Last modified September 12, 2018
The purpose of this Policy is to inform you about Our privacy practices and to ensure that you understand the purposes for which We collect and process your personal data. The following is a brief summary of the manner and purposes for which We process your personal data.
EU-US Privacy Shield
BrandVia participates in and has certified its compliance with the EU-US Privacy Shield Framework. BrandVia is committed to subjecting all personal data received from European (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
BrandVia is responsible for the processing of personal data it receives under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. BrandVia complies with the Privacy Shield Principles for all onward transfers of personal data from the EU including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BrandVia is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, BrandVia may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
This Policy relates to your personal data (i.e. data about you, an individual, from which you can be identified).
4. RESPONSIBILITY FOR DATA PROCESSING
BrandVia is the entity which is responsible for the processing of personal data that We collect from you when you use the Service. If you have any questions or concerns about BrandVia’s use of your personal data, please contact us at firstname.lastname@example.org.
5. COUNTRY OF PROCESSING
We operate the Service from the United States of America (USA) and Our data collection and processing activities take place predominantly in the USA. Accordingly, data collected from users when using Our Service is collected in the USA. [We store and otherwise process data (including personal data) through third party cloud service providers and other IT service providers which may be located or which may operate in other countries.]
6. HOW WE COLLECT AND USE YOUR PERSONAL DATA
a)Information That You Provide Directly or Authorize Someone Else to Give Us. We may ask you to provide certain information including, but not limited to your name, address, email address, telephone number, and other data. We retain messages you send through the Service and any other data you provide to Us. We use this data for Our business purposes related to the Service and as further detailed below.
b)Information Collected or Received From Third Parties. We receive data about you from third parties, including, but not limited to, third-party social networking services, such as Facebook, LinkedIn, Twitter, YouTube, Instagram, and others when you sign up for the Services through your account with such third parties or through a service linked to your account with such services. [Where such data has been provided by other sources, We shall provide you with the name of the source and confirm whether it came from a publicly accessible source.] You should always review and, if necessary, adjust your privacy settings on third-party services such as social media services before linking or connecting them to the Service.
When you use the Service, We sometimes send one or more cookies (small text files containing a string of alphanumeric characters) to your computer that uniquely identify your browser and enhance your navigation on the Service. A cookie may also convey information to Us about how you use the Service (e.g., the pages you view, the links you click and other actions you take), and allow Us or Our third-party analytics tools We use to track your usage of the Services. There are at least two different types of cookies: persistent and session cookies. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent use of the Service. Persistent cookies can be removed by following your web browser’s directions for removal of cookies. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to notify you when a cookie is being sent. However, some features of the Service may not function properly if cookies are disabled.
e) Log File. Log file information is automatically reported by your browser each time you access a web page. When you access or use the Service, Our servers may automatically record certain log file information, including but not limited to your web request, IP address, browser type, referring/exit pages and URLs, the files viewed on our site (e.g. HTML pages, graphics, etc.), operating system, date/time stamp, number of clicks, and how you interact with links on the Service, domain names, landing pages, and pages viewed.
f) Clear GIFs/Web Beacons. Clear GIFs (also known as web beacons) allow for the tracking of a user’s response to an email or usage of a website in a manner that does not reveal personally identifiable information. We may use clear GIFs or similar technologies to assess responses to emails and usage of the Service. For example, We may use clear GIFs to track when emails are opened and which links are clicked by recipients. You can disable certain abilities of clear GIFs to capture information by blocking cookies.
g) Commercial Communications. Insofar as permitted under applicable law, We may use the information We collect or receive to communicate directly with you in relation to the Services or related services We offer. Subject, where necessary, to obtaining your consent to receiving such communications, We may use the information to communicate with you in relation to other services that We and Our affiliates offer. For example, We may use the information to send you emails containing newsletters, promotions and special offers. We may also use the information to send you service-related notices (e.g., account verification, technical and security notices).
h) Use of Certain Service-Type information. We may use information from cookies, log files, device identifiers, location data, clear GIFs and other tools to: (i) remember information so that you will not have to re-enter it during your visit or the next time you use the Service; (ii) provide custom, personalized content or information to you or others; (iii) monitor the use of the Service; (iv) monitor aggregate metrics, such as total number of visitors, traffic, and demographic patterns; (v) diagnose or fix technology problems; (vi) provide advertising to your browser or device; and (vii) conduct research or surveys.
i)Use of information with Your Consent. We may use your personal data for any other purpose for which you provide consent.
7.THE PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA
The purposes for which We collect and store your personal data are the following:
a)To enable Us to deliver the Services to you and to enable you to use them efficiently;
b)To communicate with you in relation to the Services and other services that We or Our affiliates offer;
c)Where you sign up for the Services through an account with a third party content or platform provider, to report to that third party and to communicate with it in relation to your activities on the platform or in relation to the content;
d)To personalize, test, monitor, improve and upgrade the Services;
e) To assist law enforcement and respond to subpoenas;
f)To meet Our legal obligations and the regulatory requirements to which We are subject, for loss prevention purposes and to protect and enforce Our rights and meet Our obligations to third parties; and
g)For Our internal business purposes, such as compiling and analyzing usage information for general operational, statistical, and business purposes.
It is important that the personal data We hold about you is accurate and current. If you provided Us with any details of personal data, please keep Us informed if such details change.
Upon request, we will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by contacting us at email@example.com. We will respond to your request within a reasonable timeframe.
9.LEGAL BASIS FOR PROCESSING YOUR DATA
The processing of your personal data is lawful on the basis of the following:
a)Where relevant, your express consent (if your consent is requested or if you provide personal data to Us voluntarily or in response to Our request);
b)Where relevant, the fulfilment of Our contractual obligations to you or at your request prior to entering into a contract with Us, where We process your personal data at your request as part of the Service;
c)Compliance with legal obligations to which We may be subject, including to comply with legal process (see further below); or
d)If none of the above apply, Our legitimate interests in (among other things) providing and administering the Service, conducting commercial research, improving and maintaining the Service, personalising and tailoring content made available to you through the Service, protecting the security or integrity of Our databases, protecting Our business or reputation, taking precautions against legal liability, dealing with Our assets in the event of a business change (see further below), protecting and defending Our rights or property, or for resolving disputes, investigating and attending to inquiries or complaints with respect to your use of the Service.
10.HOW WE MAY SHARE YOUR INFORMATION
a)Service Providers. We may share information about you with third-party service providers that perform services on Our behalf in connection with the Service. Where your personal data is shared with such third parties, We ensure that the third party service provider will deal with your personal data only on Our behalf and on Our written instructions and solely for the benefit of Our business (and not for its own benefit).
b)Business Change. If We become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of Our business otherwise changes, We may share or transfer your personal data to successor party or parties in connection with such transaction or change in ownership or legal structure.
d)Sharing information. We may share certain service-type information, including information obtained through tools such as cookies, log files, device identifiers, location data, and clear GIFs (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with Our third-party business associates who may use such information for the purposes described in the section titled “How We Collect and Use Your Personal Data.”
e)Aggregated data. As mentioned above, We may also aggregate or otherwise strip information of all personally identifying characteristics and may share that aggregated, anonymized data with third parties or publish it. This data does not personally identify you and helps Us to measure the success of the Service and its features and to improve your experience. We reserve the right to make use of any such aggregated data as We see fit.
11.HOW WE PROTECT YOUR INFORMATION
We take certain measures to protect personal data collected through the Service against loss, theft, and unauthorised access, use, disclosure, destruction or modification. These include physical, technological, and administrative measures.
We take certain physical, technological, and administrative measures to protect personal data collected through the Service against loss, theft, and unauthorized access, use, disclosure or modification. However, We cannot ensure or warrant the security of any information you transmit to Us or guarantee that information on the Service may not be accessed, disclosed, altered, or destroyed. Email sent to or from the Service may not be secure. You should use caution whenever submitting information online and take special care in deciding what information you send to Us via email.
We cannot guarantee that transmissions of your personal data will be fully secure and that third parties will never be able to defeat Our security measures or the security measures of Our partners. WE ASSUME NO LIABILITY FOR DISCLOSURE OF YOUR INFORMATION DUE TO TRANSMISSION ERRORS, THIRD-PARTY ACCESS, OR CAUSES BEYOND OUR CONTROL.
12.YOUR CHOICES ABOUT YOUR INFORMATION
a)Controlling Your Settings. You can limit your browser from providing certain information by adjusting the settings in the browser, operating system or device. Please consult the documentation for the applicable browser, operating system, or device for the controls available to you. You can also stop receiving promotional emails from Us by following the unsubscribe instructions in those emails. [Note that unsubscribe is not available for certain emails concerning your relationship or dealings with Us.]
b)Do Not Track. At this time, We do not recognize “do not track” signals sent from web browsers. In some cases, your browser may offer a “Do Not Track” option, which allows you to signal to operators of websites, mobile applications, and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and/or across different websites and mobile applications and services. Disabling tracking mechanisms may disable certain features of the Service. To disable tracking, please consult the documentation for you browser, operating system or mobile device. For some devices, it may not be possible to disable tracking mechanisms. You may also disable tracking by certain third-party services by opting out:
Google Analytics – https://tools.google.com/dlpage/gaoptout/]
13.HOW LONG WE KEEP YOUR INFORMATION
We will only retain your personal data for as long as necessary to fulfill the purposes We collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which We process your personal data and whether We can achieve those purposes through other means, and the applicable legal requirements.
The Service is not directed to children and is intended for use by adults only. We do not knowingly collect information from individuals under thirteen (13) years of age. If you are under the age of thirteen (13), please do not submit any information through the Service.
15.THIRD-PARTY SITES AND SERVICES
16.EU PRIVACY RIGHTS
Users based in the European Union have the following legal rights in respect of their information:
a)The right to require BrandVia to confirm whether or not their information is being processed, the purpose of any such processing, the recipients of any information that has been disclosed, the period for which their information is to be stored, and whether any automated decision-making processes are used in relation to their information;
b)The right to require BrandVia to rectify inaccurate information without undue delay;
c)Where BrandVia has relied on the ‘consent’ basis for processing that information (see paragraph 9(a)), the right to withdraw their consent at any time. This right to withdraw consent does not affect the lawfulness of processing based on consent before its withdrawal;
d)The right to request the erasure of their information. BrandVia will be required to erase the information in response to such request where:
i)the information is no longer necessary in relation to the purpose for which it was collected, such as where a user chooses to terminate his or her use of the Service;
ii)where the processing of the information is based on the user’s consent (and the other circumstances described in the ‘Legal Basis for Processing Your information’ and ‘How We May Share Your information’ sections above no longer apply), if the user withdraws his or her consent; or
iii)where the personal data is processed by BrandVia solely on the basis of Our ‘legitimate interest’ referred to in paragraph 9(d) (and the other legal basis set out in paragraph 9 do not apply), if the user objects to the processing of his or her personal data and there are no overriding legitimate grounds for the processing (such as, for example, where the processing of the data is required to meet statutory obligations or for the defence of legal claims).
Where BrandVia has disclosed the information of a European Union user to a third party and the user requests the erasure or rectification of the data, BrandVia will take all reasonable steps to inform the third party of such request;
e)The right to require BrandVia to restrict its processing of a user’s personal data in certain circumstances, such as where the accuracy of that data is disputed or an objection has been raised. In such circumstances, BrandVia will only process that information with the express consent of the user, or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest;
f)The user’s right to receive his or her personal data from BrandVia in a structured, commonly used and machine-readable format;
g)The right to object to the processing of personal data where:
i)BrandVia relies solely on the ‘legitimate interest’ basis for processing that data, in which case We will be legally required to stop processing the user’s information unless We have compelling legitimate grounds for the processing which override the user’s privacy rights and interests; or
ii)the information is used for direct marketing purposes, in which case We will immediately stop processing the user’s information for such purposes;
h)Users have the right to lodge a complaint with the data protection supervisory authority of the EU member state where the user resides.
17.CALIFORNIA PRIVACY RIGHTS
Under California Civil Code Section 1798.83, if you are a California resident and your business relationship with Us is primarily for personal, family or household purposes, you may request certain data regarding Our disclosure, if any, of information to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org with “Request for California Privacy information” in the subject line. You may make such a request up to once per calendar year. If applicable, We will provide to you via email a list of the categories of information disclosed to third parties for their direct marketing purposes during the immediately-preceding calendar year, along with the third parties’ names and addresses. Please note that not all personal data sharing is covered by Section 1798.83’s requirements.
BrandVia Alliance, Inc.
2159 Bering Drive
San Jose, CA 95131