Privacy Policy

Last updated: November 6, 2025

The Bonding Project (“we,” “us,” or “our”) is committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information. This Privacy Policy explains what information we collect when you use our website and related services (collectively, the “Services”), how we use that information, and the rights and choices you have.

By using our Services, you agree to the collection and use of information as described in this policy.

1. Information We Collect

We collect only the information necessary to provide our Services, improve user experience, and conduct anonymized research. The information we collect includes:

a. Information You Provide

  • Survey responses and test results: When you take the Bonding Test, we collect your responses to the questions and generate an anonymized archetype result.

  • Optional contact information: If you choose to create an account, subscribe to updates, or request a report, you may provide your name and email address.

  • Payment information: If you purchase a detailed report or related product, your payment is securely processed through Stripe. We do not store or have access to your credit card details.

b. Automatically Collected Information

When you visit our site, certain data may be automatically collected, such as:

  • IP address and general location (city, region)

  • Browser type and version

  • Device information and operating system

  • Date, time, and pages visited
    This information helps us understand how people use our Services and improve their performance.

2. How We Use Your Information

We use your information to:

  • Provide and personalize your Bonding Test results and reports

  • Conduct anonymized research to improve the accuracy and depth of our framework

  • Send you updates, insights, and resources (if you opt in)

  • Process payments and manage subscriptions

  • Ensure the technical functionality and security of our Services

  • Comply with legal obligations

We do not sell, rent, or trade your personal data.

3. Data Anonymization and Research Use

The Bonding Project is a research-based initiative. All test responses are anonymized before being used for research or statistical analysis. This means no individual can be identified from the data we analyze.
Aggregated, non-personal data may be used to publish insights, patterns, or reports about bonding styles and relational dynamics.

4. How We Store and Protect Your Data

We take data security seriously. Your information is stored and processed using trusted third-party tools under strict data protection agreements:

  • Softr – platform for website and data presentation

  • Airtable – secure database for anonymized research data

  • Stripe – encrypted payment processing

  • SendGrid – for transactional and optional email communication

  • Google Drive – secure document storage

  • Zapier – for limited integrations between these systems

  • Anthropic - for data summaries and copywriting

We use encryption, access controls, and anonymization techniques to protect your data against unauthorized access or disclosure.

5. Sharing Your Information

We only share data with trusted service providers necessary to operate our Services. Each third-party processor is bound by confidentiality and data protection obligations consistent with this Policy.

We may also share data if:

  • Required by law or legal process

  • Necessary to protect the rights or safety of users or the public

  • In connection with a business transition (e.g., merger, acquisition), provided equivalent data protections are maintained

6. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep your session active

  • Remember preferences and test progress

  • Analyze site performance

    You can manage or disable cookies through your browser settings, though some features may not function properly without them.

7. Your Rights and Choices

Depending on your location, you may have the right to:

  • Access a copy of your personal data

  • Request correction or deletion of your data

  • Withdraw consent for communication at any time

  • Request that your anonymized research data be excluded from future studies (where possible)

To exercise these rights, contact us at privacy@bondingproject.com.

8. Data Retention

We retain anonymized research data indefinitely for aggregate analysis. Personal contact or payment data is retained only as long as necessary to fulfill your requests, comply with legal requirements, or maintain your account.

9. Children’s Privacy

Our Services are intended for individuals 16 years and older. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected such data, we will delete it promptly.

10. International Data Transfers

Your information may be transferred and processed outside your country of residence. We ensure appropriate safeguards and contractual protections are in place when doing so.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available at bondingproject.com/privacy, with the “last updated” date reflecting any revisions. Material changes will be communicated clearly before they take effect.

12. Contact Us

If you have questions, feedback, or requests regarding this Privacy Policy, please contact us:

The Bonding Project
 Email: privacy@bondingproject.com
 Website: www.bondingproject.com

Data Protection Addendum (GDPR / CCPA / International Compliance)

This Data Protection Addendum (“Addendum”) supplements the Privacy Policy and applies to individuals whose personal data is subject to the General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA), or other applicable data protection laws.

1. Data Controller and Data Processor Roles

  • The Bonding Project acts as a Data Controller for all personal information voluntarily submitted through our website or test (e.g., your email, test responses before anonymization).

  • Our service providers (e.g., Stripe, Airtable, Softr, SendGrid, Google Drive, Zapier) act as Data Processors, handling information on our behalf according to strict contractual safeguards.

2. Legal Basis for Processing (GDPR)

We process personal data under the following legal bases:

  • Consent – when you voluntarily participate in the Bonding Test or sign up for communications.

  • Contractual necessity – to deliver purchased reports or related products.

  • Legitimate interests – for anonymized research and product improvement.

  • Legal compliance – to meet applicable laws and regulations.

You may withdraw your consent at any time by contacting privacy@bondingproject.com.

3. Rights of Data Subjects (GDPR & CCPA)

Under GDPR and CCPA, you have specific rights regarding your personal data, including:

  • Access: Request a copy of your data.

  • Rectification: Correct inaccurate or incomplete data.

  • Erasure (“Right to be Forgotten”): Request deletion of your personal data.

  • Restriction: Limit certain data processing activities.

  • Portability: Receive your data in a commonly used, machine-readable format.

  • Opt-Out (CCPA): Request that we do not sell or share your personal data (we already do not sell or share data).

  • Non-Discrimination: You will not be penalized for exercising your rights.

Requests can be made to privacy@bondingproject.com. We will respond within 30 days, or as required by law.

4. Data Transfers Outside the EEA or UK

When transferring personal data internationally, we use:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, or

  • UK Addendum to the SCCs, and

  • Equivalent safeguards for jurisdictions such as the United States, where our service providers are based.

5. Research Data Exemption

Anonymized or aggregated data used for research purposes is not considered personal data under GDPR or CCPA. Once data is anonymized, it cannot be linked back to you and is excluded from access, deletion, or portability requests.

6. Data Protection Officer (DPO)

For privacy inquiries or formal complaints under GDPR, you may contact our Data Protection Officer:

Data Protection Officer
 The Bonding Project
Email: privacy@bondingproject.com

7. Supervisory Authority Contact (EU/UK Residents)

If you are located in the EU or UK and believe your data protection rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority (DPA) or the UK Information Commissioner’s Office (ICO).

8. Updates to This Addendum

We may revise this Addendum periodically to reflect changes in laws, regulations, or our data practices. The updated version will always be available at bondingproject.com/privacy.

Summary:
 The Bonding Project only collects minimal, voluntary data; anonymizes responses before research use; and partners exclusively with secure, compliant processors. You maintain full control over your identifiable data, and we never sell or share your information.