Privacy Policy
Last updated: February 23, 2026
1. Scope and Roles
This Privacy Policy describes how Bambu Technologies ("Bambu", "we", "our") collects, uses, and safeguards personal data when providing the Bambu platform. Depending on context, Bambu may act as a controller or processor of personal data.
2. Categories of Data
We process account identifiers, authentication events, business profile data, operational records (products, customer ledgers, inventory actions), support communications, and billing metadata. We do not intentionally collect special category data unless explicitly provided by users.
3. Lawful Basis and Use
Data is processed to deliver contracted services, maintain platform security, provide support, improve product performance, and meet regulatory obligations. Where required, consent is obtained for specific communications or optional processing.
4. Data Sharing
Bambu shares data only with vetted service providers required for core operation (hosting, messaging, payments, monitoring), under contractual confidentiality and security commitments. We do not sell personal data.
5. International Transfers
Where data transfer across jurisdictions occurs, Bambu applies contractual safeguards and appropriate transfer mechanisms to maintain protection standards consistent with applicable law.
6. Security Controls
Bambu applies layered technical and organizational controls, including access controls, tenant isolation, rate limiting, audit logs, and ongoing monitoring to reduce unauthorized access risk.
7. Retention and Deletion
Data is retained only as long as needed for service delivery, legitimate business purposes, and legal obligations. Upon verified request, Bambu supports deletion or export procedures subject to legal and contractual constraints.
8. User Rights
Subject to local law, users may request access, correction, deletion, portability, and restriction of processing. Requests can be submitted through the contact channel and will be handled within applicable statutory timelines.
9. Policy Updates
Material policy updates are communicated through product notices or email. Continued use of services after effective date indicates acknowledgment of updates where legally permitted.