model training purposes.

3. Google API Services and Limited Use Disclosure

Bond's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • We access Google user data (such as Gmail and Google Calendar) only with your explicit authorization via OAuth consent

  • We use Google data solely to provide and improve features that are prominent in our Service interface (executive briefings, meeting summaries, and related functionality)

  • We do not transfer Google user data to third parties except as necessary to provide the Service, comply with legal obligations, or with your explicit consent

  • We do not use Google user data for advertising purposes

  • We do not allow humans to read Google user data unless we have your explicit consent, it is necessary for security purposes, or it is required for legal compliance

4. How We Share Your Information

We do not sell, rent, or trade your personal information or business data. We share information only in the following limited circumstances:

4.1 Service Providers and Processors

We share data with trusted third-party service providers who assist us in operating the Service, including:

  • Cloud infrastructure providers (e.g., AWS, Google Cloud)

  • Data storage and database services (e.g., S3, PostgreSQL hosting)

  • AI and language model providers (e.g., OpenAI, Anthropic) for processing only, not training

  • Payment processors (e.g., Stripe)

  • Analytics providers (e.g., PostHog, Sentry)

  • Email delivery services

  • Authentication and identity management services

These service providers are contractually obligated to protect your data and use it only for the purposes we specify. They are prohibited from using your data for their own purposes or sharing it with others.

4.2 Legal Requirements

We may disclose information when required by law, legal process, court order, or government request, including to:

  • Comply with legal obligations and respond to lawful requests

  • Enforce our Terms of Service and other agreements

  • Protect against fraud, security threats, and illegal activity

  • Protect the rights, property, and safety of Bond, our users, and the public

4.3 Business Transfers

In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring or successor entity. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share information for other purposes with your explicit consent or at your direction.

5. Data Storage, Security, and Retention

5.1 Data Storage

  • Your data is stored on secure cloud infrastructure provided by trusted service providers (primarily AWS and Google Cloud)

  • Business data from integrations is stored in encrypted databases and object storage (S3)

  • We implement both encryption at rest and encryption in transit for sensitive data

5.2 Security Measures

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest

  • Access controls and authentication mechanisms

  • Regular security audits and vulnerability assessments

  • Logging and monitoring for suspicious activity

  • Employee training on data security and privacy practices

  • Secure development practices and code review processes

While we strive to protect your data using commercially reasonable security measures, no system is completely secure. We cannot guarantee absolute security against all potential threats.

5.3 Data Retention

  • We retain your data for as long as your account is active or as needed to provide the Service

  • When you delete data or close your account, we will delete your information within 30 days, except where retention is required by law or necessary for legitimate business purposes

  • We may retain aggregated, anonymized, or de-identified data for analytics and improvement purposes

  • Backup copies may persist for up to 90 days in disaster recovery systems

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

6.1 Access and Portability

  • Request a copy of the personal information we hold about you

  • Request data export in a structured, commonly used format

6.2 Correction and Deletion

  • Request correction of inaccurate or incomplete information

  • Request deletion of your personal information (subject to legal retention requirements)

6.3 Restriction and Objection

  • Request restriction of processing in certain circumstances

  • Object to processing based on legitimate interests

  • Opt out of marketing communications

6.4 Consent Withdrawal

  • Withdraw consent for data processing where we rely on consent as the legal basis

  • Disconnect third-party integrations at any time through your account settings

6.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: founders@bondapp.io
Subject Line: "Privacy Rights Request"

We will respond to your request within 30 days (or as otherwise required by applicable law). We may need to verify your identity before processing your request.

7. International Data Transfers

Bond is based in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using the Service, you consent to the transfer of your information to the United States and other jurisdictions.

We comply with applicable legal requirements for international data transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EEA

  • Appropriate safeguards as required by GDPR and other data protection laws

  • Compliance with the California Consumer Privacy Act (CCPA) and other U.S. state privacy laws

8. Compliance with Privacy Regulations

8.1 GDPR (European Users)

For users in the European Economic Area (EEA), UK, and Switzerland:

  • Legal basis for processing: We process your data based on:

    • Performance of a contract (to provide the Service)

    • Legitimate interests (to improve and secure the Service)

    • Consent (where required, such as for marketing communications)

    • Legal obligations

  • Data Protection Officer: For GDPR-related inquiries, contact founders@bondapp.io

  • Supervisory authority: You have the right to lodge a complaint with your local data protection authority

8.2 CCPA and U.S. State Privacy Laws (California and Other U.S. Residents)

Under the California Consumer Privacy Act (CCPA) and similar state laws:

  • Categories of personal information collected: See Section 1

  • Purposes for collection: See Section 2

  • Categories of third parties with whom we share data: See Section 4

  • Sale of personal information: We do not sell personal information

  • Sharing for cross-context behavioral advertising: We do not share personal information for advertising purposes

  • Sensitive personal information: We limit the use of sensitive personal information to providing the Service

Your California Privacy Rights:

  • Right to know what personal information we collect, use, and disclose

  • Right to delete personal information (subject to exceptions)

  • Right to correct inaccurate personal information

  • Right to opt out of the sale or sharing of personal information (we do not sell or share)

  • Right to limit the use of sensitive personal information

  • Right to non-discrimination for exercising your rights

Authorized Agents: You may designate an authorized agent to make requests on your behalf. We may require verification of the agent's authorization.

To exercise your California privacy rights, contact us at founders@bondapp.io with the subject line "California Privacy Rights Request."

Other U.S. State Privacy Laws: If you reside in Colorado, Connecticut, Utah, Virginia, or other states with comprehensive privacy laws, you may have similar rights. Contact us at founders@bondapp.io to exercise these rights.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain user sessions and authentication

  • Remember user preferences and settings

  • Analyze usage patterns and improve the Service

  • Detect and prevent fraud and security threats

Types of cookies we use:

  • Essential cookies: Required for the Service to function (e.g., session management, authentication)

  • Analytics cookies: Help us understand how users interact with the Service (e.g., PostHog, Sentry)

  • Preference cookies: Remember your settings and preferences

Your choices:

  • You can configure your browser to refuse cookies or alert you when cookies are being sent

  • Disabling essential cookies may affect the functionality of the Service

  • You can opt out of analytics cookies through your account settings

10. Children's Privacy

The Service is intended for business and enterprise use only. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected information from a child under 18, we will take steps to delete that information promptly.

11. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services that are not operated by Bond. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you access.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this Privacy Policy

  • Notify you via email or through a prominent notice in the Service

  • Obtain your consent if required by applicable law

Continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

BOND App Inc.
850 New Burton Road, Suite 201
Dover, DE 19904
United States

Email: founders@bondapp.io
Website: https://bondapp.io

For privacy-specific inquiries, please use the subject line "Privacy Inquiry" in your email.

Acknowledgment: By using Bond's Service, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.