Privacy Policy

Effective date: 11-April-2026

1. Introduction

bonjour.mu (“bonjour”, “we”, “us”, or “our”) operates a local discovery and product search platform in Mauritius. This Privacy Policy explains how we collect, use, store, and protect personal data when you use our website and related services.

2. Information We Collect

  • Account information: name, email address, encrypted password, and account role (user or business owner).
  • User-generated content: reviews, ratings, comments, votes, bookmarks, and other content you submit.
  • Business data: business listings, menus, price lists, product descriptions, images, and contact details uploaded by business owners.
  • Technical data: IP address, browser type, device type, pages visited, and timestamps for security and performance monitoring.
  • Analytics data (PostHog): anonymous usage data such as page views, clicks, navigation paths, and session recordings used to improve usability and performance. For selected analytics events, we send client IP and user-agent data to PostHog at ingestion time so PostHog can derive approximate location (for example country/city). We do not use PostHog advertising cookies, and we do not intentionally collect sensitive form inputs.
  • Bot protection data (Cloudflare Turnstile):interaction and device signals used to distinguish humans from automated traffic when submitting forms or creating accounts. This may include IP address and browser metadata processed by Cloudflare for security purposes.

3. How We Use Your Data

  • To create and manage user accounts
  • To authenticate users via secure HTTP-only cookies
  • To enable reviews, comments, bookmarks, and voting
  • To manage and index business listings and products
  • To improve search relevance and platform performance
  • To understand audience geography at an aggregate level (for example by country or city) for analytics reporting
  • To prevent abuse, fraud, and malicious activity
  • To comply with legal obligations

4. Transparency: How We Use AI

bonjour may use automated tools to help structure business data. When business owners upload menus or price lists, we may use AI to extract product names, prices, descriptions, and tags.

This process helps organize content and improve product search. Business owners can review and edit extracted data before it becomes publicly visible.

We do not use AI to profile users, make automated legal decisions, or evaluate individuals.

5. Data Storage & Security

We implement industry-standard safeguards including HTTPS encryption, secure password hashing, HTTP-only authentication cookies, access controls, and infrastructure-level monitoring.

Access to personal data is restricted to authorized personnel and service providers required to operate the platform.

We use Cloudflare Turnstile as a bot-detection mechanism to protect forms and authentication endpoints from abuse and automated attacks. Turnstile processes limited technical data to assess whether a visitor is human. Processing by Cloudflare is subject to Cloudflare’s own privacy policy.

6. Data Sharing

We do not sell personal data. We may share data with infrastructure providers and service partners strictly necessary to operate bonjour.

This includes analytics and security processors such as PostHog (product analytics) and Cloudflare Turnstile (bot and abuse protection), acting on our behalf under their applicable terms.

7. Data Retention

We retain personal data for as long as your account remains active or as necessary to provide services and comply with legal obligations. You may request account deletion at any time.

For PostHog analytics, client IP data is configured to be discarded after ingestion. PostHog may retain derived geolocation properties (such as country or city) and other event metadata according to our analytics retention settings.

8. Your Rights

You may request access, correction, or deletion of your personal data by contacting our support team.

9. Data Processing Agreement (DPA) – Business Users

If you are a business using bonjour to publish listings or products, the following terms apply:

  • You act as the Data Controller for any personal data included in your listings.
  • bonjour acts as a Data Processor for the purpose of hosting, indexing, and displaying your content.
  • bonjour will process data only according to your instructions and for the purpose of providing the platform services.
  • bonjour implements appropriate technical and organizational security measures.
  • Upon termination of your account, data may be deleted upon request, subject to legal retention requirements.

For a signed DPA or custom agreement, please contact our support team.

10. Cookie Policy

We use one essential cookie (access_token) to keep you signed in. This cookie is strictly necessary for the platform to function.

We also use PostHog for product analytics. PostHog helps us understand how users interact with bonjour by collecting anonymous usage data such as page views, clicks, navigation flows, and session recordings.

PostHog is configured without advertising cookies. We use it solely for internal analytics, performance monitoring, and usability improvements. Sensitive form fields are not intentionally recorded.

For selected backend analytics events, we also forward client IP and user-agent data to PostHog so it can compute approximate geolocation metrics. We enable PostHog's “Discard client IP data” setting, so raw client IPs are not stored with events after ingestion.

If additional analytics or tracking technologies are introduced in the future, this policy will be updated accordingly.

11. Contact

For privacy-related inquiries, please contact: [email protected]