Last updated: February 2026

We take the protection of your personal data very seriously. This privacy policy informs you in accordance with Art. 13 and 14 GDPR about how we handle your data when you use Bondkeeper.

Summary: Your contact data is stored locally on your device and in your personal iCloud account. We have no access to this data. Only when you use the optional AI feature, data is transmitted to our server and AI providers.

1. Data Controller (Art. 4 No. 7 GDPR)

Martin Bruckner
Lackerbauerstraße 30
81241 Munich
Germany
Email: support@bondkeeper.app

A Data Protection Officer is not appointed pursuant to Art. 37 GDPR as the requirements are not met.

2. Data Processing Overview

Data Type	Storage Location	Our Access	Legal Basis
Contact data (names, birthdays, addresses)	Your device + your iCloud	No access	Art. 6 (1) b GDPR
Profile photos	Your device + your iCloud	No access	Art. 6 (1) b GDPR
App settings	Your device + your iCloud	No access	Art. 6 (1) b GDPR
AI requests (optional, Premium)	Bondkeeper server (EU) + AI providers (see 7.3)	Personal names (contact name, partner name, children's names, your name — anonymized on EU server, AI provider only sees placeholders) Relationship type, occasion, greeting style Interests and activities How you met Birthday and location Holidays and milestones Usage statistics	Art. 6 (1) a GDPR
Apple Sign-In data	EU server	Yes	Art. 6 (1) b GDPR
Usage statistics (anonymous)	EU server	Yes (anonymized)	Art. 6 (1) f GDPR
AI Learning (optional, Premium)	Your device (Tier 1) + EU server (Tier 2/3)	Tier 2: aggregated, Tier 3: anonymized	Art. 6 (1) a GDPR
Affiliate data (Amazon Associates)	EU server	Yes (linked to user ID, deleted on account deletion)	Art. 6 (1) f GDPR

3. Local Data Storage

3.1 On Your Device

Bondkeeper stores all your contact data locally on your iPhone or iPad using Apple SwiftData. This data only leaves your device in the following cases:

iCloud synchronization (if enabled)
AI features (if enabled and signed in)
iCloud backup (if enabled)

Legal Basis: Art. 6 (1) b GDPR (contract performance)

3.2 Local Notifications

Bondkeeper uses local notifications (e.g. birthday reminders, daily digests, streak reminders) to remind you of important dates. These notifications are generated exclusively on your device — no data is sent to any server.

Legal Basis: Art. 6 (1) a GDPR (consent through granting notification permission)

4. iCloud Synchronization

Important: Your data is stored in YOUR personal iCloud account via Apple's CloudKit service. We (Bondkeeper) have no access to this data. Processing by Apple is subject to the Apple Privacy Policy.

5. Apple Contacts Integration

Bondkeeper can optionally sync with the Apple Contacts app. For this, we need read and write access to your contacts. This data is processed exclusively locally on your device.

Legal Basis: Art. 6 (1) a GDPR (consent through granting permission)

6. User Registration and Authentication

6.1 Apple Sign-In

When you sign up for premium features, we process:

Your Apple ID (unique identifier)
Your email address (if shared by you)
Authentication tokens for secure login

Purpose: Provision of user account and premium features
Legal Basis: Art. 6 (1) b GDPR (contract performance)
Retention Period: Until account deletion or 3 years after last activity

7. AI Features (Optional - Premium)

The AI feature is completely optional. The app works fully without external AI.

7.1 Data Processed

When you enable the external AI feature, the following data is sent to our EU server:

Your text inputs (prompts)
Personal names (contact name, partner name, children's names, your name — anonymized on the EU server before reaching the AI provider)
Relationship type (e.g. friend, family, colleague)
Occasion (e.g. birthday, anniversary, holiday)
Greeting style (e.g. warm, professional, playful)
Interests and activities
How you met
Birthday and location (city/country)
Celebrated holidays and milestones
Usage statistics (token count, cost, latency)

What the AI Provider Receives

The AI provider receives all of the above data except real personal names. All recognized names are replaced with placeholders on our EU server before the request is forwarded to the AI provider. After receiving the AI response, the placeholders are replaced with the real names back on the EU server.

Anonymization: All recognized personal names — contact name, partner name, children's names, and your own name — are replaced with placeholders (e.g. [CONTACT], [PARTNER], [CHILD1], [USER]) on our EU server before the request is forwarded to the AI provider. The AI provider has no way to identify any of the mentioned persons.

Note on Anonymization: Automatic anonymization detects personal names using known patterns (e.g. "Partner: Name", "Children: Name"). Nicknames, misspellings, or additional personal information in free-text fields may not be automatically detected. We recommend not entering additional personal data in notes if you want this information protected from AI providers.

7.2 Processing Purposes

Generation of personalized greeting texts
Provision of relationship tips
Improvement of AI quality through feedback (optional)
Billing and usage limitation

7.3 AI Providers and International Data Transfers

We work with the following AI providers:

Provider	Location	Legal Basis for Transfer
OpenAI, LLC	USA	EU-US Data Privacy Framework (Art. 45 GDPR)
Anthropic PBC	USA	EU-US Data Privacy Framework (Art. 45 GDPR)
Mistral AI	France (EU)	No international transfer

The US-based providers are certified under the EU-US Data Privacy Framework. The European Commission adopted an adequacy decision for this framework on July 10, 2023.

Legal Basis: Art. 6 (1) a GDPR (explicit consent when activating the AI feature)
Usage Data Retention: 12 months for billing purposes, then anonymized

7.4 AI Transparency (EU AI Act)

Notice: The greeting texts, messages, and recommendations generated by Bondkeeper are created by Artificial Intelligence. You can identify AI-generated content by the corresponding label in the app. The final decision on usage always remains with you.

7.5 Personalized Learning (Premium)

If you enable the learning feature, we store aggregated preference patterns to improve AI suggestions:

Tier 1 (Contact-specific): Stored only locally on your device
Tier 2 (Relationship patterns): Aggregated on our server
Tier 3 (Global statistics): Fully anonymized

Legal Basis: Art. 6 (1) a GDPR (consent)
Withdrawal: You can disable the learning feature at any time in the app settings

8. Anonymous Usage Analysis (Gamification)

We collect anonymized usage statistics to improve the app:

Achievement progress (anonymized)
Streak statistics (anonymized)
App version
Premium status

Your identity is obscured by a SHA256 hash. We cannot associate this data with any person.

Legal Basis: Art. 6 (1) f GDPR (legitimate interest in product improvement)
Right to Object: You can object to anonymous analysis in the app settings

9. Affiliate Partner Program (Amazon Associates)

As an Amazon Associate, we earn from qualifying purchases.

Bondkeeper participates in the Amazon Associates Program (Amazon PartnerNet). When you click on product recommendations, the following data is processed:

Product ID and name
Click timestamp
Your user ID (for conversion attribution and analysis by subscription tier)

Note: This data is linked to your user account to track which product recommendations lead to purchases and whether premium or free users engage with recommendations. The data is not shared with third parties, is used exclusively for internal analytics, and is automatically deleted when you delete your account.

9.1 Amazon Partner

Data Controller: Amazon Europe Core S.à.r.l., 5 Rue Plaetis, L-2338 Luxembourg

When you click an affiliate link and are redirected to Amazon, Amazon sets cookies on its domain (24-hour session cookie for commission attribution). Amazon processes your IP address, browser data, and purchase behavior there. This processing is subject to Amazon's Privacy Notice.

International Transfer: Amazon is certified under the EU-US Data Privacy Framework.

9.2 Legal Basis and Retention

Purpose: Funding of free app features and improvement of product recommendations
Legal Basis: Art. 6 (1) f GDPR (legitimate interest in refinancing through affiliate commissions)
Retention Period: 90 days for conversion tracking

More information: Amazon Privacy Notice

10. Email Communication and Waitlist

When you sign up for our waitlist, we process:

Email address
Language preference
Sign-up timestamp
Consent status

Service Provider: MailerLite (UAB "MailerLite", Lithuania, EU)
Legal Basis: Art. 6 (1) a GDPR (consent)
Withdrawal: At any time via the unsubscribe link in every email or by email to support@bondkeeper.app

11. Processors and Service Providers

We use processors pursuant to Art. 28 GDPR. For international data transfers (USA), data is transferred based on the EU-US Data Privacy Framework (EU Commission adequacy decision of July 10, 2023).

Category	Purpose	Location
Cloud Hosting & CDN	Infrastructure provision, DDoS protection	EU / USA (EU-US DPF)
Database Hosting	Storage of user data	EU
Cache & Performance	Caching, Rate Limiting	EU
Email Service Provider	Sending notifications	EU
Apple Inc.	CloudKit, Sign-In, In-App Purchases	USA (EU-US DPF)

A complete list of processors can be requested at support@bondkeeper.app.

12. Retention Periods

Data Type	Retention Period
Contact data (local)	Until deleted by you
User account	Until account deletion + 30 days backup
AI usage logs	12 months (billing)
Learning patterns (Tier 2)	Until withdrawal
Anonymous statistics	Indefinite (not personal data)
Authentication tokens	7 days (refresh token)
Affiliate clicks	90 days
Email waitlist	Until withdrawal or app launch + 30 days

13. Your Rights (GDPR)

You have the following rights regarding your data:

Right of Access (Art. 15 GDPR): You can request information about your stored data
Right to Rectification (Art. 16 GDPR): You can have incorrect data corrected
Right to Erasure (Art. 17 GDPR): You can request deletion of your data
Right to Restriction (Art. 18 GDPR): You can request restriction of processing
Right to Data Portability (Art. 20 GDPR): You can export your data in a machine-readable format
Right to Object (Art. 21 GDPR): You can object to processing based on legitimate interests
Right to Withdraw Consent (Art. 7 (3) GDPR): You can withdraw given consent at any time. The lawfulness of processing carried out before withdrawal remains unaffected.
Right to Lodge a Complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data violates the GDPR. The supervisory authority responsible for us can be found in Section 18.

For these requests, contact us at: support@bondkeeper.app

Response Time: We respond within one month (Art. 12 (3) GDPR).

14. Automated Decision-Making (Art. 22 GDPR)

The AI-generated suggestions in Bondkeeper serve solely as assistance. No automated decision-making with legal effect takes place. You always retain full control over all content and actions.

15. Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption of all data in transit (TLS 1.3)
RS256 (RSA + SHA-256) signed JWT authentication
Rate limiting for abuse protection
Regular security reviews
Access restrictions based on need-to-know principle

16. Changes to this Privacy Policy

We reserve the right to amend this privacy policy as needed. In case of material changes, we will inform you via the app or email.

17. Contact

For questions about data protection or to exercise your rights:

Email: support@bondkeeper.app

18. Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority responsible for us is:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach, Germany
www.lda.bayern.de

Back to Home