← Truth Bear home

Privacy Policy

Last updated: 2026-07-17

We collect as little as possible and never see or store your card — payment data is handled by Paddle.com. We do not sell your data. You can ask us to access or delete your information at any time.

This English text is the legally binding version.

🐻 In plain words: we collect as little about you as we can. We never see your card or password. We don't sell your data or build advertising profiles. 白話:我們盡量少收你的資料;從不看你的卡號或密碼;不賣資料、不做廣告側寫。

1. Who is responsible

Truth Bear (真相BOT熊) operates the Service and is the controller of the limited personal data described here. For fiat payments, our Merchant of Record, Paddle.com, acts as the seller of record and independently controls the payment data it collects, under its own privacy notice.

2. What we collect

3. Why we use it, and our legal bases

Where the GDPR / UK GDPR applies, we rely on: performance of a contract (to deliver what you paid for and provide access tokens); legitimate interests (to secure the Service, prevent abuse, and keep it reliable, balanced against your rights); and legal obligation (to meet tax and accounting duties). We do not use your data for automated decisions that produce legal effects about you.

4. What we do not do

We do not sell your personal data. We do not build advertising profiles. We do not compile personal information across sources beyond what is needed to run the Service.

5. Sharing and third parties

We share data only with the providers needed to run the Service: Paddle.com (payment / Merchant of Record) and our cloud host. Each processes data only to perform its function, under appropriate contractual terms. We may disclose data where required by law.

6. International transfers

Our providers may process data outside your country, including outside the EEA/UK. Where required, such transfers rely on appropriate safeguards (for example the European Commission's Standard Contractual Clauses).

7. Cookies

The API and token-claim pages use only what is technically necessary. We do not use non-essential tracking or advertising cookies.

8. Retention

Order and token records are kept as long as needed to provide access and to meet legal and accounting obligations, then deleted or anonymised. Operational logs are retained for a limited period for security and reliability.

9. Your rights

Depending on where you live (for example under the GDPR/UK GDPR or the CCPA/CPRA), you may have rights to access, correct, delete, port, or restrict your personal data, to object to certain processing, and — for California residents — not to be discriminated against for exercising those rights. We do not sell or "share" personal information as those terms are defined under California law. To exercise any right, contact us; you also have the right to complain to your local data-protection authority.

10. Children

The Service is not directed to children and is intended for users who can form a binding contract. We do not knowingly collect data from children.

11. Security

We use reasonable technical and organisational measures to protect data, and we minimise what we hold (for example, we never handle your card details). No method of transmission or storage is perfectly secure, but we design to reduce risk.

12. Changes and contact

We may update this policy; the "last updated" date will change. Questions or requests: a98741263@gmail.com.


🐻 Truth Bear · 真相BOT熊 — pure description, not advice. · Terms · Refund