BrandLock LLC. and its “Affiliates”, which shall mean subsidiaries, parent companies, joint ventures and other corporate entities under common ownership (“BrandLock ”, “Company” or “We”) is committed to protect your right to privacy.
BrandLock may update this policy, we will notify You about significant changes in the way we treat Personal Data by sending a notice to the primary email address specified in your account or by placing a prominent notice on the Website.
If you are a California Resident please see our CCPA Notice available at: https://www.brandlock.io/ccpa.
- INTRODUCTION & OVERVIEW
BrandLock offers its customers (“Customers”) various services and features, including (collectively shall be defined as the “Service(s)”): (i) a Online Journey Hijacking Prevention (“OJHP”) service, that identifies and blocks unauthorized ads or web sessions, that divert Customer’s end users (“End Users”) from the Customer’s website; and/or (ii) an One on One Intent Based Promotion (“OOIBP”) services, that offers individualized incentives to End Users in order to increase the business metrics and revenues; and (iii) online dashboard and account enabling the Customer, its employees and administrators to analyze the data provided by the Services.
- THE DATA PROCESSED BY BRANDLOCK
“Personal Data”, means information which identifies or may identify an individual, including first and last name, phone number, email address, pictures, billing information, online identifiers, etc.
“Non-Personal Data”, means non-identifiable aggregated data, such as technical data transmitted by the user’s device and aggregated use of the Site by the general public.
for ensuring the technical functioning of our network and to help prevent fraudulent use of the Services.
In the table below, we detail the data set we collect and the purpose of such processing. It is important to understand, in some cases we act as the “Data Controller” as defined under the EU General Data Protection Regulation (“GDPR”) or “Business” as defined under the California Consumer Privacy Act (“CCPA”) when we process Personal Data of our Customers or Visitors, however, we act as a “Data Processor” as defined under the GDPR or “Service Provider” as defined under the CCPA in the event we process Personal Data from an End User, i.e., an individual browsing our Customer’s website, all as further detailed in the table below.
|Type of Personal Data||Purposes of Processing||For EU persons – Legal Basis under the GDPR|
|Contact Information of Customers and Potential Customers: |
Customers data, including contact information, payment information, etc. is governed by the Client Agreement and Data Processing Agreement.
However, if You show interest in our Services by contacting us, signing up to receive a demo, or request we analyze your site (“Potential Customer”), You will be requested to provide certain Personal Data, such as your: name, email address, company, job title, phone number, and country.
|We use the Customer or the Potential Customer data solely to provide the Service or respond to the inquiry submitted by it.||We process the Personal Data to perform our contract with You.|
|Direct Marketing: |
We collect the Customer, or the Potential Customer’s email address for Direct Marketing.
|We use the email address provided by the Customer or Potential Customer for direct marketing, meaning we will send You email promotions and updates specifically regarding the Services You are interested in, or, if You are an existing Customer we will also send you information on the Services used and invoices (“Direct Marketing”).||our legitimate interest in providing You information regarding the Services, you may opt-out at any time.|
In the event a You sign up to receive our newsletter, as a Visitor to the Site, or other marketing materials, You will be requested to provide your email address.
|We use this information to send updates, commercial promotions, new products, features and services, special and promotional offers and events of interest.||We process this information solely upon receiving your consent. You may opt-out of this service at any time by submitting a request at the following link: info@brandlock .io or by other means we will make available (e.g., “unsubscribe” link within the applicable email).|
|Online Identifiers: |
When you interact with our Site or Services, including our Customers’ website we collect your Internet protocol (IP) address.
|When we process your online identifiers through our Site from out Visitors, this is done for analytic and marketing purposes. However, when we process the online identifiers, such as IP from the Customer’s End Users, this is done solely to determine from which country the End User is accessing the Customer’s website.||In the event we process this information as the data controller we will require your consent, though our cookie notice on our Site.|
In the event we process the IP as our Customer’s processor, we rely on the lawful basis established by our Customer.
If You voluntarily contact us in any manner, or for any requests or to notify us about something, You may be required to provide us with certain information such as your name and email address.
|We will use your contact details only in order to respond to Your request, provide You with support and assist You or provide You with any other service that You may request.||We process the Personal Data under our legitimate interest.|
In the event You are interested in joining our team, and wish to submit your CV, You will be required to provide us with your contact details and submit your CV.
|We collect this data in order to process your job application, including assessing suitability, eligibility or fitness to work.||our legitimate interest.|
|Unique ID: |
When End Users access our Customers’ website, they will be assigned with a unique ID, which is a random number we generate (“Unified ID” or “Unique ID”).
Although the Unique ID does not reveal the identity of a user and is not generated based on any personal information, it may be considered under some jurisdictions as personal information. Therefore, we treat such information as Personal Data, in accordance with applicable laws.
|To provide our Services to our Customers, hence to enable our Customer to identify that an End User is the same End Use when such End User access the Customer website again||We process this on behalf of our Customer (as a processor/service provider), therefore, we rely on the lawful basis established by our Customer|
|Non-Personal Data Technical Information:|
Clickstream data, scope, frequency, latency of web-pages accessed and viewed, interactions with content and materials, type of device/operating system/browser, time stamp, approximate location (i.e., country level), and language.
|This Non-Personal Data is used so that we can provide our Services and maintain our Site, including among others, in order to measure and understand the level of engagement with the Services, for general business analytics||NA|
- HOW WE COLLECT YOUR DATA
Depending on the nature of your interaction with the Services, we may collect information as follows:
(ii) Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as through communications, support, registration, etc.
- SHARING PERSONAL INFORMATION
We share Personal Data only under the following limited circumstances:
a) With trusted partners and third parties who assist us in operating the Site and Services and conducting our business, such as fraud prevention, bill collection, account maintenance and technology services, these parties are all obligated to keep the Personal Data protected and are contractually signed on data processing agreements.
b) With our Affiliates solely if and when applicable or necessary.
c) With third parties if necessary, to comply with a legal requirement, for the administration of justice, to protect your vital interests or the vital interests of others, to protect the security or integrity of our databases or the Services, to take precautions against legal liability, or in the event of a corporate sale, merger, reorganization, dissolution or similar event.
- FOR HOW LONG DO WE RETAIN THE DATA WE COLLECT AND PROCESS?
We retain the Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out. We may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes. For more information on our data retention policy please contact us at: firstname.lastname@example.org.
- TRANSFER OF DATA
We use AWS cloud services to store our data, which are located in the US. In the event of data transfer out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Further, When Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection) it shall be transferred in accordance with the provisions of the standard contractual clauses approved by the European Union. If you would like to understand more about these arrangements and your rights in connection therewith, please contact us at: email@example.com.
- RIGHTS OF DATA SUBJECTS
Individuals have the right to know what information we hold about them and, in some cases, to have such information communicated to them. Individuals may also ask for our confirmation as to whether or not we process their Personal Information. Subject to the limitations in applicable law, individuals may also be entitled to obtain from us the Personal Data they have provided to us in a structured, commonly-used, and machine-readable format, and may have the right to transmit such Personal Data to another party.
If You wish to receive more information or in the event that You have any additional complaints about your privacy rights, please contact us at: firstname.lastname@example.org.
We use physical, technical and security measures to protect the data processed by us or through our Services, for detailed information on the means implemented to prevent data breach, security incidents and to protect your Personal Data please ask us for a copy of security policy by emailing us at email@example.com
If You have any questions about this policy or concerns about the way we process your Personal Data, please contact us at firstname.lastname@example.org.