BrainMD Privacy Policy

Last modified: September 1, 2021

Introduction: BMD, Inc., owner of BrainMD.com ("Company" or "We") is committed to protecting your privacy through this privacy policy (“Policy”). This Policy describes the kinds of information we may collect or that you may provide when you use BrainMD.com whether on your PC, laptop, or mobile device ("Platform") and our overall program for safeguarding, storing, processing, and sharing said data. If you oppose our policies and practices, you may not use the Platform. By accessing or using this Platform, you agree to this Policy and our Terms and Conditions. We may modify the Policy from time to time, such changes will be posted here. Please check the Platform regularly, as continued use of the Platform following the changes, will be deemed as though you agree to such changes.

Where We Collect:

  1. This policy applies to personal information (“PI”) we collect:
    1. on this Platform including via surveys and course enrollment;
    2. in electronic messages between you and this Platform including text messages;
    3. when you engage with our advertising on third-party platforms should those advertisements link to this Platform;
    4. via joint marketing partners;
    5. social media companies; and
    6. other service providers.
  2. It does not apply to information collected: Offline or via any other means such as publicly available or social media data.

Minors: Our Platform is not aimed at minors under 18 years of age. Minors may not provide any PI to the Platform. We never intentionally collect PI from minor. If you are a minor, do not use this Platform or provide us with any PI, register for or purchase from the Platform. If we learn we have PI from a child, we will delete it. If you believe we have PI belonging to minors, please contact us at privacy@brainmd.com.

PI We Collect: We collect types of PI from and about our users, directly and indirectly:

  1. Categories of PI: In the preceding 12 months, with consent we have collected, the following categories of PI:
    1. Identifiers: this includes name, address, telephone number, email address, IP address, and your BrainMD username and password.
    2. Customer Records.
    3. Commercial Purchasing Information: this includes financial details, products purchased or considered and rewards program participation.
    4. Sensitive personal data.
  2. Data Collected Automatically: Whether on an individual or aggregated basis, such as:
    1. Internet, Website Usage or Network Activity: such as device connected data, ad data, logs, other communications data and resources you access on the Platform, page views statistics, clicks and web traffic.
      1. Log Data: This includes details of your Platform use such as your originating URL, which browser or search terms you used on the Platform.
    2. Geolocation: via location services on your mobile device. We may collect near field communication protocols ("precise location information").
    3. Inferences Used to Profile: Such as behavior, preferences, and characteristics.
    4. Device and connection data: such IP address, OS, browser type over time and across third-party Platforms and other online services.
  3. Text Communications: If you elect to receive promotional text messages, you are providing your prior express written consent to receive such messages from us (each, a “Text Message”) sent via an automatic phone dialing system. These may include cart abandon messages. Message frequency varies. This service is optional and not a condition for purchase. You can opt out of receiving any further Messages from us any time by replying “STOP” to any Message you receive. Data obtained with any Message may include your cell telephone number, your provider’s name and date, time and content of your messages.

Automatic Collection Technologies: Automatic data collection technologies may include:

  1. Cookies: Cookie is a small file placed on the hard drive of your device. You may refuse to accept browser cookies via your browser settings. However, if you select such you may be unable to access certain parts of our Platform. Our system will issue cookies when you direct your browser to our Platform.
  2. Flash Cookies: Some of the Platform may use local stored objects (or Flash cookies) to collect and store data about preferences and navigation to, from, and on our Platform. Flash cookies are not managed by same browser settings as browser cookies.
  3. Web Beacons. The Platform may contain small electronic files known as web beacons (a.k.a. clear or single-pixel gifs and pixel tags) that permit us to count users who visited pages and other Platform statistics (i.e., popularity of content, verifying system integrity).

How We Collect: We collect this information:

  1. Directly from you (which may be used for profiling), by submitting PI on the Platform, you agree to our data processing, such as by:
    1. completing forms, requesting further services or other correspondence on our Platform,
    2. subscribing to our service,
    3. posting material (NOTE: this is at your own risk. No security measure is perfect, and we cannot control how other users will react to such posts),
    4. your responses to surveys that we might ask you to complete for research, for instance, to collect and retain our understanding of your brain type, and
    5. from transactions including financial data.
  2. Social Media. You can sign-in with platforms such as Facebook to verify your identity and you may share certain PI with us via the Platform. We may use plugins (e.g., the "Like" or "Share to LinkedIn" button) so you may easily interact with certain social media platforms and share information. When you visit our Platform, those platforms can place a cookie on your device to recognize recurring visitors. The plugins also allow those platforms to receive data from us. We may interact with you on such platforms if you contact us there, request services, or otherwise communicate directly with us.

How We Use Data: We store all PI in the United States and said data is subject to those relevant laws. We use data that we collect, or you provide, including any PI to:

  1. Present our Platform to you.
  2. Provide you with information, products, or services that you request from us.
  3. Fulfill any other purpose for which you provide such PI or any purpose with consent.
  4. Perform our duties and enforce our rights from agreements between you and us.
  5. Notify you of changes to our Platform, products, or services we offer or other direct marketing. You may opt-out of this by sending an email to privacy@brainmd.com with the subject line: OPT-OUT.
  6. In any other way we may describe when you provide PI.
  7. Research and analytics.
  8. Product development and to generally improve efficacy of our offerings.
  9. IT management, monitoring and data security including fraud detection and auditing.
  10. Protect our privacy, safety, rights or property (in litigation where PI is related, we may use or share without consent or court process) and allow us to pursue remedies to limit damages.
  11. Enforce or apply our terms of use and agreements, such as billing and collection.
  12. Legal Compliance: We may disclose PI if required or permitted by law such as for measures to safeguard your rights, freedoms, and legitimate interests, or in the good faith belief that such is necessary to:
    1. comply with a subpoena or similar legal obligation; or
    2. act in urgent situation to protect the safety of users of the Platform or the public.

Data Recipients: We may disclose PI we have about you, as described herein, to: 

  1. our subsidiaries, business partners, third parties and affiliates for business operations.
  2. a buyer or other successor in the event of a corporate action.
  3. third parties: providers of technology, human resources, auditors, professional advisors, benefits administration or direct marketers if you consented to such.

Choices On Use and Disclosure:

  1. Tracking Technologies: You can set your browser to alert you when cookies are being sent. Details of managing flash cookies can be found on the Adobe Platform. If you alter cookies, please note parts of this site may then be inaccessible or not function properly.
  2. Disclosure of Your Data: If you do not want us to use your PI for promotional purposes, you can opt-out by sending an email to privacy@brainmd.com with the subject line: OPT-OUT. This opt-out does not apply to any result of a purchase, service or any other transaction.
  3. Accessing and Correcting Your Information:
    1. We respond to data rights requests within a reasonable time. You can review and change your PI by sending an email to privacy@brainmd.com with the subject line: CHANGE-PI.  with ample verification that it is in fact you responding.
    2. You may also email us to exercise any data right or with specific questions about direct marketing. We cannot not delete your PI except by also deleting your account. We will not change PI if we believe it would violate any law or legal requirement or cause the data to be incorrect.
    3. If you delete your posts to the Platform, copies of such may remain in cached and archived pages or may have been copied or stored by other users. Any deletion request will be governed by our retention policy.
  4. Your Data Rights:
    1. Right to be Informed. The right to be informed about the processing of your PI. This Policy is designed to inform of how your data is processed and describe your rights.
    2. Right of Access. You have the right to access your PI and supplementary data to be aware of and verify the lawfulness of processing.
    3. Right to Rectification. You may have PI rectified if it is inaccurate or incomplete.
    4. Right to Erasure. You have the right to request deletion or removal of your PI where there is no compelling reason for its continued processing.
    5. Right to Restrict. You have the right to block or suppress processing of your PI.
    6. Right to Data Portability. You have the right to obtain and reuse PI that can be clearly linked to you, for your purposes. We will send you a copy in a commonly used and machine-readable format.
    7. Right to Object. You have the right to object when processing is based on legitimate interests, for the public interest, direct marketing, and for scientific research.
    8. Automated individual decision-making. You have the right not to be opined upon based solely on automated processing, including profiling. which produces legal or similarly significant effects. In the event automated decision making is used you may request human intervention prior to any automated decisions.
    9. Right to make a complaint with a supervisory authority or seek a judicial remedy.
    10. Request Fulfillment. We typically fulfill any such request without delay and no later than one month after its receipt. If we are not required to fulfill such or there is a delay, we will provide the rationale via email. Responses are provided free of charge, unless requests are patently unfounded or excessive, especially due to redundancy. You will never be discriminated against due to exercise of these rights or any others.

Data Security:

  1. Security Program: We implemented administrative, technical and physical measures to secure your PI from accidental loss and unauthorized access, use, and disclosure.
  2. Payments: Any payments will be encrypted.
  3. Your Duties: Security of your data also depends on you. You must keep your login credentials secure. Any transmission of PI is at your own risk.
  4. Our Duty: We are not responsible for bypassing of any privacy or security measures, or settings contained on the Platform.

Other Websites: Though our Platform may contain links to third-party owned and/or operated websites or mobile applications, we have no control over such. Accordingly, we assume no liability for their data practices. We suggest that you review their policies, if any, prior to providing such with any information.‍

Contact Information: For questions or comments about this Policy contact us at: privacy@brainmd.com.

DPO:

  1. Retention: When the need to process your PI ceases, we will either delete, de-identify or anonymize it, or, if not possible (i.e. as your PI has been stored in archives), we will securely store your PI and isolate it from any further processing until deletion is possible.
  2. Duration of Retention Examples:
    1. When You Interact with Business Expansion Functions: We may retain PI as long as necessary to provide you with your request for information or other responses. 
    2. Opening an Account: We may retain your PI for as long as your account is active, or to comply with our legal duties, preserve and protect our rights as allowed by law, resolve disputes, maintain security, prevent fraud and enforce our agreements.
  3. Personal Data Retention Periods
    1. Except as otherwise permitted or required by applicable law or regulation, we only retain PI for as long as necessary to fulfill its purpose, as required to satisfy any duties, or as necessary to resolve disputes. To determine the appropriate retention period for PI, we consider the amount, nature, and sensitivity of PI, potential risk of harm from unauthorized use or disclosure, the purposes, and any legal requirements.
    2. We typically retain PI for the periods below, subject to any exceptional circumstances or to comply with laws or regulations that require a specific retention period:
      1. PI 2.5 years;
      2. Device details, browser history, user activity and location details and user preferences: 120 days;
      3. contractual details including the goods and services provided: Indefinitely.