Skip to main content
BondBuilder

Privacy Policy

Last updated: March 2026

Information We Collect

We collect information you provide directly: name, email, company name, phone number, and any details you share through our contact form. For registered users, we also store financial documents and business information necessary for surety bond assessment.

How We Use Your Information

Your information is used to provide surety bond program management services, communicate with you about your account, and improve our platform. We do not sell your personal information to third parties.

Data Security

We implement industry-standard security measures including encryption at rest and in transit, role-based access controls, and audit logging for all sensitive actions.

Data Retention

We retain your data according to the following schedule:

  • Active data: Retained for as long as your account is active and you continue to use our services.
  • Soft-deleted records: Permanently purged 30 days after deletion. During this period, records may be restored by an administrator.
  • Audit logs: Retained for 7 years to comply with financial services recordkeeping requirements.
  • Email logs: Retained for 3 years for compliance and dispute resolution purposes.
  • Session data: Expires according to our authentication configuration (typically 30 days of inactivity).
  • Account deletion requests: Processed within 30 days. All personal data is removed, subject to legal retention obligations.

Cookies

BondBuilder uses cookies to operate our platform. We use the following types of cookies:

  • Essential cookies: Required for authentication, session management, and security (e.g., CSRF protection). These cannot be disabled.
  • Preference cookies: Store your consent choices (e.g., cookie-consent) and display preferences. These expire after 1 year.

We do not use advertising or third-party tracking cookies. You can manage cookies through your browser settings, but disabling essential cookies may prevent you from using the platform.

Your Rights

We retain your data for as long as your account is active or as needed to provide services. The specific retention periods for different categories of data are as follows:

  • Active account data — Profile information, company details, and associated records are retained for the duration of your active account.
  • Soft-deleted records — When data is deleted through the application, it is soft-deleted and permanently purged after 30 days via an automated process.
  • Audit logs — Records of sensitive actions (logins, data access, changes) are retained for 7 years to comply with financial services record-keeping requirements.
  • Email logs — Transactional email records (delivery status, subject lines) are retained for 3 years, then automatically purged.
  • Session data — Authentication sessions expire per our session policy configuration. Session tokens are invalidated on logout or account deactivation.
  • Uploaded documents — All uploaded files are permanently deleted when an account is deleted or upon explicit request. Document metadata follows the soft-delete purge schedule above.
  • Bonding profile snapshots — Historical surety program data is retained for trend analysis and submission history, even after account closure, in de-identified form where applicable.

If you request account deletion, we will remove your personal data within 30 days, subject to the retention periods noted above and any legal obligations. You may request a full data export at any time from your account settings.

Contact

For privacy-related questions, contact us at concierge@bondbuilder.com.