Privacy Policy

Last updated: April 7, 2026

At bendr.ai ("we", "us", or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services. Please read this policy carefully. By accessing or using bendr.ai, you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect information that you provide directly to us, as well as information generated automatically when you use our services.

• Account Information: When you create an account, we collect your name, email address, company name, and password.
• Payment Information: When you subscribe to a paid plan, we collect billing details through our secure payment processor. We do not store credit card numbers on our servers.
• Usage Data: We automatically collect information about how you interact with our platform, including pages visited, features used, and session duration.
• Content Data: Any content you upload, create, or generate using our AI tools, including documents, prompts, and configuration settings.
• Device Information: Browser type, operating system, IP address, and device identifiers.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our services.
• To process transactions and send related information, including purchase confirmations and invoices.
• To send you technical notices, updates, security alerts, and support messages.
• To respond to your comments, questions, and customer service requests.
• To analyze usage patterns and improve the functionality and user experience of our platform.
• To train and improve our AI models. Note: your content is never used to train models shared with other customers unless you explicitly opt in.
• To detect, investigate, and prevent fraudulent transactions and other illegal activities.

3. Data Storage & Security

All data is stored on servers located within the European Union (EU/EEA). We are fully committed to GDPR compliance and implement appropriate technical and organizational measures to protect your personal data.

• All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
• We conduct regular security audits and penetration testing.
• Access to personal data is strictly limited to authorized personnel on a need-to-know basis.
• We maintain a comprehensive incident response plan and will notify affected users within 72 hours of a confirmed data breach, as required by GDPR.

4. Third-Party Services

We may share your information with third-party service providers who assist us in operating our platform. These providers are contractually obligated to protect your data and may only use it to perform services on our behalf.

• Payment Processing: Stripe (PCI DSS Level 1 compliant).
• Analytics: Privacy-focused analytics to understand platform usage (no personal data is shared with third-party ad networks).
• Infrastructure: Cloud hosting providers within the EU.
• Email: Transactional email services for account notifications.

We do not sell your personal data to third parties. We do not share your data with advertisers.

5. Your Rights

Under the General Data Protection Regulation (GDPR) and applicable Belgian and EU law, you have the following rights regarding your personal data:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request that we correct any inaccurate or incomplete data.
• Right to Erasure: You may request deletion of your personal data, subject to legal obligations.
• Right to Restrict Processing: You may request that we limit how we use your data.
• Right to Data Portability: You may request your data in a structured, commonly used, machine-readable format.
• Right to Object: You may object to the processing of your personal data for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at hello@bendr.ai. We will respond to your request within 30 days.

6. Cookies

We use essential cookies to ensure the proper functioning of our platform. We may also use analytics cookies to understand how our services are used. You can manage your cookie preferences through your browser settings. For more details, please refer to our cookie banner displayed when you first visit our site.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. When you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

8. Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: hello@bendr.ai
• Bendr bv
• Antwerp, Belgium

You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) if you believe your data protection rights have been violated.