Privacy Policy

1. Introduction

Qingdao Xiong Jia Shuai Network Technology Co., Ltd., operating as Bear Chief (we, our, or us), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website bearchief.buzz (the Site) or engage with our technology consulting services (collectively, the Services).

By accessing or using our Site and Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, you should discontinue use of our Site and Services immediately.

We reserve the right to update this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. Your continued use of the Site after any modifications indicates your acceptance of the revised policy.

2. Data Collected

We collect the following categories of information:

2.1 Personal Data You Provide

When you fill out our contact form, send us an email, or otherwise communicate with us, we may collect:

• Identity Data: Your full name, job title, and organization name.
• Contact Data: Your email address, phone number, and mailing address.
• Communication Data: The content of your messages, inquiries, and any attachments you send us.
• Project Data: Information about your technology needs, infrastructure, and business requirements that you voluntarily share during consultations.

2.2 Data Collected Automatically

When you visit our Site, certain information is collected automatically through standard web technologies:

• Usage Data: Pages visited, time spent on pages, navigation paths, and interaction patterns.
• Device Data: IP address, browser type and version, operating system, device type, screen resolution, and time zone setting.
• Network Data: Referring URL, exit pages, and approximate geographic location derived from your IP address.

2.3 Data We Do Not Collect

We do not intentionally collect sensitive personal data (such as government identification numbers, biometric data, health information, or financial account credentials) through our Site. We do not process payments directly on this Site and do not store credit card or banking information.

3. Purpose of Data Processing

We process your personal data for the following purposes:

• Service Delivery: To respond to your inquiries, provide consulting proposals, deliver contracted services, and maintain client relationships.
• Site Operation: To operate, maintain, and improve the performance and security of our Site.
• Communication: To send you service-related updates, respond to your requests, and provide information you have asked for. We do not send marketing emails without your consent.
• Analytics: To understand how visitors use our Site, identify trends, and improve user experience through aggregated, anonymized data analysis.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests.
• Security: To detect, prevent, and address fraud, unauthorized access, and other harmful or illegal activity.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, our legal basis for collecting and processing your personal data depends on the specific context in which we collect it. We process your data only when we have a lawful basis to do so under the General Data Protection Regulation (GDPR) and applicable national laws. Those bases include:

• Consent: You have given clear, affirmative consent for us to process your personal data for one or more specific purposes. You may withdraw consent at any time by contacting us.
• Contractual Necessity: Processing is necessary for the performance of a contract with you, or to take steps at your request before entering into a contract.
• Legitimate Interests: Processing is necessary for our legitimate business interests or those of a third party, provided those interests are not overridden by your data protection rights. Our legitimate interests include operating our business, improving our Services, responding to inquiries, and ensuring the security of our Site.
• Legal Obligation: Processing is necessary to comply with a legal or regulatory obligation to which we are subject.

Where we rely on consent as a legal basis, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties for their marketing purposes. We may share your data in the following limited circumstances:

• Service Providers: We engage trusted third-party vendors to perform functions on our behalf—including website hosting (Firebase), analytics, and email delivery. These providers access data only as necessary to perform their functions and are contractually bound to protect it.
• Legal Requirements: We may disclose your data if required by law, court order, subpoena, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your data may be transferred as part of that transaction. You will be notified via email or prominent notice on our Site of any change in ownership or use of your data.
• With Your Consent: We may share your data for any other purpose with your explicit consent.

6. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your browsing experience, analyze Site traffic, and understand visitor behavior.

6.1 What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to the Site operators. Cookies may be session cookies (deleted when you close your browser) or persistent cookies (retained for a set period).

6.2 Types of Cookies We Use

• Essential Cookies: Necessary for the Site to function properly. These enable core functionality such as security and network management. The Site cannot operate without them.
• Analytics Cookies: Help us understand how visitors interact with the Site by collecting and reporting information anonymously. We use this data to improve performance and content.
• Functional Cookies: Remember choices you make to provide enhanced, more personal features—such as your preferred language or region.

6.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can delete existing cookies, block third-party cookies, or set your browser to alert you before accepting cookies. However, disabling essential cookies may affect the functionality of the Site. For guidance on managing cookies, consult the help documentation for your browser: Chrome, Firefox, Safari, or Edge. You may also visit www.allaboutcookies.org for comprehensive information.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

• Encryption of data in transit using TLS/SSL protocols.
• Firewall protection and network security monitoring.
• Access controls limiting data access to authorized personnel who require it for legitimate business purposes.
• Regular security assessments and vulnerability scanning of our infrastructure.
• Secure hosting through Firebase, a Google Cloud Platform service with SOC 1, SOC 2, SOC 3, and ISO 27001 certifications.

While we strive to protect your data, no method of electronic transmission or storage is absolutely secure. We cannot guarantee the absolute security of your data. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at connect@bearchief.buzz.

8. Your Privacy Rights (CCPA / CPRA)

If you are a resident of California, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you specific rights regarding your personal information. This section describes those rights and explains how to exercise them.

8.1 Right to Know

You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, the business or commercial purpose for collecting or sharing the information, and the categories of third parties with whom we have shared it. You may submit a verifiable request for this information up to twice within a 12-month period.

8.2 Right to Delete

You have the right to request that we delete personal information we have collected from you, subject to certain exceptions—such as when the information is necessary to complete a transaction, detect security incidents, comply with a legal obligation, or for other internal uses compatible with the context in which you provided it.

8.3 Right to Correct

You have the right to request correction of inaccurate personal information we hold about you, taking into account the nature of the data and the purposes of processing.

8.4 Right to Opt Out

We do not sell your personal information as defined under the CCPA/CPRA. We do not share personal information for cross-context behavioral advertising. If this practice changes in the future, we will update this policy and provide a clear mechanism to opt out.

8.5 Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights. This means we will not deny you services, charge you different prices, provide a different level of service, or retaliate against you for invoking your rights.

8.6 How to Exercise Your Rights

To submit a request to know, delete, or correct your personal information, please contact us at connect@bearchief.buzz or write to us at the address listed in the Contact section below. We will verify your identity before processing your request, which may require you to provide sufficient information to allow us to reasonably confirm that you are the person about whom we collected data. We will respond within 45 days of receiving a verifiable request, with the possibility of a 45-day extension where reasonably necessary.

8.7 Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. When data is no longer needed, we securely delete or anonymize it. Specific retention periods depend on the nature of the data and the context of collection. Contact data from inquiries is typically retained for the duration of the client relationship plus a reasonable period thereafter for record-keeping purposes.

9. Children’s Privacy

Our Site and Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete such information promptly. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at connect@bearchief.buzz.

Our data practices comply with the Children’s Online Privacy Protection Act (COPPA) and equivalent international standards. We do not condition participation in any activity on the Site on the disclosure of more personal information than is reasonably necessary.

10. International Data Transfers

Bear Chief is based in the People’s Republic of China. Your personal data may be transferred to, stored in, and processed in China and other countries where our service providers operate. These jurisdictions may have data protection laws that differ from those in your country of residence.

When we transfer personal data across borders, we implement appropriate safeguards in accordance with applicable law—including, where required, the use of Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on adequacy decisions where available. By using our Site and Services, you consent to the transfer of your data to China and other jurisdictions as described in this policy.

If you are located in the EEA, UK, or Switzerland and wish to obtain further information about the specific safeguards applied to the transfer of your data, please contact us at connect@bearchief.buzz.

11. Third-Party Links

Our Site may contain links to third-party websites, plugins, or services that are not owned or controlled by Bear Chief. We are not responsible for the privacy practices, content, or security of these external sites. We encourage you to review the privacy policies of every third-party website you visit through a link from our Site. This Privacy Policy applies solely to information collected by Bear Chief through our Site and Services.

12. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal obligations, or for other operational reasons. When we make material changes, we will post the revised policy on this page and update the effective date at the top of the document.

If the changes are significant, we may provide a more prominent notice—such as a notice on our homepage or a direct email to existing clients. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, or if you wish to exercise any of your privacy rights, please contact us:

Email: connect@bearchief.buzz
Website: www.bearchief.buzz

For residents of the EEA, UK, or Switzerland: You have the right to lodge a complaint with your local data protection supervisory authority if you believe our processing of your data violates applicable law. We would, however, appreciate the opportunity to address your concerns directly before you approach a supervisory authority.