Privacy
Plain language. No dark patterns. No tracking.
This policy describes how bourdon.ai, the marketing site for the Bourdon project, handles your data. If something is unclear, contact privacy@bourdon.ai.
This policy covers this marketing site only. The Bourdon software itself (Python / npm packages) runs on your machine, stores nothing on RADLAB infrastructure, and is governed by its license and security policy, not this page.
What we collect
We collect only the data necessary to serve this site. There is no account system, no signup, no comment system, and no analytics JavaScript on bourdon.ai.
| What | Why | How long | Who sees it |
|---|---|---|---|
| Standard HTTP request data: requested URL, response status, timestamp, IP address, user-agent string, country (derived from IP) | Routing each request to the right page; counting aggregate visits per page; troubleshooting errors | Up to 30 days (Cloudflare default); we do not export these logs to long-term storage | RADLAB LLC + Cloudflare (our hosting provider) |
Email you send to addresses on this site (privacy@, licensing@, etc.) |
Responding to your message | Until the conversation is resolved + any retention period required by law | Whoever you wrote to + email provider (Proton) |
What we do not collect
bourdon.ai does not:
- Set cookies
- Run client-side analytics JavaScript (Google Analytics, Plausible, Fathom, Mixpanel, etc.)
- Embed third-party fonts, scripts, pixels, or trackers
- Build advertising profiles from your behavior
- Sell, rent, or trade your data
- Track you across other sites
- Use fingerprinting or session replay
The site is plain HTML and CSS. View the source if you want to verify.
How we use server logs
Cloudflare's edge network records standard HTTP request data when it serves bourdon.ai (this is how any web server works). We use Cloudflare's built-in Workers Analytics to view aggregate metrics from those logs — total requests per page, response codes, geographic distribution at the country level — to understand which pages are useful and to spot errors. We do not build per-visitor profiles from this data, and we do not share it.
The lawful basis under GDPR Art. 6(1)(f) is legitimate interest in operating and improving the site; the data minimization, retention, and access-control safeguards described above are how we balance that interest against your privacy.
Third parties
We share data with third parties only as necessary to operate the site:
| Third party | What they receive | Why |
|---|---|---|
| Cloudflare | Standard HTTP request data (see above) and the static files we publish | Hosting (Cloudflare Workers + Static Assets) and edge security (DDoS protection, TLS) |
| Proton | Any email you send to addresses on this site, and our replies | Email delivery |
We do not share your data with advertisers. We do not sell your data. If we ever add a new third party that touches your data, we will update this policy before that data sharing begins.
Your rights
Under GDPR (if you are in the EU/UK), CCPA (California), and similar regulations, you have the right to:
- Access — ask what data, if any, we hold that identifies you
- Correction — ask us to fix inaccurate data
- Deletion — ask us to delete data tied to you
- Objection — object to processing under legitimate interest
- Portability — receive a copy of data you provided in a usable format
- Complaint — lodge a complaint with your local data protection authority (e.g., ICO in the UK, your DPA in the EU, the California Attorney General)
Practically, since this site stores no per-visitor identifier, the most we typically hold tied to you is whatever email you have sent us. Email privacy@bourdon.ai to exercise any of the above; we aim to respond within 30 days.
Children
bourdon.ai is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has sent us data, email privacy@bourdon.ai and we will delete it.
Changes to this policy
We will update this page when our data practices change, and the “Last updated” date at the top will reflect the latest revision. Material changes (new data categories, new third parties, new purposes) will be summarized in a changelog at the bottom of this page. We will not apply weaker rules retroactively.
Contact
Privacy questions, data requests, or anything else covered by this policy: privacy@bourdon.ai.
Operator: RADLAB LLC, a Wyoming limited liability company. This policy is governed by the laws of the State of Wyoming, United States. Where mandatory local law gives you stronger rights (for example, GDPR in the EU/UK), those rights apply in addition.