Privacy Policy

Bayview Summit Capital Advisory LLC (“BSCA,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website (including bsca.capital and related pages, the “Site”), communicate with us, or otherwise interact with us in connection with the Site.

This Policy is designed to meet common transparency expectations for professional services firms operating in the United States and Canada. It is not a substitute for jurisdiction-specific legal advice; you may have additional rights depending on where you live. If anything in this Policy conflicts with applicable law, the law controls.

For personal information processed through the Site and general business inquiries, the data controller is Bayview Summit Capital Advisory LLC. You may contact us using the details in Section 12 (Contact).

We may collect the following categories of information, depending on how you interact with us:

• Contact and inquiry data — such as name, email address, company name, phone number, and the content of messages you send when you use our contact forms, email us, or otherwise reach out.

• Technical and usage data — such as IP address, browser type, device type, general geographic region derived from IP, referring URL, pages viewed, and timestamps. This is typically collected automatically through server logs and similar technologies operated by our hosting or infrastructure providers.

• Professional context — information you choose to share about a potential mandate, transaction, or relationship, which may include business details that relate to identified or identifiable individuals.

We do not knowingly collect sensitive categories of personal information (such as health data) through the Site, and we do not direct the Site to children. If you believe we have received such information in error, please contact us.

We use personal information for purposes that include:

• Responding to inquiries and providing information about our services;

• Operating, securing, and improving the Site (for example, troubleshooting, analytics that do not require invasive tracking, and fraud prevention where relevant);

• Complying with legal obligations, court orders, or regulatory requests;

• Protecting our rights, property, and safety and that of our clients, users, and others;

• Managing conflicts, internal compliance, and professional obligations applicable to advisory work.

We do not sell your personal information for monetary consideration, and we do not use automated decision-making that produces legal or similarly significant effects solely based on Site interactions.

Depending on jurisdiction, we rely on one or more of the following bases: (a) performance of a contract or steps prior to entering a contract; (b) our legitimate interests in operating the Site, responding to inquiries, and securing our business, balanced against your rights; (c) your consent, where we ask for it (for example, for certain cookies or marketing, if offered); and (d) compliance with legal obligations.

We may share personal information with:

• Service providers — such as website hosting, email delivery, IT security, and professional advisors (for example, counsel or accountants), who process data on our instructions and under appropriate confidentiality and security obligations;

• Professional counterparties — where necessary to evaluate or carry out an engagement you request, subject to confidentiality and agreements;

• Authorities — when required by law, regulation, legal process, or to protect rights and safety.

We may also share information in connection with a merger, acquisition, or sale of assets, in which case we will require the recipient to honor commitments consistent with this Policy or notify you of changes as required by law.

BSCA works across jurisdictions, including the United States, Canada, and the United Arab Emirates. If we transfer personal information across borders, we implement appropriate safeguards where required by law (such as contractual clauses or reliance on adequacy decisions), and we limit access to what is necessary for the stated purpose.

We retain personal information only as long as necessary for the purposes described in this Policy, including to satisfy legal, regulatory, accounting, or reporting requirements, and to resolve disputes and enforce agreements. Retention periods vary: for example, marketing inquiries may be retained for a limited period after our last interaction unless a longer period is justified by an ongoing relationship or legal hold.

We implement administrative, technical, and organizational measures appropriate to the nature of the information we process. No method of transmission over the Internet or electronic storage is completely secure; we encourage you not to send confidential or privileged information through unsecured web forms without prior agreement.

The Site may use cookies or similar technologies that are strictly necessary for the Site to function (for example, security or load balancing). If we introduce optional analytics or marketing technologies that are not strictly necessary, we will update this Policy and, where required by law, provide a consent mechanism before those technologies run.

You can control cookies through your browser settings; disabling certain cookies may affect Site functionality.

Depending on your location, you may have rights to access, correct, delete, or port your personal information; to restrict or object to certain processing; to withdraw consent where processing is consent-based; and to lodge a complaint with a supervisory authority.

United States — residents of several states (including California, Colorado, Connecticut, Virginia, and others as laws evolve) may have rights under comprehensive privacy laws. You may be entitled to confirm whether we process your personal information, obtain a copy, request correction or deletion subject to exceptions, opt out of certain “sales” or “sharing” (we do not sell personal information as defined in typical state laws), and appeal our response to a request. We will not discriminate against you for exercising these rights.

Canada — subject to applicable provincial or federal private-sector privacy law (including PIPEDA or substantially similar provincial statutes), you may have the right to access personal information we hold about you and to request correction where it is inaccurate. You may also file a complaint with the Office of the Privacy Commissioner of Canada or a provincial commissioner, as applicable.

To exercise rights, contact us using Section 12. We may need to verify your identity before responding. Authorized agents may submit requests where permitted by law, with appropriate documentation.

We may update this Privacy Policy from time to time. We will post the revised version on the Site and update the “Last updated” date. If changes are material, we will provide additional notice as appropriate (for example, a notice on the Site or by email if we have your address).