Last updated: February 2026
We take the protection of your personal data very seriously. This privacy policy informs you in accordance with Art. 13 and 14 GDPR about how we handle your data when you use Bondkeeper.
1. Data Controller (Art. 4 No. 7 GDPR)
Martin Bruckner
Lackerbauerstraße 30
81241 Munich
Germany
Email: support@bondkeeper.app
A Data Protection Officer is not appointed pursuant to Art. 37 GDPR as the requirements are not met.
2. Data Processing Overview
| Data Type | Storage Location | Our Access | Legal Basis |
|---|---|---|---|
| Contact data (names, birthdays, addresses) | Your device + your iCloud | No access | Art. 6 (1) b GDPR |
| Profile photos | Your device + your iCloud | No access | Art. 6 (1) b GDPR |
| App settings | Your device + your iCloud | No access | Art. 6 (1) b GDPR |
| AI requests (optional, Premium) | Bondkeeper server (EU) + AI providers (see 7.3) |
| Art. 6 (1) a GDPR |
| Apple Sign-In data | EU server | Yes | Art. 6 (1) b GDPR |
| Usage statistics (anonymous) | EU server | Yes (anonymized) | Art. 6 (1) f GDPR |
| AI Learning (optional, Premium) | Your device (Tier 1) + EU server (Tier 2/3) | Tier 2: aggregated, Tier 3: anonymized | Art. 6 (1) a GDPR |
| Affiliate data (Amazon Associates) | EU server | Yes (linked to user ID, deleted on account deletion) | Art. 6 (1) f GDPR |
3. Local Data Storage
3.1 On Your Device
Bondkeeper stores all your contact data locally on your iPhone or iPad using Apple SwiftData. This data only leaves your device in the following cases:
- iCloud synchronization (if enabled)
- AI features (if enabled and signed in)
- iCloud backup (if enabled)
Legal Basis: Art. 6 (1) b GDPR (contract performance)
3.2 Local Notifications
Bondkeeper uses local notifications (e.g. birthday reminders, daily digests, streak reminders) to remind you of important dates. These notifications are generated exclusively on your device — no data is sent to any server.
Legal Basis: Art. 6 (1) a GDPR (consent through granting notification permission)
4. iCloud Synchronization
5. Apple Contacts Integration
Bondkeeper can optionally sync with the Apple Contacts app. For this, we need read and write access to your contacts. This data is processed exclusively locally on your device.
Legal Basis: Art. 6 (1) a GDPR (consent through granting permission)
6. User Registration and Authentication
6.1 Apple Sign-In
When you sign up for premium features, we process:
- Your Apple ID (unique identifier)
- Your email address (if shared by you)
- Authentication tokens for secure login
Purpose: Provision of user account and premium features
Legal Basis: Art. 6 (1) b GDPR (contract performance)
Retention Period: Until account deletion or 3 years after last activity
7. AI Features (Optional - Premium)
The AI feature is completely optional. The app works fully without external AI.
7.1 Data Processed
When you enable the external AI feature, the following data is sent to our EU server:
- Your text inputs (prompts)
- Personal names (contact name, partner name, children's names, your name — anonymized on the EU server before reaching the AI provider)
- Relationship type (e.g. friend, family, colleague)
- Occasion (e.g. birthday, anniversary, holiday)
- Greeting style (e.g. warm, professional, playful)
- Interests and activities
- How you met
- Birthday and location (city/country)
- Celebrated holidays and milestones
- Usage statistics (token count, cost, latency)
What the AI Provider Receives
The AI provider receives all of the above data except real personal names. All recognized names are replaced with placeholders on our EU server before the request is forwarded to the AI provider. After receiving the AI response, the placeholders are replaced with the real names back on the EU server.
Note on Anonymization: Automatic anonymization detects personal names using known patterns (e.g. "Partner: Name", "Children: Name"). Nicknames, misspellings, or additional personal information in free-text fields may not be automatically detected. We recommend not entering additional personal data in notes if you want this information protected from AI providers.
7.2 Processing Purposes
- Generation of personalized greeting texts
- Provision of relationship tips
- Improvement of AI quality through feedback (optional)
- Billing and usage limitation
7.3 AI Providers and International Data Transfers
We work with the following AI providers:
| Provider | Location | Legal Basis for Transfer |
|---|---|---|
| OpenAI, LLC | USA | EU-US Data Privacy Framework (Art. 45 GDPR) |
| Anthropic PBC | USA | EU-US Data Privacy Framework (Art. 45 GDPR) |
| Mistral AI | France (EU) | No international transfer |
The US-based providers are certified under the EU-US Data Privacy Framework. The European Commission adopted an adequacy decision for this framework on July 10, 2023.
Legal Basis: Art. 6 (1) a GDPR (explicit consent when activating the AI feature)
Usage Data Retention: 12 months for billing purposes, then anonymized
7.4 AI Transparency (EU AI Act)
7.5 Personalized Learning (Premium)
If you enable the learning feature, we store aggregated preference patterns to improve AI suggestions:
- Tier 1 (Contact-specific): Stored only locally on your device
- Tier 2 (Relationship patterns): Aggregated on our server
- Tier 3 (Global statistics): Fully anonymized
Legal Basis: Art. 6 (1) a GDPR (consent)
Withdrawal: You can disable the learning feature at any time in the app settings
8. Anonymous Usage Analysis (Gamification)
We collect anonymized usage statistics to improve the app:
- Achievement progress (anonymized)
- Streak statistics (anonymized)
- App version
- Premium status
Your identity is obscured by a SHA256 hash. We cannot associate this data with any person.
Legal Basis: Art. 6 (1) f GDPR (legitimate interest in product improvement)
Right to Object: You can object to anonymous analysis in the app settings
9. Affiliate Partner Program (Amazon Associates)
Bondkeeper participates in the Amazon Associates Program (Amazon PartnerNet). When you click on product recommendations, the following data is processed:
- Product ID and name
- Click timestamp
- Your user ID (for conversion attribution and analysis by subscription tier)
Note: This data is linked to your user account to track which product recommendations lead to purchases and whether premium or free users engage with recommendations. The data is not shared with third parties, is used exclusively for internal analytics, and is automatically deleted when you delete your account.
9.1 Amazon Partner
Data Controller: Amazon Europe Core S.à.r.l., 5 Rue Plaetis, L-2338 Luxembourg
When you click an affiliate link and are redirected to Amazon, Amazon sets cookies on its domain (24-hour session cookie for commission attribution). Amazon processes your IP address, browser data, and purchase behavior there. This processing is subject to Amazon's Privacy Notice.
International Transfer: Amazon is certified under the EU-US Data Privacy Framework.
9.2 Legal Basis and Retention
Purpose: Funding of free app features and improvement of product recommendations
Legal Basis: Art. 6 (1) f GDPR (legitimate interest in refinancing through affiliate commissions)
Retention Period: 90 days for conversion tracking
More information: Amazon Privacy Notice
10. Email Communication and Waitlist
When you sign up for our waitlist, we process:
- Email address
- Language preference
- Sign-up timestamp
- Consent status
Service Provider: MailerLite (UAB "MailerLite", Lithuania, EU)
Legal Basis: Art. 6 (1) a GDPR (consent)
Withdrawal: At any time via the unsubscribe link in every email or by email to support@bondkeeper.app
11. Processors and Service Providers
We use processors pursuant to Art. 28 GDPR. For international data transfers (USA), data is transferred based on the EU-US Data Privacy Framework (EU Commission adequacy decision of July 10, 2023).
| Category | Purpose | Location |
|---|---|---|
| Cloud Hosting & CDN | Infrastructure provision, DDoS protection | EU / USA (EU-US DPF) |
| Database Hosting | Storage of user data | EU |
| Cache & Performance | Caching, Rate Limiting | EU |
| Email Service Provider | Sending notifications | EU |
| Apple Inc. | CloudKit, Sign-In, In-App Purchases | USA (EU-US DPF) |
A complete list of processors can be requested at support@bondkeeper.app.
12. Retention Periods
| Data Type | Retention Period |
|---|---|
| Contact data (local) | Until deleted by you |
| User account | Until account deletion + 30 days backup |
| AI usage logs | 12 months (billing) |
| Learning patterns (Tier 2) | Until withdrawal |
| Anonymous statistics | Indefinite (not personal data) |
| Authentication tokens | 7 days (refresh token) |
| Affiliate clicks | 90 days |
| Email waitlist | Until withdrawal or app launch + 30 days |
13. Your Rights (GDPR)
You have the following rights regarding your data:
- Right of Access (Art. 15 GDPR): You can request information about your stored data
- Right to Rectification (Art. 16 GDPR): You can have incorrect data corrected
- Right to Erasure (Art. 17 GDPR): You can request deletion of your data
- Right to Restriction (Art. 18 GDPR): You can request restriction of processing
- Right to Data Portability (Art. 20 GDPR): You can export your data in a machine-readable format
- Right to Object (Art. 21 GDPR): You can object to processing based on legitimate interests
- Right to Withdraw Consent (Art. 7 (3) GDPR): You can withdraw given consent at any time. The lawfulness of processing carried out before withdrawal remains unaffected.
- Right to Lodge a Complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data violates the GDPR. The supervisory authority responsible for us can be found in Section 18.
For these requests, contact us at: support@bondkeeper.app
Response Time: We respond within one month (Art. 12 (3) GDPR).
14. Automated Decision-Making (Art. 22 GDPR)
The AI-generated suggestions in Bondkeeper serve solely as assistance. No automated decision-making with legal effect takes place. You always retain full control over all content and actions.
15. Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption of all data in transit (TLS 1.3)
- RS256 (RSA + SHA-256) signed JWT authentication
- Rate limiting for abuse protection
- Regular security reviews
- Access restrictions based on need-to-know principle
16. Changes to this Privacy Policy
We reserve the right to amend this privacy policy as needed. In case of material changes, we will inform you via the app or email.
17. Contact
For questions about data protection or to exercise your rights:
Email: support@bondkeeper.app
18. Supervisory Authority
You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority responsible for us is:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach, Germany
www.lda.bayern.de