Bonjoro - (A wholly owned brand of Vimily Pty Ltd) based at Level 14, 210 George St, Sydney, Australia 2000 - hereafter referred to as Bonjoro) value their customers and respect their privacy. The Data Controller under the UK Data Protection Act 1998 and GDPR is Vimily Pty Ltd, Level 14, 210 George St, Sydney, Australia 2000 and the Data control officer is Mitchel Flindell
Please read the following carefully to understand how we will collect, use and maintain your personal information. It also describes your choices regarding use, access and correction of your personal information.
The provisions of this Policy apply to all such mobile access and use of mobile devices. This Policy will be referenced by all such mobile applications or mobile optimized websites.
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, credit card information or other details to help you with your experience.
According to the GDPR legislation we will process Special Categories of Personal Data about you as an unavoidable consequence of the intrinsic nature of the Bonjoro service. Specifically your image - classified as biometric data. In allowing you to send video communication to your recipients we send data that could be used to identify you and your race or ethnic background. We do not use this information for any other purpose than the operation of the platform in allowing you to send video messages and fulfilling our contract with you. By opting in to an account and using the Bonjoro service, you give permission for us to process this information and send videos to your elected recipients that contain images of you. We give you control of the video by restricting download of the videos on the recipient end and giving you complete control to delete any video stored by Bonjoro at request.
We collect information from you, with your permission, when you register on our site, start a subscription, Open a Support Ticket or enter information on our site.
We collect different information about you in a number of ways:
Information you give us:
Automated technologies or interactions
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
Information from third parties
We occasionally receive information about you from third parties as set out below:
Analytics providers such as Google
Publicly available data sources such as: ClearBit
Advertising networks such as Facebook
Search information providers such as Google AdWords
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
Specifically the use of your information is almost always used in executing contracted activities for you - i.e. the sending of Bonjoros to your elected recipients, executing subscription payments, responding to support requests. Please see the table below for more information:
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To register you as a new customer||(a) Identity
|(a) Performance of a contract with you|
|To process and deliver your subscription purchase including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
(e) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to recover debts due to us)
|To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey
(d) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
|To enable you to use the core platform functionality - send video messages to your elected recipients||(a) Identity
(e) Special Categories of Personal Data - your image
|(a) Performance of a contract with you (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business ,to track interaction on your behalf with your communications and pass that information to and from your account)|
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Identity
|(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
(b) Necessary to comply with a legal obligation
|To use data analytics to improve our website, products/services, marketing and communications with you, customer relationships and experiences||(a) Technical
|Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)|
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider (Stripe) and are not stored or processed on our servers.
Your videos and personal information is stored using a GDPR ready 3rd party provider AWS ( https://aws.amazon.com/compliance/gdpr-center/) in a controlled environment with limited access.
We may share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your personal information only as necessary to provide these services to us, to which these services may include:
For most recipients of your data this involves only your email address, profile photo and the bio you enter into your account settings.
These functions are vital for us to deliver the Bonjoro service for your use. We have audited these providers and they have all publicly expressed that they are GDPR compliant.
Upon request Bonjoro will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or by contacting us at the contact information below. We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
Bonjoro (Trading as an entity of Vimily Pty Ltd) acknowledges that you have the right to access your personal information. Bonjoro has no direct relationship with the individuals - primarily our Users nominated Bonjoro recipients - whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Bonjoro's Client (the data controller). If requested to remove data we will respond within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, some features will be disabled. Some of the features that make your site experience more efficient and may not function properly.
However, you will still be able to place orders
The Web Portal
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information (PII) unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
When using Bonjoro, Users elect to send PII to their own nominated recipients in the form of; i) their email address and ii) their likeness in the form of self-recorded video. We will not repurpose this content in any way without authorisation. We do reserve the right to scan video material for abusive, illegal, or other content that violates our Terms of Service. The User cannot hold Bonjoro accountable for the subsequent use of transmitted PII by the recipient.
While using Bonjoro the system will capture the email address of your recipients, as well as publicly available information from social media and other internet sources. We do not sell, trade, or otherwise transfer to outside parties this information, it is solely for the purpose of providing the service. This information will be retained on our servers, as well as a record of the Bonjoro sent to the recipient for tracking and reporting. E can delete this information on request.
We do not include or offer third-party products or services on our website.
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together
Track engagement with the site and service
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
Users can visit our site anonymously.
We don't honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because:
It's required for Account Holders to use the service
It's also important to note that we do not allow third-party behavioral tracking
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 13 years old.
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
- Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Level 14, 210 George St
Sydney, NSW, 2000