BearPoint AI — Privacy Policy

Effective Date: July 10, 2025
Last Updated: July 10, 2025

1. Who We Are

BearPoint AI, LLC ("BearPoint AI," "we," "us," "our") offers AI-powered automation, integrations, and consulting services through bearpointai.com and associated applications (the "Services").

2. Data We Collect

Category	Examples	Purpose
Account Data	name, business email, password hash, contact preferences	create & manage your account
Customer Data / Prompts	text prompts, uploaded files, datasets	process requests, generate outputs, improve project-specific models
Usage Data	API logs, feature interaction, time stamps	analytics, troubleshooting, service improvement
Device & Technical Data	IP address, browser type, operating system, cookies	security, fraud prevention, site performance
Payment Data	last 4 digits of card, billing address (via PCI-compliant processor)	process transactions, comply with tax & accounting laws

3. Cookies & Similar Technologies

We use strictly necessary cookies for authentication and security, plus analytics cookies (e.g., Plausible) to understand site performance. You can manage non-essential cookies via the cookie banner.

4. How We Use Your Information

• Provide, operate, and maintain the Services
• Personalize your experience
• Process and fulfill transactions
• Monitor, detect, and prevent fraud or misuse
• Develop new features and improve performance
• Comply with legal obligations
• With your consent, train proprietary models or publish testimonials

5. Legal Bases for Processing (EEA/UK)

Our processing is based on: (i) Contract (account & service delivery), (ii) Legitimate Interests (security, analytics, model safety), (iii) Consent (marketing, optional model-training), or (iv) Legal Obligation (tax, bookkeeping).

6. Sharing & Disclosure

We share personal data only with:

• Service providers (cloud hosting, payment processors, email, analytics) bound by confidentiality;
• Professional advisors (lawyers, accountants);
• Authorities when required by law or to protect rights;
• Affiliates or successors in a corporate transaction (users will be notified).

7. International Transfers

We host data primarily in the United States. When transferring personal data from the EEA/UK or Switzerland, we rely on Standard Contractual Clauses and other lawful safeguards.

8. Security

We use TLS in transit, AES-256 encryption at rest, role-based access controls, and periodic penetration testing. While we strive to protect your information, no system can be guaranteed 100% secure.

9. Data Breach Notification

If we become aware of a data breach affecting your personal data, we will notify you and relevant regulators without undue delay in accordance with applicable law.

10. Data Retention

We retain personal data for as long as necessary to: (i) fulfill the purposes outlined in this Policy, (ii) honor opt-out requests, (iii) comply with legal obligations, and (iv) resolve disputes. We delete or anonymize data when retention is no longer required.

11. Your Rights

Depending on your location, you may have rights to:

• access, correct, or delete personal data;
• withdraw consent;
• object to or restrict processing;
• data portability;
• lodge a complaint with a supervisory authority.

Submit requests via privacy@bearpointai.com. We respond within 30 days (14 days for California residents).

12. Children's Privacy

The Services are not directed to children under 16. We do not knowingly collect personal data from minors. If you believe a child has provided us data, contact us to delete it.

13. Third-Party Links

Our site may link to external sites. We are not responsible for their privacy practices; review their policies separately.

14. Changes to This Policy

We will post any changes on this page and, for material updates, email or in-app notify you 30 days before the new Policy takes effect.

15. Contact Us

BearPoint AI, LLC – Privacy Team
50 W Sunset Dr. Atmore, AL 36502, USA
support@bearpointai.com