Last Updated: August 5th, 2025
Bonsai Technologies Inc. (“Bonsai,” “we,” “our,” and/or “us”) values the privacy of individuals who use our website and related services (collectively, our “Services”). This privacy policy (the “Privacy Policy”) explains how we collect, use, and disclose information from individuals who interact with our Services. It applies to our website visitors, individuals who interact with our services as or on behalf of our “Users” (as defined in our Terms of Service), prospective job applicants and individuals who receive our marketing materials. Please read this Privacy Policy carefully so that you understand your rights in relation to your Personal Information, and how we will collect, use and process your Personal Information. By using our Services, you agree to the collection, use, disclosure, and procedures this Privacy Policy describes. Beyond the Privacy Policy, your use of our Services is also subject to our Terms of Service.
In this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual.
If you are a resident of California, please also review our California Resident Privacy Notice for more information about the types of personal information we collect and disclose, as well as how to exercise your rights under California law(s).
This Privacy Policy does not apply to the extent we process information in the role of a processor or service provider on behalf of our Users (for example, on behalf of our Users who use our CRMs or finance management tools). In that context, our processing of your personal information is subject to our agreements with our Users. Our Users are the data controllers, and their privacy policies will apply to the processing of your personal information. We are not responsible for the privacy or data security practices of our Users, which may differ from those explained in this Privacy Policy.
We may collect a variety of Personal Information from or about you or your devices from various sources, as described below. In some cases, we need to collect your Personal Information to be able to provide you with our Services. In these cases, if you choose not to provide the requested Information, you may not be able to use our Services. Where required by applicable law, we will tell you if and why you have to provide us your Personal Information, as well as what the consequences if you choose not to.
Registration Information. When you sign up for an account, we ask you to provide contact information such as name, email address, and phone number. If you sign up using a Google or Apple account, we will also receive information from those services such as your name and email address.
Account Information. We may also collect information you provide when using our Services , included but not limited to, project names, task names, timesheets, agreements, invoices, attachments, expenses and payment records.
Communications. If you contact us directly, we may receive additional information about you, included but not limited to, your name, email address, phone number, the contents of a message or attachments that you may send to us, and other information you choose to provide. When you communicate with us online, third party vendors receive and store these communications on our behalf.
Careers. If you decide that you wish to apply for a job with us, you may submit your contact information and your resume online. We will collect the information you choose to provide on your resume, such as your education and employment experience. You may also apply through a third-party service, such as LinkedIn. If you do so, we will collect the information you make available to us through that service.
Location Information. When you use our website, we infer your general, non-precise location information by using your IP address.
Device Information. We receive information about the device and software you use to access our Services, including IP address, device type, device identifiers, web browser type and version, operating system version, phone carrier and manufacturer, application installations, mobile advertising identifiers, and push notification tokens.
Usage Information. We automatically receive information about your interactions with our website, like the pages or other content you view and click, referrer information (the website you visited before coming to our Services), the dates and times of your visits, heatmaps, clickstream data, and scroll behavior.
Information from Cookies and Other Technologies. We and our third-party partners collect information about your activities on our website using, for example, cookies, pixel tags, SDKs, or other tracking and analytics technologies (collectively, “Cookies”). Our third-party partners, such as analytics, advertising, and security partners, may also use these technologies to collect information about your online activities over time and across different Services. We may use both session Cookies and persistent Cookies. A session Cookie disappears after you close your browser. A persistent Cookie remains after you close your browser and may be used by your browser on subsequent visits to our Services.
You can find more information about the types of cookies used on our website in our Cookie Policy.
Third-Party Services. If you use the Google Calendar integration feature on our website, we may be able to view your calendars and events. If you connect your bank account to our Services using Plaid, we may receive information about your account transactions for use in our bookkeeping and related features.
We use the Personal Information we collect:
To the extent required by applicable law, if you are located in the European Economic Area (“EEA”), Switzerland or the United Kingdom (“UK”) (together “Europe”), we only process your Personal Information when we have a valid “legal basis,” including as set forth below.
We may share your Personal Information with third parties in the following circumstances:
Affiliates. We may disclose any Personal Information we receive to our current or future affiliates for any of the purposes described in this Privacy Policy.
Vendors and Service Providers. We work with third party service providers to operate our Services. For example, this includes services like SendGrid and Customer.io for sending emails to users, Intercom for providing live chat support, Stripe and Chartmogul for managing subscription payments and Stripe for identity document verification. These third parties may have access to or process your Personal Information as part of providing those services to us.
Analytics Partners. We use analytics services such as Google Analytics and Mixpanel to collect and process certain analytics data. You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/. You can opt out by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
Advertising Partners. We work with third-party advertising partners to collect and process your information in order to show you ads that we think may interest you. Some of our advertising partners are members of the Network Advertising Initiative (https://optout.networkadvertising.org) or the Digital Advertising Alliance (https://optout.aboutads.info) and serve ads through cookie-based technologies. Please visit their opt-out pages to learn about how you may opt out of receiving certain web-based personalized ads from member companies. These opt-outs will apply only to our third-party advertising partners that are members of these organizations. These opt-outs will not apply when our partners serve ads through non-cookie-based technologies. You can access any settings offered by your mobile operating system to limit ad tracking, or you can install the AppChoices mobile app to learn more about how you may opt out of personalized ads in mobile apps.
As Required by Law and Similar Disclosures. We may access, preserve, and disclose your Personal Information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety. For the avoidance of doubt, the disclosure of your Personal Information may occur if you post any objectionable content on or through the Services.
Merger, Sale, or Other Asset Transfers. We may transfer your Personal Information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.
Consent. We may also disclose your Personal Information with your permission.
Marketing Communications. You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt out of receiving promotional email messages from us, you will continue to receive administrative messages from us.
Your European Privacy Rights. To the extent applicable, if you are located in Europe, you have the additional rights described below:
You may exercise these rights by contacting us using the contact details as indicated in the “Contact Information” section below. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain Personal Information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so, to the extent permitted by applicable law.
Our Services may contain links to other websites, products, or services that we do not own or operate. We are not responsible for the privacy practices of these third parties. Please be aware that this Privacy Policy does not apply to your activities on these third-party services or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any Personal Information to them.
To the extent required by applicable law, we take measures to delete your Personal Information or keep it in a form that does not permit identifying you when your Personal Information is no longer necessary for the purposes for which we process it unless we are required by law to keep your Personal Information for a longer period. When determining the specific retention period, we consider various factors, such as the type of service provided to you, the nature and length of our relationship with you, and mandatory retention periods provided by law and the statute of limitations.
We make reasonable efforts to protect your Personal Information by using physical and electronic safeguards designed to improve the security of the Personal Information we maintain. However, because no electronic transmission or storage of Personal Information can be entirely secure, we can make no guarantees as to the security or privacy of your Personal Information.
We do not knowingly collect, maintain, or use Personal Information from children under 18 years of age, and no part of our Service(s) is directed to children. If you learn that a child has provided us with Personal Information in violation of this Privacy Policy, then you may alert us at support@hellobonsai.com.
Our Services are hosted in the United States (“U.S.”). If you choose to use the Services from Europe or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that your Personal Information is processed and stored in the U.S. We may also transfer your Personal Information from the U.S. to other countries or regions in connection with its storage and processing, fulfilling your requests, and operating the Services.
If you are located in Europe, we will comply with applicable European data protection laws when transferring your Personal Information outside Europe. We may transfer your Personal Information to countries which have been found to provide adequate protection by the competent supervisory authorities as appropriate, use contractual protections for the transfer of Personal Information, transfer to recipients who have adopted Binding Corporate Rules, or rely on an appropriate legal derogation, to the extent necessary to comply with applicable European data protection laws. To the extent applicable, if you are located in Europe, you may contact us as specified below for more information about the safeguards we use to transfer Personal information outside of Europe.
You can update your account information or close your account through your profile settings. For more information about deactivating or deleting your account, please refer to our Help Center.
We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted. If we materially change the ways in which we use or disclose Personal Information previously collected from you through the Services, we will notify you through the Services, by email, or other communication.
Bonsai is responsible for processing your Personal Information described in this Privacy Policy. If you have any questions, comments, or concerns about our processing activities, please email us at support@hellobonsai.com.
'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)