Privacy Policy

Last updated: 2026-05-16 — Version 1

bona is a tool for newsletter operators to share live media kits and send post-send sponsor reports. This page explains what data we collect, why, and what we do with it.

What we collect

From operators (you)

• Email address (when you sign up).
• API keys (encrypted at rest, never logged, decrypted only at use).
• Newsletter metadata pulled from your platform (publication name, post titles, post performance metrics).
• Usage data (what pages you visit in the dashboard, what features you use, errors you hit). Tracked in PostHog.
• Billing information, processed by Stripe. We never see or store full credit card numbers.
• Any information you put in support emails.

From kit page viewers (sponsors who view your shared URLs)

• IP address (anonymized).
• Browser type and language.
• Referrer URL (which page sent them to your kit).
• We do NOT collect cookies or run third-party trackers on kit pages.

From sponsors (when you schedule a slot for them)

• Sponsor name and email (entered by you).
• Their email is used only to send the post-send report.

What we don’t collect

• Subscriber email addresses from your newsletter platform. We pull aggregate stats only.
• Subscriber names, demographics, or any per-person data.
• Phone numbers.
• Physical addresses (unless you opt to share for invoicing).
• Any data we don’t need to provide the service.

What we do with it

• Provide the service: show you your dashboard, render your kit pages, send post-send reports.
• Improve the product: look at usage patterns to find friction.
• Communicate: send transactional emails (login links, billing receipts, error alerts), and (if you opt in) occasional product updates.
• Bill you: through Stripe.

What we don’t do with it

• We never sell your data.
• We never use your data to train AI models.
• We never share your data with third parties except service providers (PostHog, Stripe, Resend, Fly.io) who process it on our behalf.
• We never use subscriber email addresses for any purpose. We don’t have access to them.

Where it lives

• Hosted on Fly.io (US regions primarily, multi-region as we scale).
• Postgres database (Fly.io managed).
• File storage (Cloudflare R2).
• Analytics (PostHog Cloud, US region).
• Payments (Stripe).
• Email delivery (Resend).

All providers are vetted for their privacy practices and (when applicable) sign Data Processing Agreements with us.

Your rights

You can:

• See your data: every piece we have on you is exportable as CSV/JSON from your account.
• Delete your data: account deletion removes all your data within 30 days, except where we’re legally required to retain (e.g., billing records for 7 years).
• Stop us using your data: opt out of analytics tracking via account settings; we’ll respect Do Not Track headers.
• Ask us anything: email privacy@bona.works and you’ll get a real human reply.

EU/UK/California

• GDPR (EU/UK): We act as data controller for operator data and data processor for sponsor data passed through our system. Our DPA template is available on request — email privacy@bona.works for sponsors who require one.
• CCPA (California): California residents have additional rights. We do not “sell” personal information.
• Children: This service is not directed at users under 16. We do not knowingly collect data from children.

How long we keep data

• Active operator data: as long as your account is active.
• Cancelled accounts: 30 days for restoration, then deleted.
• Billing records: 7 years (US tax requirement).
• Aggregated analytics: indefinitely (cannot be linked back to individuals).

Changes to this policy

We’ll email all current operators 30 days before any material change. Minor wording fixes don’t get an email.

Contact

Privacy questions: privacy@bona.works.
General support: support@bona.works.

← Back to bona