BONKOOpen app

Privacy Notice

Last updated: June 9, 2026

1. Who we are

BONKO is operated by Bonko ("we", "us"). We act as the data controller for personal data you provide when you use the BONKO app and website (the "Service").

2. Data we collect

  • Account data: name, email, password hash, profile photo, age, sex, locale.
  • Health & fitness data: workouts logged, meals, weight, mood, goals, plan progress, streaks.
  • AI inputs: messages to the AI coach, photos sent to meal vision.
  • Social data: posts, comments, likes, follows, challenge participation.
  • Support messages: emails, in-app messages you send us.
  • Usage & device: pages visited, features used, device type, OS, browser, IP address, approximate location, cookies and similar identifiers.
  • Payment data: processed directly by Paddle (see Section 5). We receive subscription status, plan, and renewal dates — never card numbers.

3. Purposes & legal bases

  • Provide the Service (account, plans, AI coach, logging) — performance of contract.
  • Process subscriptions via Paddle — performance of contract.
  • Security, fraud prevention, abuse handling — legitimate interests.
  • Product improvement & analytics — legitimate interests; you can object.
  • Customer support — performance of contract / legitimate interests.
  • Marketing emails — consent; unsubscribe anytime.
  • Legal compliance — legal obligation.

4. AI processing

When you use the AI coach or meal-photo features, your messages and photos are sent to our AI model provider to generate a response. We don't use your inputs to train third-party foundation models. Don't submit data you don't want processed by an AI provider.

5. Who we share data with

  • Paddle — our Merchant of Record. Paddle processes payments, manages subscriptions, calculates tax, and handles invoicing and refunds.
  • Hosting & infrastructure — cloud providers that store and serve the Service.
  • AI providers — to power the AI coach and meal-photo features.
  • Email delivery providers — to send transactional and (with consent) marketing emails.
  • Analytics providers — to understand product usage in aggregate.
  • Professional advisers — legal, accounting, where necessary.
  • Authorities — when required by law or to protect rights and safety.

6. International transfers

Your data may be transferred to and processed in countries outside your own, including the United States and the European Economic Area. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

7. Retention

We keep account data for as long as your account is active and for a reasonable period afterward to comply with legal obligations and resolve disputes. You can request deletion at any time (see Section 9). Backups are rotated and purged on a regular schedule.

8. Security

We use appropriate technical and organizational measures — encryption in transit, access controls, hashed passwords, audit logs — to protect personal data. No system is fully secure; please choose a strong password and don't reuse it.

9. Your rights

Depending on where you live (e.g. under GDPR/UK GDPR), you have rights to: access your data; correct it; delete it; restrict or object to processing; data portability; withdraw consent; and complain to your local supervisory authority. Email privacy@mybonko.com and we'll respond within one month.

10. Cookies

We use essential cookies to keep you signed in and to remember preferences. We may use analytics cookies (with consent where required) to understand product usage. Manage cookies in your browser settings.

11. Children

BONKO is not directed at children under 16. We don't knowingly collect personal data from children under 16. Contact us if you believe a child has provided data and we will delete it.

12. Changes

We'll post material changes in-app or by email. Continued use after changes means you accept the updated notice.

13. Contact

Email privacy@mybonko.com.