Legal

Privacy Policy

Translation notice. This is an English translation of the German-language Datenschutzerklärung provided for information and accessibility purposes only. In the event of any discrepancy between this translation and the German original, the German version shall prevail. The applicable law is Austrian and EU law.
Controller

Niko Andersson · Schnirchgasse 11, 1030 Vienna, Austria · hello@bonvio.eu

No data protection officer required (Art. 37 GDPR).

Data Processed
  • Name and e-mail address
  • Receipt data
  • Payment references (card and bank details are not processed by Bonvio)
  • Usage data

No advertising profiles. No disclosure for advertising purposes. Bonvio is not designed for special categories of personal data within the meaning of Art. 9 GDPR.

Legal Bases

Art. 6(1)(b) GDPR — Performance of contract: provision of the service.

Art. 6(1)(c) GDPR — Retention periods are guided by §132 BAO (AT) and §147 AO (DE). Statutory responsibility for compliance with retention obligations rests with the user.

Art. 6(1)(f) GDPR — Legitimate interests: abuse detection and system security.

Advertising, newsletters and profiling do not take place.

Retention Periods
  • Receipt data: Bonvio stores receipt data for the retention period chosen by the user. By default up to 10 years, guided by §132 BAO / §147 AO — then automatic deletion. Statutory responsibility for retention compliance rests with the user.
  • Incoming e-mails (technical): 90 days
  • Customer configuration: until termination, then 30 days
  • System logs: 7 days
Processors
  • EU cloud provider: Data storage and processing. Data processing agreement in place.
  • E-mail service provider (USA): Transactional communications. Standard contractual clauses (Art. 46(2)(c) GDPR).
  • Payment service provider (USA): Payment processing. Card and bank details not processed by Bonvio. Standard contractual clauses.
  • Form service provider (USA): Website contact forms. Standard contractual clauses.
Automated Decisions

No automated decision-making with legal effect (Art. 22 GDPR).

Your Rights

Access (Art. 15) · Rectification (Art. 16) · Erasure (Art. 17, subject to statutory retention obligations) · Restriction (Art. 18) · Data portability (Art. 20) · Objection (Art. 21)

Requests: hello@bonvio.eu

Security

Technical and organisational measures are in place. No system can guarantee absolute security. Access to Bonvio is tied to the security of the e-mail account used; users are responsible for protecting their own account.

Right to Lodge a Complaint

Austrian Data Protection Authority · Barichgasse 40–42, 1030 Vienna · dsb@dsb.gv.at · www.dsb.gv.at

Cookies & Tracking

bonvio.eu uses no cookies, no tracking and no analytics tools. No usage profiles are created and no data is collected or shared for advertising purposes.

As of: May 2026