Last modified: June 01, 2023
This Privacy Notice (“Policy”) describes the information that we gather on or through the Service, how we use and disclose such information, and the steps we take to protect such information.
This Policy is incorporated into, and is subject to, the Brilbook Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the Brilbook Terms of Service.
The addresses of our offices, can be found at https://brilbook.com/contact-us.
“Client” means a customer of Brilbook.
“Client Data” means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.
“Restricted Area” means the area of the Site that can be accessed only by Users, and where access requires logging in.
“User” means an employee, agent, or representative of a Client, who primarily uses the restricted areas of the Site for the purpose of accessing the Service in such capacity.
“Visitor” means an individual other than a User, who uses the public area, but has no access to the restricted areas of the Site or Service.
2. Roles & Responsibilities
Brilbook is the controller of your Personal Data, as described in this Privacy Notice, unless otherwise stated.
Please note that this Privacy Notice does not apply to the extent that we process Personal Data in the role of a processor (or a comparable role such as a “service provider” in certain jurisdictions) on behalf of our Clients, including where we offer to our Clients various cloud products and services, through which our Clients (and/or their affiliates) connect their own websites and applications to our hosted platform, sell or offer their own products and services, send electronic communications to other individuals, or otherwise collect, use, share or process Personal Data via our cloud products and services. In such cases, Brilbook does not own, control or direct the use of any of the Client Data stored or processed by a client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. The Client or the User is the data controller under the Regulation for any Client Data containing Personal Data.
For detailed privacy information applicable to situations where a Brilbook Client (and/or a Client affiliate) who uses Brilbook’s cloud products and services is the controller, please reach out to the respective Client directly. We are not responsible for the privacy or data security practices of our Clients, which may differ from those set forth in this Privacy Notice. If not stated otherwise either in this Privacy Notice or in a separate disclosure, we process such Personal Data in the role of a processor or service provider on behalf of a Client (and/or its affiliates), who is the responsible controller of the applicable Personal Data.
If your Personal Data has been submitted to us by or on behalf of a Brilbook Client and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Client directly.
Brilbook is largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users.
Except as provided in this Privacy Notice, Brilbook does not independently cause Client Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties, except to third party who may process such data on behalf of Brilbook in connection with Brilbook’s provision of Services to Clients.
Brilbook is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or third-party servers) at the discretion of the Client or User nor is Brilbook responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information.
3. The Information We Collect
We collect different types of information from or through the Service.
3.1 Information you provide directly to Brilbook
- Account signup: When you sign up for an account to access one or more of our services, we ask for information like your name, contact number, email address, company name and country to complete the account signup process. You may also provide us with more information such as your photo, time zone and language, but we don’t require that information to sign up for an account.
- Event registrations and other form submissions: We record information that you submit when you (i) register for any event, including webinars or seminars, (ii) subscribe to our newsletter or any other mailing list, (iii) submit a form in order to download any product, whitepaper, or other materials, (iv) participate in contests or respond to surveys, or (v) submit a form to request customer support, or to contact Brilbook for any other purpose.
- Payment processing: When you buy something from us, we ask you to provide your name, contact information, and credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiry date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers
- Testimonials: When you authorize us to post testimonials about our products and services on websites, we may include your name and other personal information in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it. If you wish to update or delete your testimonial, you can contact us at email@example.com.
- Interactions with Brilbook: We may record, analyse and use your interactions with us, including email, telephone, and chat conversations with our sales and customer support professionals, for improving our interactions with you and other customers.
3.2 Information Collected by Clients
A Client or User may store or upload Client Data into the Service. Brilbook has no direct relationship with the individuals whose Personal Data it hosts as part of Client Data. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data.
3.3 Automatically Collected Information
- Information from browsers, devices and servers: When you visit our websites, we collect information that web browsers, mobile devices and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information. We include these in our log files to understand more about visitors to our websites.
- Information from application logs and mobile analytics: We collect information about your use of our products, services and mobile applications from application logs and in-house usage analytics tools and use it to understand how your use and needs can improve our products. This information includes clicks, scrolls, features accessed, access time and frequency, errors generated, performance data, storage utilized, user settings and configurations, and devices used to access and their locations.
3.4 Information that we collect from third parties.
- Referrals: If someone has referred any of our products or services to you through any of our referral programs, that person may have provided us your name, email address and other personal information. You may contact us at firstname.lastname@example.org to request that we remove your information from our database. If you provide us information about another person, or if another person gives us your information, we will only use that information for the specific reason for which it was provided to us.
- Information from our reselling partners and service providers: If you contact any of our reselling partners, or otherwise express interest in any of our products or services to them, the reselling partner may pass your name, email address, company name and other information to Brilbook. If you register for or attend an event that is sponsored by Brilbook, the event organizer may share your information with us. Brilbook may also receive information about you from review sites if you comment on any review of our products and services, and from other third-party service providers that we engage for marketing our products and services.
- Information we collect and process when you integrate the Service with third parties: You may connect third party integrations to your Brilbook account, which may ask for certain permissions to access data or send information to or from your Brilbook account. It is your responsibility to review any third-party integrations you authorize. We may collect information about what types of integrations you use in your Brilbook account. Any permission(s) granted by you, grants these third parties access to your data, which may include (but is not limited to) granting third party applications access to view, store, and modify your Brilbook account data. We are not responsible for the practices of third-party integrations, so please carefully review the permissions you grant to third party applications.
- Information from social media sites and other publicly available sources: When you provide feedback or reviews about our products, interact, or engage with us on marketplaces, review sites or social media sites such as Facebook, Twitter, LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or to reproduce and publish your feedback on our websites. We must tell you that once collected, this information may remain with us even if you delete it from these sites. Brilbook may also add and update information about you, from other publicly available sources.
4. How We Use the Information We Collect
We use the information that we collect in a variety of ways in providing the Service and operating our business, including the following:
We use the information – other than Client Data - to operate, maintain, enhance and provide all features of the Service.
- To set up and maintain your account, and to do all other things required for providing our services, such as enabling collaboration, providing website and email hosting, and backing up and restoring your data.
- To provide customer support, and to analyse and improve our interactions with customers;
- To detect and prevent fraudulent transactions and other illegal activities, to report spam, and to protect the rights and interests of Brilbook, Brilbook’s users, third parties and the public.
We process Client Data solely in accordance with the directions provided by the applicable Client or User.
We use the information:
- To understand how users use our products and services, to monitor and prevent problems, and to improve our products and services.
- To analyse trends, administer our websites, and track visitor navigations on our websites to understand what visitors are looking for and to better help them.
Should this purpose require Brilbook to process Client Data, then the data will only be used in anonymized or aggregated form.
In addition to the purposes mentioned above, we may use your information for the following purposes:
- To communicate with you (such as through email) about products and materials that you have downloaded and services that you have signed up for, changes to this Privacy Notice, changes to the Terms of Service, or important notices.
- To keep you posted on new products and services, upcoming events, offers, promotions and other information that we think will be of interest to you.
- To ask you to participate in surveys, or to solicit feedback on our products and services;
- To update, expand and analyse our records, identify new customers, and provide products and services that may be of interest to you;
- To monitor and improve marketing campaigns and make suggestions relevant to the user.
4.5 Legal Bases for Processing Personal Data (for United Kingdom and European Economic Area and other relevant jurisdictions)
If you are an individual in the United Kingdom, the European Economic Area (EEA), or of another relevant jurisdiction, we collect and process information about you only where we have a legal basis or bases for doing so under applicable laws. The legal bases depend on the products and services that your organization has purchased from Brilbook, how such products and services are used, and how you choose to interact and communicate with Brilbook’s websites, systems, and whether you attend Brilbook events. This means we collect and use your Personal Data only where:
- We need it to operate and provide you with our products and services, provide customer support and personalized features, and to protect the safety and security of our products and services.
- It satisfies a legitimate interest of Brilbook’s (which is not overridden by your data protection interests and rights), such as for research and development, to provide information to you about our products and services that we believe you and your organization may find useful, and to protect our legal rights and interests.
- You give us consent to do so for a specific purpose; or
- We need to comply with a legal obligation.
Where we rely on legitimate interests to process your Personal Data, you can object to that processing as described below under “Your Choices.” In response to your objection, we will stop processing your information for the relevant purposes unless we have compelling grounds in the circumstances, or the processing is necessary in the context of legal claims. Brilbook may also process other information that constitutes your Personal Data for direct marketing purposes and you have a right to object to Brilbook’s use of your Personal Data for this purpose at any time.
4.6 Additional Limits on Use of Your Google User Data
Notwithstanding anything else in this Privacy Notice, if you provide Brilbook access to your Google data (e.g., when you enable the email sync feature with your Google account), Brilbook’s use of that data will be subject to these additional restrictions:
- Brilbook will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- Brilbook will not use this Gmail data for serving advertisements.
- Brilbook will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for Brilbook’s internal operations and even then, only when the data have been aggregated and anonymized.
Brilbook’s use of information received and Brilbook’s transfer of information to any other app from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
5. To Whom We Disclose Information
Except as described in this Notice, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User or Client. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
5.1 Unrestricted Information
Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.
5.2 Other Users in Your Company Account
Certain information about your use of the Brilbook Services is available to the administrator(s) of your Brilbook Account and, depending on the settings chosen by the Users of the Account, also to other Users for the purposes of providing the Brilbook Services.
5.3 Service Providers
We work with third party service providers who provide website, application development, hosting, maintenance, security and fraud detection, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.
5.4 Brilbook Communities, Marketplace and Other User Generated Content
We make available various community forums and self-help support materials, as well as blogs and other means for you to post information on our websites. This information you post is publicly-available information that you choose to disclose and it may be read, collected, and processed by others that visit these websites. Except for username (which may be your real name) and the details that you choose to include in your profile, the categories of data disclosed in these circumstances will depend on what information you choose to provide. Your posts and certain profile information may remain even after you terminate your Brilbook account. We urge you to consider the sensitivity of any information you may disclose in this way. We will correct or delete any information you have posted on the websites if you so request, as described in Section 10 "Your Choices" below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.
5.5 Social Media
Brilbook’s websites may use social media features, such as the Facebook “like” button, LinkedIn and Twitter sharing features, and other similar widgets (“Social Media Features”). You may be given the option by such Social Media Features to post information about your activities on a website to a profile page of yours that is provided by a third-party social media network in order to share content with others within your network. Social Media Features are either hosted by the respective social media network or hosted directly on our websites. To the extent the Social Media Features are hosted by the respective social media networks, and you click through to these from our website, the latter may receive information showing that you have visited our website. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our websites with your social media profile. Your interactions with Social Media Features are governed by the privacy policies (and any other applicable terms) of the respective companies that provide the relevant Social Media Features.
5.6 Advertising and Marketing
5.8 Non-Personally Identifiable Information
We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Clients’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service, all of the foregoing being subject to additional limits on use of your data as stated in this Privacy Notice.
5.9 Law Enforcement, Legal Process and Compliance
We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available, or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others.
5.10 Change of Ownership
6. Data Security
At Brilbook, we take data security very seriously. We have taken steps to implement appropriate administrative, technical & physical safeguards to prevent unauthorized access, use, modification, disclosure or destruction of the information you entrust to us. These measures have been audited and certified to industry standards. However, no security system is perfect, and due to the inherent nature of the Internet, we cannot guarantee that data, including Personal Data, is absolutely safe from intrusion or other unauthorized access by others. You are responsible for protecting your password(s) and other authentication factors, as well as maintaining the security of your devices.
7. International Data Transfers
Brilbook may transfer your Personal Data to countries other than the one in which you live, including transfers to the United Kingdom. To the extent that Personal Data is transferred abroad, Brilbook will ensure compliance with the requirements of the applicable laws in the respective jurisdiction in line with Brilbook’s obligations.
In particular, we offer the following safeguards if Brilbook transfers Personal Data from jurisdictions with differing data protection laws:
- European Commission’s Standard Contractual Clauses. Brilbook uses Standard Contractual Clauses approved by the European Commission (and the equivalent standard contractual clauses for the UK where appropriate) for transfers to countries not subject to an adequacy decision by the European Commission or your local legislature and/or regulator.
Privacy Shield; Brilbook participates and complies with the EU-U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information of individuals in the European Union. Brilbook Inc. has been certified by the Department of Commerce that it adheres to the Privacy Shield Principles. Please note that we do not rely on the EU-US Privacy Shield as a data transfer mechanism. To learn more about the Privacy Shield program and to view our certification, please visit https://www.privacyshield.gov/welcome. In compliance with the Privacy Shield Principles, Brilbook commits to resolving complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Brilbook’s Data Protection Team at email@example.com. Brilbook has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) concerning unresolved Privacy Shield complaints concerning human resources data and non-human resources data transferred from the EU. In any matters relating to the EU-U.S. Privacy Shield Framework, Brilbook is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
8. Minors and Children’s Privacy
Protecting the privacy of young children is especially important. Our Service is not directed nor intended to children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at firstname.lastname@example.org and request that we delete that child’s Personal Data from our systems.
9. Data Retention
We will retain your Personal Data for a period of time that is consistent with the original purpose of the data collection, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.
For Brilbook Services:
- the contents of closed accounts are deleted within 6 months of the date of closure;
- the content of closed Free Trial Accounts are deleted within 30 days of the date of closure;
- server archival backups are kept for 3 months.
10. Your Choices
10.1 Your rights with respect to information we hold about you as a controller
- Right to access – you have the right to know which data we hold about you (if any).
- Right to data rectification – you have the right to require corrections to your Personal Data in case they are inaccurate or incomplete.
- Right to data deletion – you have the right under certain conditions to request the deletion of your Personal Data including in situations where the processing of your Personal Data is no longer necessary for the purposes for which it was collected, or if the processing of your Personal Data was based on your consent and you wish to withdraw your consent, and there are no other grounds for processing your Personal Data.
- Right to restriction of processing – You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Right to data portability – You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means.
- Right to object – You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing.
- Right to complain – You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. This right may not be available to you if there is no supervisory authority dealing with data protection in your country.
We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “How to Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database. Additionally,
- You may update, correct, or delete your Account information and preferences at any time by accessing your Account settings page on the Service. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
- You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.
- Optional information: You can choose not to provide optional profile information such as your photo. You can also delete or change your optional profile information.
- You can always choose not to fill in non-mandatory fields when you submit any form linked to our websites.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact Brilbook’s Data Protection Team at email@example.com.
10.2 Navigation Information
You may opt out from the collection of navigation information about your visit to the Site by Google Analytics by using the Google Analytics Opt-out feature. You can disable browser cookies before visiting our websites. However, if you do so, you may not be able to use certain features of the websites properly.
10.3 Opting out from Commercial Communications
You may opt out of receiving newsletters and other non-essential messages by using the ‘unsubscribe' function included in all such messages or by sending an email to the address provided in the “How to Contact Us” section. Please note that you will continue to receive essential notices and emails such as account notification emails (password change, renewal reminders, etc.), security incident alerts, security and privacy update notifications, and essential transactional and payment related emails. Users are able to view and modify settings relating to the nature and frequency of promotional communications that they receive from us by accessing the “Account functionality” tab on the Service.
10.4 Information processed on Brilbook Client’s behalf
Brilbook has no direct relationship with the Client’s customers or third party whose Personal Data it may process on behalf of a Client. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the Client or User they deal with directly.
Brilbook Clients can delete, amend or block access to any Personal Data inside Brilbook application, or by contacting Brilbook Support.
11. Changes and Updates to this Notice
Please revisit this page periodically to stay aware of any changes to this Notice, which we may update from time to time. If we modify the Notice, we will make it available through the Service, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Service after the revised Notice has become effective indicates that you have read, understood and agreed to the current version of the Notice.
12. How to Contact Us
Please contact us with any questions or comments about this Policy, your Personal Data, our use and disclosure practices, or your consent choices by email at firstname.lastname@example.org. If you have any concerns or complaints about this Notice or your Personal Data, you may contact Brilbook’s Data Protection Team by email at email@example.com.