Our Commitment to Consumer Privacy

Overview

At Brandify, we believe in supporting the rights of consumers. We also believe in providing our clients with the support required to navigate and adhere to these requirements in the context of our mutual activities. 

On this page, we will describe how Brandify complies and helps its clients to comply with the principles of consumer privacy in general, and in particular with the General Data Protection Regulation (GDPR) in the European Union (EU) and the California Consumer Privacy Act (CCPA) in California. 

How to Request Information Regarding Your Personal Data

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and verify your request, we will disclose to you any categories and specific pieces of personal information we have collected about you. Our communication will include the categories or sources from which the personal information is collected, the business or commercial purpose for collecting or selling the personal information, and the categories of third parties with whom we may share personal information.

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12 month period. 

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will therefore request that you provide sufficient information to allow us to reasonably verify that you are the person about whom we collected personal information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Response Timing and Format

We endeavor to respond to verifiable consumer requests within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically according to your preference. Any disclosures we provide will only cover the 12 month period preceding receipt of the verifiable consumer request. The response we provide may also explain the reasons we cannot comply with a request, if applicable.   

We do not charge a fee to process or respond to your verifiable consumer request, unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

To make a request for information, you can email us at privacy@brandify.com or fill out the Personal Information Request Form on our "Do Not Sell My Personal Information" page. We will contact you to verify your identity before completing your request.

Children Under 16

Our website and services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this website or any of our services. If we learn we have collected or received personal information from a child under 16, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@brandify.com.

What are GDPR and CCPA?

The General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Though the rules are designed to protect the privacy rights of people in the EU, they are being implemented by companies who do business outside the EU, because most online services are available globally.

The California Consumer Privacy Act (CCPA) was voted into law in 2018 and is in effect as of January 1, 2020. The act requires that companies doing business in California provide protections for California citizens when it comes to buying, selling, sharing, storing, or utilizing personally identifiable information (PII) of various kinds. 

Rights of EU Persons under GDPR

GDPR outlines several specific privacy rights for persons in the EU.  These rights relate to personal data such as your name, email address, phone number, profile photo, and anything else that could be used to identify you. 

The right to be informed: A right to be informed about the use of your personal data;

The right of access: A right to access personal data we hold about you;

The right to rectification: A right to correct personal data about you that may be incomplete or inaccurate;

The right to be forgotten: In certain circumstances you can ask us to delete the personal data we have about you, unless there is a legal requirement on our part to keep it;

The right to restrict processing: A right for you to request a suspension of personal data processing;

The right to data portability: A right to ask us for a copy of your personal data; and

The right to object: A right for you to object to us with respect to our use of your personal data. 

Rights of California Citizens under CCPA

Similarly to GDPR, California’s CCPA regulation defines certain rights that apply to all California citizens who interact with companies doing business in the state. Rights under CCPA are outlined below. 

The right to information: The right to request that a business that collects personal information about the consumer disclose to the consumer the following:

(1) The categories of personal information it has collected about that consumer.

(2) The categories of sources from which the personal information is collected.

(3) The business or commercial purpose for collecting or selling personal information.

(4) The categories of third parties with whom the business shares personal information.

(5) The specific pieces of personal information it has collected about that consumer.

The right to disclose:  The right to request that a business that sells a consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer:

(1) The categories of personal information that the business collected about the consumer.

(2) The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.

(3) The categories of personal information that the business disclosed about the consumer for a business purpose.

The right not to sell:  The right, at any time, to direct a business that sells personal information about the consumer to third parties not to sell the consumer’s personal information by opting out through a link on the business’s Internet homepage, titled “Do Not Sell My Personal Information.” 

The right to destroy:  The right to request that a business delete any personal information about the consumer which the business has collected from the consumer

The right to non-discrimination:  A right that guarantees we will not alter any prices or services offered to you if you choose to exercise these privacy rights.

To exercise any of your rights, or if you have any concerns regarding data use or privacy, you may contact us at privacy@brandify.com or submit a request on our “Do Not Sell My Personal Information” page.

Categories of Personal Information We Collect 

Brandify within the last 12 months has collected the following categories of personal information: 

  • Identifiers: A real name, alias, postal address, billing address, unique personal identifier, online identifier, internet protocol (IP) address, email address, account name, webpage, company information, or other similar identifiers.
  • Personal information described in the California Customer Records statute Cal. Civ. Code section 1798.80 (e):  A name, address, or telephone number. Some personal information included in this category may overlap with other categories.
  • Internet or other electronic network activity information:  Browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
  • Geolocation data:  Physical location or movements. 
  • Inferences drawn from other personal information:  Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Categories of Sources from Which We Collect Personal Information and Purpose for Collection

Directly from Users

  • Send to email; send to phone: Visitors to store locators, local pages, and any other public pages we host on behalf of brands may be able to request that information, such as a store’s location, be sent to them via email or text message. We capture but do not store the user’s email or phone number in these cases.
  • Request a quote; click to be called: Other features on public pages we host on behalf of brands may include a request for a price quote or to be contacted by phone. In these cases, we store customer names, emails, and/or phone numbers on behalf of the brand.

  • IP addresses and GPS location: In order to provide accurate, customized search results to users, many of our store locators contain code that automatically detects the user's location by means of their computer's IP address or the GPS coordinates of their phone. When asking for GPS coordinates, we always request permission from the user. In general, however, this form of data detection is not stored and is only used to show a more relevant search result page.
  • Forms on our website: On our website, we present users with certain forms where they can request a demo of our services, sign up up to receive email updates, register for webinars, request to download ebooks and white papers, and so on. When we ask you to fill out one of these forms, we may request personal information such as your name and email address. If you have provided this information to us at any point, you can request that it be removed by contacting us.

Indirectly From Publicly Available Sources

  • Social data:  Brandify stores and reports on social data related to a brand, such as consumer reviews of stores and social posts that mention a brand by name. Social data may include names, photos and other personal data that users have opted to share on social networks. We collect this data through publicly available sources, such as APIs made available by social sites. Those sites have primary responsibility for guaranteeing the rights of their users. We will follow the direction of any social site that instructs us to remove personal data on behalf of its user or users. 
  • Advertising: Brandify helps clients to conduct localized advertising campaigns that may make use of information about certain individuals, such as the mobile device ID associated with your smartphone or a cookie ID associated with your desktop browser. This information helps us coordinate advertising services in order to display relevant ads to consumers based on their physical location and other characteristics. 

Personal Information May be Sold to Third Parties

We may make consumer data available to third parties for monetary or other valuable consideration. You have the right to opt out of the sale of this information by opting out through the link on our Internet homepage titled “Do Not Sell My Personal Information.” As noted above, our website and services are not intended for children under 16 years of age, and we will not knowingly buy, sell, use, or share information about such users.

Updated Privacy Policy

Please review Brandify’s Privacy Policy which contains updates related to the recent regulations.

Questions?

Please feel free to contact us at privacy@brandify.com and we’ll be happy to consult with you.