Privacy Policy

Your data security and privacy are our top priorities

Last Updated: December 5, 2025

1. Introduction

StratBear ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our strategic intelligence platform at stratbear.com.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, phone number
  • Business Profile Data: Industry, location, revenue range, competitors, strategic objectives
  • Financial Data: When you connect QuickBooks, Xero, or Plaid (encrypted and stored securely)
  • Payment Information: Processed securely through Stripe (we do not store credit card numbers)

2.2 Automatically Collected Information

  • Usage Data: Features accessed, time spent, interaction patterns
  • Device Information: IP address, browser type, operating system
  • Analytics: Google Analytics 4 for platform improvement

2.3 Third-Party Intelligence Data

We aggregate publicly available data from:

  • Federal Reserve Economic Data (FRED)
  • U.S. Census Bureau
  • Bureau of Labor Statistics (BLS)
  • Google Places API (business reviews and ratings)
  • Reddit (public community discussions)
  • NewsAPI (public news articles)

This data is publicly available and used solely to provide you with strategic intelligence insights.

3. How We Use Your Information

  • Platform Services: Deliver Fusion Intelligence analysis, scenario planning, and strategic reports
  • AI Processing: Analyze your business profile using Azure OpenAI to generate strategic insights
  • Personalization: Customize recommendations based on your industry and objectives
  • Communication: Send account updates, strategic alerts, and feature announcements
  • Platform Improvement: Analyze usage patterns to enhance features and user experience
  • Security: Detect fraud, prevent abuse, and protect platform integrity

4. Data Security

We implement enterprise-grade security measures:

  • Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Azure Cloud Security: Hosted on Microsoft Azure with SOC 2 Type II compliance
  • Access Controls: Role-based access with multi-factor authentication
  • Financial Data: OAuth tokens encrypted, never stored in plain text
  • Regular Audits: Quarterly security assessments and penetration testing

5. Data Sharing and Disclosure

We never sell your data. We may share information only in these limited circumstances:

5.1 Service Providers

  • Azure OpenAI: For AI-powered strategic analysis (Microsoft privacy policy applies)
  • Stripe: For payment processing (PCI DSS compliant)
  • Google Analytics: For anonymized usage analytics

5.2 Legal Requirements

We may disclose information if required by law, court order, or to protect our legal rights.

5.3 Business Transfers

In the event of a merger or acquisition, your data may be transferred (you will be notified).

6. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information in your profile
  • Deletion: Request account and data deletion (within 30 days)
  • Export: Download your business profile and strategic reports
  • Opt-Out: Unsubscribe from marketing emails (account emails still sent)
  • Data Portability: Export your data in JSON format

To exercise these rights: Contact us at privacy@stratbear.com

7. Data Retention

  • Active Accounts: Data retained while account is active
  • Deleted Accounts: Data permanently deleted within 30 days
  • Financial Records: Retained for 7 years per tax regulations
  • Anonymized Analytics: May be retained indefinitely for platform improvement

8. Cookies and Tracking

We use cookies for:

  • Essential: Authentication, session management (required)
  • Analytics: Google Analytics 4 (can be opted out via browser settings)
  • Preferences: Remember your dashboard settings

You can control cookies through your browser settings.

9. Third-Party Links

Our platform may link to external websites (news articles, government data sources). We are not responsible for their privacy practices. Review their policies before providing information.

10. Children's Privacy

StratBear is designed for business professionals. We do not knowingly collect data from individuals under 18. If we discover such data, it will be immediately deleted.

11. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold (we do NOT sell data)
  • Right to delete personal information
  • Right to opt-out of data sales (not applicable - we don't sell data)
  • Right to non-discrimination for exercising privacy rights

12. European Privacy Rights (GDPR)

For EU/EEA residents:

  • Legal Basis: Processing based on contract performance and legitimate interests
  • Data Transfers: Azure cloud infrastructure with Standard Contractual Clauses
  • Data Protection Officer: Contact at dpo@stratbear.com
  • Supervisory Authority: Right to lodge complaint with your local data protection authority

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via email.

14. Contact Us

Questions about this Privacy Policy or your data?

Your Trust Matters: At StratBear, we believe your strategic intelligence should remain your competitive advantage. We will never sell your data or use it for purposes beyond providing you with exceptional strategic insights.