Privacy Policy
Brainology ("Company," "we," "us" ) respects your privacy and understands that you care about your personal information and how it is shared and used. We value your privacy and the trust you place in us with how we handle your privacy. We are dedicated to protecting your privacy as described in this Privacy Notice.
1. Scope
This Privacy Notice (“Notice”) applies to personal information collected by the Company by all of our apps, services, features, software, and website (together, "Services") unless specified otherwise. This Privacy Notice describes in detail the types of information we collect about you; how we use your information and with whom we share it; the choices and rights you have with regard to your information; how we protect your information; and how you can contact us about our privacy practices.
These Services are intended for a general audience, and we do not knowingly collect personal information from children under the age of 16. In addition, please review our Terms of Use, which governs your use of the services.
2. INFORMATION WE COLLECT AND OBTAIN
We obtain personal information through these Services about you from a variety of sources. This includes personal information you provide to us directly, information we obtain from other sources, and information we gather through automated means.
Information you provide to these Services. When you access certain features of the Services, or directly correspond with us, we may collect certain types of information from you:
- Contact information (such as name, postal address, email address and telephone and/or mobile numbers);
- Occupational data (such as profession, position, title, company); and
- Other information you may provide to us, such as through our “Contact Us” feature
Information obtained from other sources. We may obtain personal information about you through these Services from publicly and commercially available sources and from our service providers, including geo-location data.
Information Collected by Automated Means Through Our Services. We also gather information by automated means (such as cookies, web beacons, web server logs, JavaScript and other similar technologies), including through technologies designed to obtain information regarding your use of the Services. The information we obtain in this manner may include:
- Your Internet Protocol (IP) address;
- Device information, including unique identifiers and connection information, including the means of internet connection (e.g., WiFi connection, ISP);
- Your device type and settings, software used, browser type and operating system;
- Language preferences;
- Websites or other services you visited before and after visiting our Services (referring URL);
- Web pages you view and links you click on within, and what search queries you may have run on, our Services;
- Dates and times you access or use the Services; and
- Location information, including the city and state associated with a unique identifier.
3. HOW WE USE THE INFORMATION WE OBTAIN
We, or service providers acting on our behalf, may use the information collected from and about you to:
- Provide our services;
- Respond to inquiries from you and other third-parties, including inquiries from law enforcement agencies;
- Anonymize or de-identify personal information to provide our subsidiaries and affiliates and third parties with aggregated data reports showing anonymized information and other non-personal information;
- Operate, evaluate and improve our business (including developing, enhancing, analyzing and improving our Services; managing our communications; performing data and statistical analytics; and performing accounting, auditing and other internal functions);
- Protect against, identify and prevent fraud and other unlawful activity, claims and other liabilities;
- Comply with and enforce applicable legal requirements, relevant industry standards, contractual obligations and our terms of service and other policies; and
- In other ways for which we provide specific notice at the time of collection.
4. INFORMATION WE SHARE
We may share your personal information:
- With our Service Providers. With our service providers who perform services on our behalf.
- For Legal Requirements and Proceedings. We may disclose information to law enforcement authorities or other government officials if we are required to do so to comply with subpoenas, court orders, legal process or other law enforcement or other government measures, and to comply with other legal obligations. We may also disclose information if we believe disclosure is necessary or appropriate in connection with an investigation of suspected or actual fraudulent or illegal activity.
- To Protect our Services and Users. We may disclose information to protect and defend the rights, interests and safety of our Services, our subsidiaries and affiliates, and their employees, contractors and agents; to protect the security and safety of our users of our Services, including when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss.
- For Business Transfers. In the event of a proposed or completed sale or transfer of all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation).
- Non-personal Information. When the information collected from or about you is not defined as personal information under applicable law, we may share such non-personal, de-identified information or aggregated information with third parties at our discretion.
5. YOUR CHOICES AND RIGHTS
We offer you certain choices and you also may have certain rights in connection with the personal information we collect about you.
A. YOUR CHOICES
You can choose to use our Services without providing any information about yourself to us directly, but please note, as described above, some information may be collected automatically or be requested by us so that you can take advantage of certain features on our Services.
You also have choices about whether cookies and other similar technologies are placed on your computer or mobile device. For more information.
We may use third-party analytics services on our Services, such as Google Analytics. The analytics providers that administer these services use technologies such as cookies, web beacons and similar technologies to help us analyze your use of our Services. To learn more about how to opt out of Google Analytics services, please visit the link below:
Google Analytics: https://tools.google.com/dlpage/gaoptout
B. ACCESS, CORRECTION, AND DELETION RIGHTS
Subject to applicable law, you may have certain rights to access, review, update, delete and/or correct inaccuracies in your personal information in our custody and control by emailing or writing to us at How to Contact Us. We may request certain personal information for the purposes of verifying the identity of the individual seeking access to his/her personal information records.
C. CALIFORNIA PRIVACY RIGHTS
For additional information for residents of the State of California see below.
D. FOR UNITED KINGDOM AND EUROPEAN UNION/EEA USERS
For additional information about our privacy practices for visitors from the United Kingdom and European Union/EEA, see below.
6. How We Protect Personal Information
We maintain administrative, technical and physical safeguards designed to protect the personal information we have about you against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. However, no data transmission or storage, or use of the Internet, can be guaranteed to be 100% secure.
7. Transfers of Information
Our Services are hosted in and managed from the United States, which may be outside the country in which you initially provided the information. We may transfer the personal information we collect about you to another country, which may not be deemed to have the same data protection laws as the country in which you initially provided the information. Applicable laws in the United States and/or other countries may allow the courts, law enforcement and national security authorities to access your personal information when in such country.
If you are a user located outside the United States or the country to which your information may be transferred, you understand (and, as permitted under applicable law, consent to) having any personal information processed in the United States and/or such country. When we transfer your information, we will protect that information as described in this Privacy Notice.
8. LINKS TO AFFILIATE AND THIRD-PARTY SITES, APPS AND SERVICES
Our Serivces may provide links to Brainology affiliates’ sites, including their sites, apps and services, as well as those of third-parties that may be operated by companies not affiliated with Brainology. Our affiliates have their own privacy notices or policies, which we strongly suggest you review. Third-party sites may carry advertisements or offer content, functionality, newsletters or applications developed and maintained by those unaffiliated third-party companies. We are not responsible for the privacy practices of any non-Brainology sites, apps or services.
9. ADVERTISEMENTS
Our Serivces may display advertisements from AdMob. For more information about AdMob's privacy polices visit their website by clicking here
10. CHANGES TO OUR PRIVACY NOTICE
From time to time, we may change our Privacy Notice to reflect changes to our privacy practices and our Services. If we modify the Privacy Notice, we will update the “Last Modified Date” and the changes will be effective as of the date we post such Notice. For material changes, we will notify you by posting a prominent notice on our Services indicating at the top of the Privacy Notice when it was most recently updated and/or seek your consent as may be required.
11. HOW TO CONTACT US
If you have any questions or comments about this Privacy Notice or the manner in which we or our service providers treat your personal information, would like to exercise your choices, or would like us to update information we have about you or your preferences, please contact us as follows:
Email: hello@brainology.io
FOR CALIFORNIA RESIDENTS
CALIFORNIA PRIVACY RIGHTS
California Shine the Light Law
Subject to certain limitations, California residents may ask us to provide them with (1) a list of certain categories of personal information that we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, and (2) the identity of those third parties. To make this request, California residents may contact us as specified in the How to Contact Us section above. For such requests, indicate “CA Shine the Light Request” in the subject field of your request.
California Consumer Privacy Protection Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. This section of the Privacy Notice applies if you are a natural person who is a resident of California (“California Consumer”) and use our Services. This notice supplements the information in our Privacy Notice above. Certain terms used below have the meanings given to them in the CCPA.
The following sets forth the categories of information we collect and purposes for which we may use California Consumers’ personal information by our Services:
Categories of Personal Information We Collect About You
The categories of personal information we may have collected about you or your use of our Services are:
- Identifiers, such as your contact information (name, email address, postal address, phone number), government identifiers (national identifier, passport number) or unique personal identifiers (cookies, IP address);
- Internet or other network or device activity, such as browsing history, browser type and language, operating system or usage;
- Geo-location information, such as city and state associated with a unique identifier.
More details on the categories of personal information we may collect are set forth in the Information We Collect and Obtain section of our Privacy Notice.
Categories of Sources From Which We Collected Personal Information
The sources from which we may have collected personal information about you or your use of the Services are:
- Directly from you;
- From other sources, such as Company service providers, such as analytics providers;
- Through your use of our Services;
- as otherwise set forth in the Information We Collect and Obtain section of our Privacy Notice.
Business or Commercial Purposes for Which We Collected or Disclosed the Personal Information
The business or commercial purposes, as defined under the CCPA, for which we collected or sold the personal information, are:
- performing services, including maintaining or servicing accounts, providing customer service, verifying customer information, providing advertising or marketing services, providing analytics services, or providing similar services;
- auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance;
- detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
- debugging to identify and repair errors that impair existing intended functionality;
- undertaking internal research for technological development and demonstration; and
- to advance the commercial or economic interests of the Company, such as by inducing another to subscribe to or provide information or services, or enabling or effecting, directly or indirectly, a commercial transaction.
More details concerning the business or commercial purposes are set forth in the How We Use the Information We Obtain section of our Privacy Notice. We may disclose the categories of personal information identified in Information We Collect and Obtain section of our Privacy Notice about our California consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
Categories of Personal Information Disclosed for a Business Purpose and the Categories of Parties With Whom We Shared the Personal Information
We do not “sell” your personal information to third parties. We will share, however, any or all of the personal information collected from and about you over the past twelve (12) months as discussed above with our data analytics providers for various business purposes.
More details on the categories of personal information we may disclose for a business purpose are set forth in the Information We Collect and Obtain and Information We Share sections of our Privacy Notice.
California Consumer Privacy Rights and Choices
California Consumers may have certain rights in connection with the personal information we collect about you, many of which are subject to exceptions under applicable law:
The right to access and disclosure. You may have the right to request, twice during a twelve month period, the following information about the personal information we have collected about you during the past 12 months:
- the categories and specific pieces of personal information we have collected about you;
- the categories of sources from which we collected the personal information;
- the business or commercial purpose for which we collected or sold the personal information;
- the categories of third parties with whom we shared the personal information; and
- the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose.
The right to deletion. You may have the right to request that we delete the personal information we have collected from you. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights. California residents may exercise their California privacy rights by submitting your request here or by sending an email to hello@brainology.io, indicating “CA Privacy Rights” in the subject field of your email. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
For security purposes, we will verify your identity – in part by requesting certain information from you — when you request to exercise your California privacy rights. For instance, you may need to provide your name and email address. To request that we provide you with the specific pieces of personal information we have from you or to delete personal information we have collected from you, we may also need to ask you for additional information to verify your identity.
Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Where you have requested the categories of personal information that we have collected about you, we will provide such list in a written email to the email address you provide.
- Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA. For instance, we may not disclose government ID or financial account number as such disclosure may create an unreasonable risk to your personal information, your account with us, or our business systems.
- Where you have requested that we delete personal information that we have collected from you, we will delete, deidentify, or aggregate, as appropriate, any information about you that is not necessary for the purposes indicated above. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
The right to nondiscrimination. We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Authorized Agents. You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf through providing us with a signed written authorization or a copy of a power of attorney.
FOR UNITED KINGDOM AND EUROPEAN UNION/EEA USERS
The UK Data Protection Act of 2018 (DPA 2018) and the EU General Data Protection Regulation (GDPR) provide certain rights regarding the processing of personal data of EU/EEA/UK data subjects. This section of the Privacy Notice applies if you are in the United Kingdom or a country that is a Member of the European Union or EEA, and supplements the information in the Privacy Notice.
Brainology is the data controller for the processing of your personal data, as defined under the DPA 2018 and the GDPR, collected by the Company from visitors to the brainology.io site (the “Site”) or any of its other apps or services (together "Services").
LEGAL BASIS FOR DATA PROCESSING
We collect and process your personal data for the purposes set out in the Privacy Notice. Our legal basis to process personal data includes processing that is: (1) necessary to comply with legal requirements (for example, where we have a legal or regulatory obligation or to defend claims); and/or (2) necessary for our legitimate interests (for example, to improve our Site).
UK AND EU/EEA DATA SUBJECT RIGHTS
Where we process your personal data, you have a number of rights over how the data is processed and can exercise these rights at any point in time. Below is an overview of these rights, many of which are subject to exceptions under applicable law. You can exercise these rights by emailing hello@brainology.io, and indicating “GDPR Request” or “UK DPA Request” in the subject line.
The right to access and rectification. You have the right to access, correct and update your personal data at any time.
The right to object to or restrict processing. Under certain circumstances, you have the right to object to or restrict our processing of your personal data. For example, where we process personal data based on our legitimate interests, you may object to this. We will need to carefully consider your request, as there may be circumstances which require us, or allow us, to continue processing your data. However, you have an absolute right to object to our processing of your personal data for direct marketing purposes, and no exception applies to such a request.
The right to lodge a complaint with a Supervisory Authority. You have the right to lodge a complaint directly with the relevant Supervisory Authority about how we process your personal data.
The right to erasure. Under certain circumstances, you have the right to request that we delete your data. If you wish to delete the personal data we hold about you, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements.
The right to data portability. With respect to the personal data you have provided to us, in addition to the general right of access described above, you may have, subject to certain exceptions, rights to (i) receive a copy of it in a structured, commonly used and machine-readable format, (ii) transmit the data to another data controller, and (iii) depending on the circumstances, have us perform that transmission.
RETENTION OF PERSONAL DATA
We will keep your personal data for as long as we need it to fulfull the purposes for which the personal data was collected, or while there is a legitimate reason for doing so, and as otherwise required or permitted by applicable law, such as in relation to our record retention obligations.
INTERNATIONAL DATA TRANSFERS
Personal data of our UK or EEA users may be transferred outside the UK or EEA to countries that may not have data protection rules that require the same level of protection, but we will make sure that there are appropriate mechanisms and controls in place to protect your data. This may include data transfer agreements, a copy of which you can obtain by contacting us. We use these data transfer mechanisms – and not consent – as the legal basis for our own transfers of personal data from within the UK or EEA to outside the UK or EEA (even when other aspects of our handling of personal data take place on the basis of consent).