BOMBLE

Legal

Privacy Policy

Last updated: 2026-06-16

1. Who we are

Bomble is operated by Blini Inc., a Delaware corporation (“Bomble”, “we”, “us”, or “our”). Our registered address is 633 W 5th Street, Los Angeles, CA 90071. You can reach us at [email protected].

2. Information we collect

We collect information in the following ways:

  • Account information — name, email address, and atelier name when you sign up for a trial or paid subscription.
  • Atelier data — orders, client records, measurements, production notes, and financial records that you or your team enter into Bomble. This data belongs to you.
  • Usage data — pages visited, features used, session duration, browser type, and device type. Collected via server logs and, where consented, analytics cookies.
  • Payment information — billing details processed by our payment processor (Stripe). Bomble does not store full card numbers.
  • Communications — emails, support tickets, and demo-request forms you send to us.

3. How we use your information

We use the information we collect to:

  • Provide, maintain, and improve the Bomble platform.
  • Process payments and manage your subscription.
  • Send transactional emails (receipts, password resets, account alerts).
  • Respond to support requests and demo inquiries.
  • Monitor for security threats and fraudulent activity.
  • Send occasional product updates and announcements (you may opt out at any time via the unsubscribe link in any email).

We do not sell your personal data to third parties.

4. Cookies

Bomble uses strictly necessary cookies to keep you logged in and protect your session. Where you have consented, we also use analytics cookies (currently Plausible Analytics, a privacy-first, cookie-free analytics provider) to understand aggregate usage patterns. No advertising or cross-site tracking cookies are used.

You may disable cookies in your browser settings. Doing so will not prevent you from using Bomble, but some features (such as staying logged in) may not work correctly.

5. Data storage & security

Atelier data is stored on servers located in the European Union (Hetzner, Frankfurt). We use TLS encryption in transit and AES-256 encryption at rest. Access to production data is restricted to essential personnel and audited.

No method of transmission or storage is 100% secure. We will notify you promptly in the event of a breach that affects your data.

6. Data retention

We retain your account and atelier data for as long as your subscription is active. If you cancel, we retain your data for 30 days so you can export it or reactivate. After 30 days, your data is permanently deleted. Backups are purged on a rolling 90-day cycle.

7. Your rights

Depending on where you are located, you may have rights under GDPR, CCPA, or other applicable law, including the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data (“right to be forgotten”).
  • Export your data in a portable format (CSV or PDF via the in-app export).
  • Object to or restrict certain processing.

To exercise these rights, email [email protected]. We will respond within 30 days.

8. Third-party services

We use the following third-party services that may process your data:

  • Stripe — payment processing (stripe.com/privacy)
  • Hetzner — cloud hosting (Germany)
  • Resend — transactional email delivery

9. Children's privacy

Bomble is not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with data, contact us at [email protected].

10. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email at least 14 days before they take effect. Continued use of Bomble after the effective date constitutes acceptance of the updated policy.

11. Contact

Questions about this policy? Email [email protected] or use the contact form.