Privacy Policy - Bravely

Last updated Introduction Changes to the privacy policy Information we collect and how we collect information How we use your information Disclosure of your information Choices about how we collect, use, and disclose your information Accessing and correcting your information Third parties; Links to third-party sites Data retention Children under the age of 13 EU-US Privacy Shield Compliance Transfer of Personal Information; International Visitors Security Information applicable to EU users Contact information

Last updated

June 12, 2019

Introduction

Bravely, Inc. (“we” or “us”), respect your (“you” or “your”) privacy and are committed to protecting it through our compliance with this policy (“Privacy Policy”). This Privacy Policy describes our practices for collecting, using, maintaining, protecting, and disclosing information that we collect from you or that you provide to us when you visit our website, www.workbravely.com (the “Site”) or use any of our other products, services and applications made available by us from time to time (collectively, the “Services”).

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. By accessing or using the Services, you agree to this Privacy Policy. If you do not agree with our policies and practices, your choice is not to use the Services.

Changes to the privacy policy

We work hard to improve the Services for you, so this Privacy Policy may change from time to time. We’ll make sure to change the “Effective Date” at the top of this page so you can tell if this Privacy Policy has changed since your last visit. We’ll also update you when we make significant changes, either through a pop-up notice on the Services, via email or through other reasonable means. If you continue to use the Services after we make any changes to this Privacy Policy, you agree to be bound by this Privacy Policy as modified. If you don’t agree with any changes that we make to this Privacy Policy, you unfortunately will no longer be able to use the Services.

Information we collect and how we collect information

This policy sets out what personal data we might collect, how we process and protect that data and the lawful grounds for that processing. In most cases, the lawful ground will be that the processing: (i) is necessary for our legitimate interests in carrying out our business, including to grow and improve our Services, provided those interests are not outweighed by your rights and interests (“Legitimate Interests”), (ii) is necessary to perform a contract with you (“Contract”), or (iii) we have a legal obligation to carry out the processing (“Legal Obligation”). Where processing is based on your consent (“Consent”), we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent.

The information we collect from you falls into two categories: personally identifiable information, including your name, phone number, employment information (such as your work address, employment status, title), and email, as well as any other personally identifiable information you may provide voluntarily, such as the description of the your issues and challenges at work, and demographic information such as your age, gender and race (“Personal Information”) and non-personally identifiable information (i.e., information that cannot be used to identify who you are)(“Non-Personal Information”). Below are the various ways in which we may collect Personal Information and Non-Personal Information from you.

Information We Automatically Collect. Like most websites and apps, our Services may incorporate technology such as “pixel tags,” “web beacons,” and “cookies” that allow us to track the actions of users of our Services automatically. Pixel tags or web beacons are tracking devices on websites or in emails that can monitor the behavior of the user visiting the website or sending the email, and cookies are small files that web servers may place on your computer when you visit a website. These automatic tracking tools allow us to collect Non-Personal Information, such as browser information, information about when you access the Services, details of how you used our Services, such as what pages you viewed and for how long, the website address that linked you to our Site, the website that you visit after using our Services, and whether you opened our emails. We may also collect information about your mobile device when you use our mobile application or otherwise access the Services from your mobile device, including the device’s unique device identifier, location information, operating system, browser type, IP address, and mobile network information. We will not access metadata or other information stored on your mobile device, such as photographs, audio or video clips, personal contacts, or address book information.

Third Party Analytics. We may use third party analytics such as Google Analytics, Mixpanel, and Metabase (“Analytics Services”) to collect data about our Services via cookies and anonymous identifiers. We do not facilitate the merging of Personal Information with Non-Personal Information previously collected through these Analytics Services. Any data collected will be used in accordance with this Privacy Policy and the privacy policies of these third party service providers.

Third-Party Information Collection. In addition, when you use our Services, certain third parties such as device manufacturers, platform providers and advertisers may use cookies or other automatic information collection technologies to collect information, including Personal Information, about you, your online activities over time and across different websites, apps or other online services websites, or your device. We do not control these third parties’ tracking technologies or how they may be used. If you have questions about an advertisement or other targeted content, you should review the privacy policies of those service providers or contact them directly.

Information You Voluntarily Provide to Us. If you contact us by phone, email, social media, or by some other means, we may keep a record of your contact information (including your name, company name, email address, and phone number) and the voice recording or written correspondence for later reference. We may also keep a record of any registration forms, surveys or questionnaires that you voluntarily fill out on our Site, in-person, or through your use of the Services.

Pro Sessions. If you engage in a session with one of our experts (a “Pro”) on the phone or otherwise communicate with them via text, through email or other means, we will record and transcribe these phone calls and keep a record of these written exchanges for quality assurance purposes.

Publicly Posted. If you post information on public areas of the Services (i.e., comments or blog), that information is visible to and may be collected, stored and used by anyone. We recommend you be cautious about giving out Personal Information to others or sharing Personal Information in public or online forums. We are not responsible for the actions of any third parties with whom you share Personal Information.

How we use your information

We may use information that we collect about you or that you provide to us, including Personal Information, to measure usage of the Services, to analyze the effectiveness of our Services, to improve and enhance functionality of the Services, to customize the Services for you, to develop new products and services, to provide support for the Services and respond to requests and inquiries, to provide you with notices via email, text or other methods of communications, such as updates or changes that we may make to the Services, and to market and advertise the Services through promotional email messages.

We may from time to time aggregate some of your Personal Information in certain data analysis, reports, or other interpretations of investment trends for both internal and external purposes.

If we intend to use any Personal Information in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Information is collected.

Disclosure of your information

We take privacy very seriously, and we do not and will not sell, rent, or trade your Personal Information to any other third parties. Solely to the extent necessary to perform the Services as described, we will disclose your Personal Information to service providers, such as vendors, technical agents, subcontractors and consultants, to perform certain business-related functions that help make the Services and our offerings available and functional (e.g., web site hosting, maintenance, user experience improvements, email delivery services, and texting and other communication services). We contractually require these third-party service providers to maintain the confidentiality of the information we share with them, and we contractually require them not to use your information for anything other than to provide services on our behalf.

We will not, as a general policy, provide your employers with access to any of your information. However, we reserve the right to disclose your information if, and only if, we determine in our sole discretion that we are ethically required to do so in order to prevent harm to you or to a third party. In such limited instances, we will only disclose that portion of information that we determine, in our sole discretion, is absolutely necessary to prevent any such harm.

We will not disclose your information to a governmental body or to any other third party unless we are legally required to do so pursuant to a valid court order, any other legal order, or a criminal or civil subpoena.

In addition to the disclosures for the purposes above, we may disclose your Personal Information and Non-Personal Information to a buyer or other successor as part of a merger, acquisition, change of control or other similar business transfer, or in specific other cases with your express prior written consent.

We may disclose aggregated user statistics and other data with our clients (which may include your employer), affiliates, agents and current or prospective business partners. In connection with any such disclosure, we will at all times seek to protect your privacy and to ensure that this aggregate information does not personally identify you.

Choices about how we collect, use, and disclose your information

We strive to provide you with choices regarding our collection, use and disclosure of the information you provide to us. The mechanisms listed below seek to provide you with control over such collection, use and disclosure:

Marketing Communication. If you do not want us to send you marketing or promotional communications, you can opt-out by following the unsubscribe link in any such promotional email. We will not be able to remove your information from the database of any third parties to whom you have previously authorized us to share such information. Please also note that we may still send you important administrative messages.

Voice and Text Communications. To stop receiving phone calls or text messages, please email us at hello@workbravely.com.

Location Information. You can choose whether or not to allow the mobile app to collect and use real-time information about your device’s location through the device’s privacy settings. If you block the use of location information, some parts of the mobile app may then be inaccessible or not function properly.

Cookies. You have the option to accept or disable cookies at any time through your browsers. You may refuse to accept browser cookies by activating the appropriate setting on your browser or activating the appropriate settings in your smartphone. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see http://kb2.adobe.com/cps/526/52697ee8.html. If you choose to disable your cookies, your user experience may be limited.

Google Analytics. You can opt out of tracking by Google Analytics by going to https://tools.google.com/dlpage/gaoptout/.

Do Not Track Signals. Third parties may keep track of your browsing activities across third party websites. Certain web browsers enable users to activate a “Do Not Track” signal but we do not currently respond to the “Do Not Track” signal or other similar mechanisms.

Notice to California Residents. California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

To request any other changes or information about our collection, use or disclosure of your information, please email us at hello@workbravely.com.

Accessing and correcting your information

If you wish to access, update, correct or delete any Personal Information in our possession that you have previously submitted via the Services, please contact us at hello@workbravely.com.

Please note that we are not responsible for storing any information or content that you provide to us or a Pro or for any content or information that we or a Pro provide to you. You are solely responsible for retaining backup files of any information and content that you provide or receive in connection with the Services.

Third parties; Links to third-party sites

This Privacy Policy applies only to the Services. The Services may contain links to other web sites not operated or controlled by us, and the policies and procedures described in this Privacy Policy do not apply to those third party sites, even if you access them through the Services. The links from the Services do not imply that we endorse or have reviewed the third party sites. We encourage you to carefully review the privacy policies of any third party sites you access so you know how they will use and share your information.

Data retention

We strive to keep your information only as long as we need it for legitimate business purposes and as permitted by applicable legal requirements. If you close your account, we will retain certain data for analytical purposes and recordkeeping integrity, as well as to prevent fraud, enforce our Terms of Use, take actions we deem necessary to protect the integrity of our Services or our users, or take other actions otherwise permitted by law. In addition, if certain information has already been provided to third parties as described in this Privacy Policy, retention of that information will be subject to those third parties’ policies.

Children under the age of 13

Our Services are intended for users who are 18 years of age and older. If you are under the age of 13, you are not permitted to submit any Personal Information to us. If you believe we might have any information from or about a child under 13, please contact us at hello@workbravely.com.

EU-US Privacy Shield Compliance

The Company complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from Individual Customers in the European Union member countries. The Company has certified that it adheres to the Privacy Shield Privacy Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement, and liability. As part of Privacy Shield compliance, the Company is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). The Company also commits to cooperate with European Union data protection authorities and will comply with advice given by such authorities with regard to human resources data transferred from the European Union in the context of the employment relationship. If there is any conflict between the policies in this privacy policy and the Privacy Shield Privacy Principles, the Privacy Shield Privacy Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

In compliance with the Privacy Shield Principles, the Company commits to resolve complaints about our collection or use of your personal information. If you have inquiries or complaints regarding our Privacy Shield policy, please contact us at hello@workbravely.com.

The Company has committed to refer unresolved Privacy Shield complaints to ICDR/AAA, an alternative dispute resolution provider located in the United States. Under certain conditions, you may be allowed to invoke binding arbitration. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.adr.org/aaawebfile for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you.

In the context of an onward transfer, we have responsibility for the processing of personal information we receive under the Privacy Shield and subsequently transfer to a third party acting as an agent on our behalf. The Company shall remain liable if our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.

Transfer of Personal Information; International Visitors

Personal Information collected through the Services may be stored and processed in the United States or any other country in which Bravely or its subsidiaries, affiliates, or service providers maintain facilities. If you are located in the European Union or other jurisdictions with laws governing data collection that differ from U.S. law, you acknowledge that we may transfer Personal Information to a country or jurisdiction that has different data protection laws than the data protection laws of the country in which you reside and you expressly consent to the transfer of information, including Personal Information, to the United States or any other country in which Bravely or its subsidiaries, affiliates or service providers maintain facilities.

Security

We take reasonable steps to protect the Personal Information provided to us from loss, misuse, and unauthorized access, disclosure, alteration, or destruction and the Personal Information that we collect is secured behind a firewall. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Information to us via the Internet.

We use Twilio to make and receive phone calls and text messages and record these communications. For additional information on how Twilio secures your personal information, please refer to Twillo’s privacy policy located at: https://www.twilio.com/legal/privacy.

Information applicable to EU users

The General Data Protection Regulation or “GDPR” gives certain rights to individuals in the European Union in relation to their personal data. As available and except as limited under applicable law, the rights afforded to individuals are:

Right of Access – the right to be informed of and request access to the personal data we process about you;
Right to Rectification – the right to request that we amend or update your personal data where it is inaccurate or incomplete;
Right to Erasure – the right to request that we delete your personal data;
Right to Restrict – the right to request that we temporarily or permanently stop processing all or some of your personal data;
Right to Object:
- The right, at any time, to object to us processing your personal data on grounds relating to your particular situation;
- The right to object to your personal data being processed for direct marketing purposes;
Right to Data Portability – the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service; and
Right not to be subject to Automated Decision-making – the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.

If you wish to exercise any of the above rights, please contact us at support@workbravely.com or hello@workbravely.com.

Contact information

If you have any questions about this Privacy Policy, please contact us at hello@workbravely.com.