Last Updated: 18-May-2018
Section 1 – General and Web Site Covered
Section 2 – Information Collected
brainCloud offers a variety of services that are collectively referred to as the “brainCloud Services.” brainCloud collects information from individuals who visit brainCloud’s web site (“Visitors”) and individuals who register to use the brainCloud Services (“Customers”).
When expressing an interest in obtaining additional information about the brainCloud Services or registering to use the brainCloud Services, brainCloud requires You to provide personal contact information, such as name, company name, address, phone number, and e-mail address (“Required Contact Information”). When purchasing the brainCloud Services, brainCloud requires You to provide financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the brainCloud Services (“Billing Information”). brainCloud may also ask You to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information are referred to collectively as “Data About brainCloud Customers”.
As You navigate brainCloud’s web site, brainCloud may also collect information through the use of commonly-used information-gathering tools, such as cookies and web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from YourWeb browser (such as browser type and browser language), Your Internet Protocol (“IP”) address, and the actions You take on the Company’s Web site (such as the Web pages viewed and the links clicked).
Section 3 – Use of Information Collected
brainCloud uses Data About brainCloud Customers to perform the services requested. For example, if You fill out a “Contact Me” Web form, brainCloud will use the information provided to contact You about Your interest in the brainCloud Services.
brainCloud may also use Data About brainCloud Customers for marketing purposes. For example, brainCloud may use information You provide to contact You to further discuss Your interest in the Services and to send You information regarding the Company and its partners, such as information about promotions or events.
brainCloud uses credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services.
brainCloud uses Web Site Navigational Information to operate and improve its Web site. brainCloud may also use Web Site Navigational Information alone or in combination with Data About brainCloud Customers to provide personalized information about the company.
Section 4 – Rights to Access, Rectification or Erasure, Restriction and Objection, of Processing
You have the right to access, rectification, opposition, erasure (“right to be forgotten”), and right to the restriction of processing of Your personal data by directing any such requests to brainCloud. In order to make things easier for You, and without prejudice to the legal requirements brainCloud must comply with under the laws, brainCloud allows You to exercise the above-mentioned rights by opening a support ticket via the Help Centre. Send a request via firstname.lastname@example.org or click the Chat widget at the bottom of any page.
Section 5 – Collecting, Processing and Retention of Data
For the processing of Your data, on Your behalf, brainCloud undertakes to fulfil the following obligations:
- To maintain the duty of secrecy with respect to the personal data to which brainCloud has access, even after the termination of the contractual relationship, and to ensure that our employees have committed in writing to maintain the confidentiality of the personal data processed.
- To ensure, taking into account the available technology, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as the risks of varying probability and severity for the rights and freedoms of natural persons, that they will apply adequate technical and organizational measures to ensure a level of security appropriate to the risk, including, where appropriate, among other things:
– The pseudonymization and encryption of personal data;
– The ability of ensuring the continued confidentiality, integrity, availability and resilience of the systems and services;
– The ability of restoring the availability and access to personal data quickly in the event of a physical or technical incident;
– A process of regular verification, evaluation and assessment of the effectiveness of the technical and organizational measures in order to ensure the safety of the processing.
When evaluating the adequacy of the security level, special account shall be taken of the risks presented by the data processing, in particular as a consequence of the destruction, loss or accidental or unlawful alteration of the personal data transmitted, stored or otherwise processed, or the communication or unauthorized access to such data.
- To keep under our control and custody the personal data to which we have access in relation with the provision of the Service, and to not disclose them, neither transfer or otherwise communicate them, not even for their preservation, to persons unrelated with the provision of the Service covered by this Agreement.
- To delete or return to You, at Your choice, all personal data to which brainCloud have had access in order to provide the Service. Likewise, brainCloud undertakes to delete the existing copies, unless there is a legal rule that requires the preservation of the personal data. However, employees and other personnel working for brainCloud are entitled to Your data as required to carry out their obligations under the terms of their contract.
- To notify You in the notification any competent Control Authority and, if applicable, to the interested parties of the security breaches that occur, as well as to provide support, when necessary, in the carrying-out of privacy impact assessments and, as well as to assist You so You can fulfil the obligation of responding the requests to exercise certain rights.
- On request, to bring, a record of all categories of processing activities performed on behalf of You. (brainCloud reserves the right to charge for this request on a case by case review)
- To cooperate with the appropriate Control Authority, at its request, in the fulfilment of its powers.
- To make available to You the whole information necessary to demonstrate the fulfilment of the obligations established under this Agreement, as well as to allow and contribute to the performance of audits, including inspections, by You or by a third party authorized by You. (brainCloud reserves the right to charge for this request on a case by case review.)
- If brainCloud or any of his Subcontractors violates this Agreement or any regulation when determining the purposes and means of the processing, they shall be held responsible for such processing. Furthermore, if such Subcontractors are based in countries which do not have legislation on data protection which is not equivalent to the appropriate Control Authority, brainCloud shall establish all safeguards required by the appropriate Control Authority in order to comply with all obligations arising from transfers of data to Third Countries, and shall promptly inform You about such safeguards, if so requested.
- We also use Your information to review, investigate and analyze how to improve the services provided. We may also collect and analyze Your data to monitor, maintain and improve our services and features.
- We may internally perform statistical and other analysis on information we collect (technical and meta data) to analyze and measure user behavior and trends, to understand how people use our services, in order to. Improve and optimize our performance of such services, and to monitor, troubleshoot and improve our services, including helping us evaluate or devise new features.
- We may use Your information for internal purposes designed to keep our services secure and operational, such as testing purposes, troubleshooting, to prevent abusive activity (i.e. fraud, spam, phishing activities), and for service improvement, research and development purposes.
- Your data is not disclosed to any third party except (i) for providing the services You requested and for which brainCloud collaborates with third parties, (ii) when we have Your permission, (iii) when it is required by a competent authority in the exercise of its duties (for example in order to investigate, prevent or take action regarding illegal activities) or (iv) as otherwise required by law.
- You may cancel Your account at any time by request to brainCloud Support Personnel via email@example.com or via the chat widget. Deleting Your account will cause all the data in the account to be permanently deleted from our systems within a reasonable time period, as permitted by law and will disable Your access to any other services that require a brainCloud account. We will respond to any such request, and any appropriate request to access, correct, update or delete Your personal information within the time period specified by the appropriate law (if applicable) or without excessive delay. We will promptly fulfill requests to delete personal data unless the request is not technically feasible or such data is required to be retained by law (in which case we will block access to such data, if required by law).
- We encourage You promptly to update Your personal information when it changes. Information concerning Your past behavior with the Service may be retained by brainCloud as long as necessary for the purposes set out below.
RETENTION OF YOUR INFORMATION
- We retain information for active brainCloud Accounts as long as it is necessary and relevant for our operations. In addition, we may retain information from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce the branCloud Terms of Service and take other actions as permitted by law.
- If You consider that any use of Your data might breach any of Your rights, You can lodge a complaint at any time by opening a support ticket from our Help centre or, alternatively, by filing a complaint before the appropriate competent Control Authority.
Section 6 – Web Site Navigational Information
brainCloud uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as You navigate its Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on brainCloud’s Web site and how this information may be used.
If You have chosen to identify Yourself to brainCloud, the company uses session cookies containing encrypted information to allow it to uniquely identify You. Each time You log into the brainCloud Services, a session cookie containing an encrypted, unique identifier that is tied to Your account is placed Your browser. These session cookies allow brainCloud to uniquely identify You when You are logged into the brainCloud Services and to process Your online transactions and requests. Session cookies are required to use the Services.
brainCloud uses persistent cookies that only the Company can read and use to identify browsers that have previously visited the Company’s Web site. When You purchase the Services or provide the Company with personal information, a unique identifier is assigned You. This unique identifier is associated with a persistent cookie that the Company places on Your Web browser. The Company is especially careful about the security and confidentiality of the information stored in persistent cookies. For example, brainCloud does not store account numbers or passwords in persistent cookies. If You disable Your Web browser’s ability to accept cookies, You will be able to navigate the Company’s Web site, but You will not be able to successfully use the Services.
brainCloud may use information from session and persistent cookies in combination with Data About brainCloud Customers to provide You with information about the company and the brainCloud Services.
Web Beacons – brainCloud uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the company’s Web site and interaction with e-mails from the company. Web beacons are clear electronic images that can recognize certain types of information on Your computer, such as cookies, when You viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, brainCloud may place Web beacons in marketing emails that notify the company when You click on a link in the e-mail that directs You to one of the company’s Web sites. brainCloud uses Web beacons to operate and improve the its Web site and e-mail communications.
brainCloud may use information from Web beacons in combination with Data About brainCloud Customers to provide You with information about the company and the brainCloud Services.
Flash Cookies – brainCloud may use local shared objects, also known as Flash cookies, to store Your preferences or display content based upon what You view on our site to personalize Your visit. Third parties, with whom the Company partners to provide certain features on our site or to display advertising based upon Your Web browsing activity, use Flash cookies to collect and store information.
Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by Your browser will not remove Flash cookies.
IP Addresses – When You visit brainCloud’s Web site, the company collects Your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, brainCloud uses IP addresses to monitor the regions from which Customers and Visitors navigate the company’s Web site.
Third Party Cookies – From time-to-time, brainCloud engages third parties to track and analyze usage and volume statistical information from individuals who visit the its Web site. brainCloud may also use other third-party cookies to track the performance of company advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the company receives it.
Section 7 – Public Forums, Refer a Friend, and Customer Testimonials
brainCloud may provide bulletin boards, blogs, or chat rooms on the its Web site. Any personal information You choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send You unsolicited messages. brainCloud is not responsible for the personal information You choose to submit in these forums.
brainCloud may post a list of Customers and testimonials on the company’s Web site that contain information such as Customer names and titles. brainCloud obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.
Section 8 – Sharing of Information Collected
brainCloud may share Data About brainCloud Customers with the company’s service providers so that these service providers can contact Customers and Visitors who have provided contact information on our behalf. brainCloud may also share Data About brainCloud Customers with the Company’s service providers to ensure the quality of information provided. Unless described in this privacy statement, brainCloud does not share, sell, rent, or trade any information provided with third parties for their promotional purposes.
From time to time, brainCloud may partner with other companies to jointly offer products or services. If You purchase or specifically express interest in a jointly-offered product or service from brainCloud, the Company may share Data About brainCloud Customers collected in connection with Your purchase or expression of interest with our joint promotion partner(s). brainCloud does not control our business partners’ use of the Data About brainCloud Customers we collect, and their use of the information will be in accordance with their own privacy policies. If You do not wish for Your information to be shared in this manner, You may opt not to purchase or specifically express interest in a jointly offered product or service.
brainCloud uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the brainCloud’s behalf.
brainCloud reserves the right to use or disclose information provided if required by law or if brainCloud reasonably believes that use or disclosure is necessary to protect the company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
Section 9 – International Transfer of Information Collected
To facilitate brainCloud’s global operations, the Company may transfer and access Data About brainCloud Customers from around the world. This Privacy Statement shall apply even if brainCloud transfers Data About brainCloud Customers to other countries.
Section 10 – Communications Preferences
brainCloud offers Customers and Visitors who provide contact information a means to choose how brainCloud uses the information provided. You may manage Your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the company’s marketing emails. Additionally, You may send a request specifying Your communications preferences to firstname.lastname@example.org. Customers cannot opt out of receiving transactional emails related to their account with brainCloud or the brainCloud Services.
Section 11 – Correcting and Updating Your Information
Customers may update or change their registration information by logging in to their accounts at http://getbraincloud.com. Requests to access, change, or delete Your information will be handled within thirty (30) days.
Section 12 – Security
brainCloud uses appropriate administrative, technical, and physical security measures to protect Data About brainCloud Customers.
Section 13 – Changes to this Privacy Statement
brainCloud reserves the right to change this Privacy Statement. brainCloud will provide notification of the material changes to this Privacy Statement through the Company’s Web site at least thirty (30) business days prior to the change taking effect.
Section 14 – Contacting Us
If You have questions or complaints regarding our Privacy Statement or practices, please contact us by e-mail to our privacy officer at email@example.com or by mail at 1309 Carling Avenue, Ottawa, Ontario, K1Z 7L3, Canada.