We are members of IAB Sweden, IAB is an interest organization that works with online marketing in Sweden. They are a network of highly qualified people who focus on creating transparency and spreading knowledge in the industry. Read more here: https://iabsverige.se/
We update this policy regularly. These updates can be found here. Although we try to keep you updated on any changes to this policy, we encourage you to stay up to date by reading through this policy from time to time. You can always find the latest version here.
1. Brain's or our customers' use of the Service
a) Subscription services
Our service allows for the company that use it (our customers or ourselves) to analyze consumers based on geographical information, cookie information and browser information.
The service also allows companies to target marketing, commercial content or editorial content to their customers in own and operated channels (owned domains, news letters, mobile messages, direct marketing, etc.) or in bought channels (digital marketing, printed marketing, searches, social media, etc.).
We provide this service to our customers so that they can better understand their customers, their needs and wishes, increase sales and find new customers based on insights about their existing customers. We use the services in a similar fashion to meet our business needs.
b) Use by Brain
c) Use by our Customers
We do not have any direct relation to the individuals that provide their PII to our customers. We do however recognize your right to have access to your personal information. Our customers control the information and thereby it is they who are responsible for correcting, deleting or updating information that they have gathered, analyzed or processed, through our services. If we are requested to delete data we will respond in a timely fashion and in accordance with current legal requirements. It may happen that we cooperate with our customers to inform their clients about data processing, collection and use. Our agreements with our customers prevents them from using the service to collect, store or process sensitive information. We are not responsible for our customers use of the information created by or throgh the services we provide. If you wish to check, give or withdraw consent for data processing we ask you to contact the customer that the processing concerns. In some cases we might transfer information to companies that help us deliver our services. Transfer to third parties is covered by the service agreements we have with our customers.
d) “Sensitive information”
This is information such as: payment information, personal bank information, address information, personal identification numbers, drivers license numbers, passport numbers or other information that identifies an individual, as well as ethnical information, health records, religious views, employment records, finance or health information.
2. Information we collect
a) When you visit a website
You may visit a website that use our services without providing any personal information about yourself. We may request information about you when you visit a domain or register for a service, this information about you, in combination with browser data, app-data or geographical information may be collected and processed in that case.
Through our services to our customers we will collect various data such as but not limited to: browser data and settings (language, browser version, browser type, header referrer, page data), device information (pixel ratio, mobile detection), browser plugins (blocked 3rd party cookies, user agent, version, local storage), performance information (load time, collect time, pixel load time, domain lookup time, connect time) as well as other custom data points on the request of our customers.
b) ”Personal Identifiable Information – PII”
This is information that you voluntarily give up to us or one of our customers that identifies you as an individual, including contact information, such as your name, e-mail, company, company address, home address, phone number or other information about you or the company you work for.
PII may also be information about transactions, both free or paid, that you activate through a domain or a service, and information that can be available about you through services such as Facebook, Linkedin, Twitter or Google, or public information about you that can be obtained through 3rd party suppliers.
PII can also be geographical information and payment information that can identify you as an individual. Geographical information is information that can be linked to your computer and your visits to domains or services, such as your IP-address, geographical position, browser type, URL, time stamps and pages that have been visited. Payment information can include information about payment method, credit card numbers and purchase information. Besides this we do not collect, store or process any information about you.
c) Log files
When you use domains or services that have our systems integrated we automatically collect information about your computers hardware and software. This information may include IP-address, browser type, domain name, ISP, what files you have seen on the domain (HTML-pages, images, etc.), operation system, click-stream data, time stamps and referring web pages. This information is used by Brain to supply our service, to maintain the quality of service, and deliver statistics for the use of our or our customers web sites and domains. For these purposes we automatically link to PII information, if you or our customers have provided such.
d) Information we collect through 3rd party
We may collect information about you from 3rd party sources, including partners that we provide services with or do marketing efforts with, and through public sources of data such as social media websites.
e) Information about underaged
Our website and services is not designed for children under the age of 18, and we do not knowingly collect data about person we know are under 18. If you think we might have collected data about a minor please contact us: [email protected].
3. How do we use the information we collect
We do not sell your personal information
We never sell personal information (PII) to third parties.
Use of Personal Information
Improve your experience of online through personalization of websites and applications;
Send information to you with content we believe may be relevant for you, by mail, e-mail or by other ways of marketing.
Market our services and share marketing and information in accordance with your preferences;
Provide other companies with statistical information about you, but only in forms that does not allow for you to be identified as an individual;
To meet legal requirements from government authorities, local or national, or other parties authorized to make such demands.
We may contact you on the behest of 3rd parties, but in that case we will not transfer personal information to that 3rd party.
We use the information collected for the following purposes:
In order to provide the service as a whole and prevent or obstruct security- and tech problems.
To respond to yours and others support questions and issues.
To fulfill our obligations to you under our service agreement.
b) Legal grounds for processing personal information (visitors and customers within the EU)
If you are a visitor or customer within the European Union economic area, Digital Brain Nordic is Data Controller for the data you directly submit to us as a legal entity. You can contact our Data Protection Officer here: [email protected].
Our legal ground for collecting, processing and use above mentioned personal information depends the personal information and what context we collect it in.
But normally we will only collect and process information when we have your consent to do so, when we need your personal information to fulfill a contractual obligation with you or where the processing is in our legitimate interest and does not violate your personal integrity, your rights concerning personal information, your basic rights and freedoms. In certain cases we may have obligations to collect information about you.
If we ask for personal information according to legal requirements or in order to fulfill a contract with you, we will do so by clearly explaining what information that is mandatory and which is not, as well as the consequences of not giving the information. If we collect and process personal information about you under legitimate interest, or a legitimate interest for third party, we will make this clear to you.
In the cases where we deliver our services to our customers and process personal information on behalf of our customers Brain acts in the capacity of data processor to our customers. And in these cases it is our customers that are data controllers and thereby also responsible for establishing legal ground for the purposes for which they use our services. We always deliver our services to our customers under a data processing agreement.
c) Use of geographical information
We use geographical information in order to manage and improve our domains and applications, and to improve our services. We may use geographical information alone or in combination with personal information in order to provide a personalized experience of our domains and services.
d) Customer reviews and comments
We may publish customer reviews and comments in our digital channels and marketing materials (website, applications, social media, sales documents, etc.) that may contain personal information. We obtain consent for this prior to publication.
e) Use of payment information
If you share your payment details with us (bank account, credit card number, etc.) we will only use this in order to investigate your financial status and charge you for our services. We allow third party services to manage these payments. This service provider is not allowed to store your information for other purposes than processing your payments on our behalf.
We apply a wide variety of security measures and technologies in order to protect your personal information from unauthorized access or processing. We secure the protection by storing the information on servers in protected environments, protected from unauthorized access. All personal information is protected through suitable physical, technical and organizational measurements.
g) Social media and third-party suppliers
h) External sites
We may link to external websites. We do not control or are neither responsible for the content on those websites. Just because we link to them does not mean that we endorse, market or agree on the content of those websites, what their owners communicate or how they work.
i) Storage of personal information
How long we store the information we collect about you depends on the type of information; this is described below. We will erase, anonymize and if that is not possible, store your information securely and block usage of it until it can be erased.
We store your personal information that you have shared with us as long as there is a legitimate interest to do so. As an example we will store your contact information as long as it is necessary in order to communicate with you concerning our services. Or to uphold legal requirements, manage disagreements or uphold our agreements with you.
When there no longer is a business need nor a legitimate interest to store your personal information we will erase, anonymize and if that is not possible, store your information securely and block usage of it until it can be erased. We can erase this information prior to this if you request it.
4. How do we share the information we collect
a) Service providers
We use external service providers that supply our visitors and customers with services. We may need to share information with them in order for them to supply you with their information, products and services.
The following 3rd parties might be involved in providing our services to our customers: Amazon AWS, Sentry, Github, Heroku, InsightOne Nordic.
b) Brain Partners
We may share the data and information with our partners that may contact you based on a request from you. This may be a service or add-on products that you request. We may also share information with partners for the following purposes: analytics, support, data enrichment or marketing. These partners may not share your personal information for other purposes than those specified.
c) Business events
If we, or the assets we control were to be bought by another company, through merger, acquisition, bankruptcy or similar event, that company will acquire access to all information that we gathered through our domains and services. In that case you will be notified of this, through e-mail or a clear notification in our service or on our website. We will then communicate the change of ownership of your personal information we collected and the option you have due to this event.
d) Required sharing of information
We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
5. International transfer of information
a) International transfer of information within Brain or our subsidiaries
6. Cookies and similar techniques
b) Geographical information that is used by our customers and visitors
Our customers may use tools and services that we provide, as well as tools and services from third parties, to collect geographical information when you visit their domains. We do not control how they use this information.
c) Tracking technologies from third parties
e) How can you access and manage your personal information?
You have the following rights in term of your personal information:
You may request access to-, correction of- or deletion of- your personal information.
You may object to the processing of your personal information, ask us to limit the processing or request access to your personal information.
If we have gathered and processed your personal information with your consent you are able to withdraw that consent at any time. If you withdraw consent does not change the legality of any processing done prior to withdrawing consent. It will also not affect any processing that is done with other legal ground than consent.
You have the right to question the processing of personal information that we do, in that case you should contact the data protection authorities in the country where you are a resident.
In order to exercise these right please contact us by e-mail: [email protected] or by postal services: Digital Brain Nordic AB, Kungsportsavenyen 21 c/o Convendum, 41136 Göteborg, Sverige, Att: DPO. We will respond to your request in reasonable time and in accordance with at the time relevant legislation.
Data Protection Officer
Martin Bergqvist – [email protected]
Digital Brain Nordic AB
Kungsportsaveneyen 21, 41136 Göteborg Sverige