Last updated

May 10, 2023

Introduction

Bravely, Inc. (“we” or “us”), respect your (“you” or “your”) privacy and are committed to protecting it through our compliance with this policy (“Privacy Policy”).  This Privacy Policy describes our practices for collecting, using, maintaining, protecting, and disclosing information that we collect from you or that you provide to us when you visit our website, www.workbravely.com (the “Site”) or use any of our other products, services and applications made available by us from time to time (collectively, the “Services”).

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it.  By accessing or using the Services, you agree to this Privacy Policy.  If you do not agree with our policies and practices, your choice is not to use the Services.


Changes to the privacy policy

We work hard to improve the Services for you, so this Privacy Policy may change from time to time.  We’ll make sure to change the “Effective Date” at the top of this page so you can tell if this Privacy Policy has changed since your last visit.  We’ll also update you when we make significant changes, either through a pop-up notice on the Services, via email or through other reasonable means.  If you continue to use the Services after we make any changes to this Privacy Policy, you agree to be bound by this Privacy Policy as modified.  If you don’t agree with any changes that we make to this Privacy Policy, you unfortunately will no longer be able to use the Services.

Information we collect and how we collect information

This policy sets out what personal data we might collect, how we process and protect that data and the lawful grounds for that processing.  In most cases, the lawful ground will be that the processing:  (i) is necessary for our legitimate interests in carrying out our business, including to grow and improve our Services, provided those interests are not outweighed by your rights and interests (“Legitimate Interests”), (ii) is necessary to perform a contract with you (“Contract”), or (iii) we have a legal obligation to carry out the processing (“Legal Obligation”).  Where processing is based on your consent (“Consent”), we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent.

The information we collect from you falls into two categories:  personally identifiable information, including your name, phone number, employment information (such as your work address, employment status, title), and email, as well as any other personally identifiable information you may provide voluntarily, such as the description of the your issues and challenges at work, and demographic information such as your age, gender and race (“Personal Information”) and non-personally identifiable information (i.e., information that cannot be used to identify who you are) (“Non-Personal Information”).  Below are the various ways in which we may collect Personal Information and Non-Personal Information from you.

Information we automatically collect.  Like most websites and apps, our Services may incorporate technology such as “pixel tags,” “web beacons,” and “cookies” that allow us to track the actions of users of our Services automatically.  Pixel tags or web beacons are tracking devices on websites or in emails that can monitor the behavior of the user visiting the website or sending the email, and cookies are small files that web servers may place on your computer when you visit a website.  These automatic tracking tools allow us to collect Non-Personal Information, such as browser information, information about when you access the Services, details of how you used our Services, such as what pages you viewed and for how long, the website address that linked you to our Site, the website that you visit after using our Services, and whether you opened our emails.  We may also collect information about your mobile device when you use our mobile application or otherwise access the Services from your mobile device, including the device’s unique device identifier, location information, operating system, browser type, IP address, and mobile network information.  We will not access metadata or other information stored on your mobile device, such as photographs, audio or video clips, personal contacts, or address book information.

Third Party analytics. We may use third party analytics such as Google Analytics and Mixpanel (“Analytics Services”) to collect data about our Services via cookies and anonymous identifiers.  We do not facilitate the merging of Personal Information with Non-Personal Information previously collected through these Analytics Services.  Any data collected will be used in accordance with this Privacy Policy and the privacy policies of these third party service providers.

Third-Party Information Collection.  In addition, when you use our Services, certain third parties such as device manufacturers, platform providers and advertisers may use cookies or other automatic information collection technologies to collect information, including Personal Information, about you, your online activities over time and across different websites, apps or other online services websites, or your device.  We do not control these third parties’ tracking technologies or how they may be used.  If you have questions about an advertisement or other targeted content, you should review the privacy policies of those service providers or contact them directly.

Information You Voluntarily Provide to Us.  If you contact us by phone, email, social media, or by some other means, we may keep a record of your contact information (including your name, company name, email address, and phone number) and the voice recording or written correspondence for later reference.  We may also keep a record of any registration forms, surveys or questionnaires that you voluntarily fill out on our Site, in-person, or through your use of the Services.

Coaching Sessions.  If you engage in a session with one of our experts (a “Coach”) on the phone or otherwise communicate with them via text, through email or other means, we may record and transcribe these phone calls and keep a record of these written exchanges for quality assurance and training purposes.

Publicly Posted.  If you post information on public areas of the Services (i.e., comments or blog), that information is visible to and may be collected, stored and used by anyone.  We recommend you be cautious about giving out Personal Information to others or sharing Personal Information in public or online forums.  We are not responsible for the actions of any third parties with whom you share Personal Information.

How we use your information

We may use information that we collect about you or that you provide to us, including Personal Information, to measure usage of the Services, to analyze the effectiveness of our Services, to improve and enhance functionality of the Services, to customize the Services for you, to develop new products and services, to provide support for the Services and respond to requests and inquiries, to provide you with notices via email, text or other methods of communications, such as updates or changes that we may make to the Services, and to market and advertise the Services through promotional email messages.

We may from time to time aggregate some of your Personal Information in certain data analysis, reports, or other interpretations of investment trends for both internal and external purposes.

If we intend to use any Personal Information in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Information is collected.

Disclosure of your information

We take privacy very seriously, and we do not and will not sell, rent, or trade your Personal Information to any other third parties.  Solely to the extent necessary to perform the Services as described, we will disclose your Personal Information to service providers, such as vendors, technical agents, subcontractors and consultants, to perform certain business-related functions that help make the Services and our offerings available and functional (e.g., web site hosting, maintenance, user experience improvements, email delivery services, and texting and other communication services).  We contractually require these third-party service providers to maintain the confidentiality of the information we share with them, and we contractually require them not to use your information for anything other than to provide services on our behalf.

We will not, as a general policy, provide your employers with access to any of your information.  However, we reserve the right to disclose your information if, and only if, we determine in our sole discretion that we are ethically required to do so in order to prevent harm to you or to a third party.  In such limited instances, we will only disclose that portion of information that we determine, in our sole discretion, is absolutely necessary to prevent any such harm.

We will not disclose your information to a governmental body or to any other third party unless we are legally required to do so pursuant to a valid court order, any other legal order, or a criminal or civil subpoena.

In addition to the disclosures for the purposes above, we may disclose your Personal Information and Non-Personal Information to a buyer or other successor as part of a merger, acquisition, change of control or other similar business transfer, or in specific other cases with your express prior written consent.

We may disclose aggregated, anonymized and/or de-identified user statistics and other data with our clients (which may include your employer), affiliates, agents and current or prospective business partners.  In connection with any such disclosure, we will at all times seek to protect your privacy and to ensure that this aggregate information does not personally identify you.

Choices about how we collect, use, and disclose your information

We strive to provide you with choices regarding our collection, use and disclosure of the information you provide to us.  The mechanisms listed below seek to provide you with control over such collection, use and disclosure:

Marketing Communication.  If you do not want us to send you marketing or promotional communications, you can opt-out by following the unsubscribe link in any such promotional email. We will not be able to remove your information from the database of any third parties to whom you have previously authorized us to share such information. Please also note that we may still send you important administrative messages.

Voice and Text Communications.  To stop receiving phone calls or text messages, please email us at privacy@workbravely.com.

Location Information.  You can choose whether or not to allow the mobile app to collect and use real-time information about your device’s location through the device’s privacy settings.  If you block the use of location information, some parts of the mobile app may then be inaccessible or not function properly.

Cookies.  You have the option to accept or disable cookies at any time through your browsers.  You may refuse to accept browser cookies by activating the appropriate setting on your browser or activating the appropriate settings in your smartphone.  Flash cookies are not managed by the same browser settings as are used for browser cookies.  For information about managing your privacy and security settings for Flash cookies, see http://kb2.adobe.com/cps/526/52697ee8.html.  If you choose to disable your cookies, your user experience may be limited.

Google Analytics.  You can opt out of tracking by Google Analytics by going to https://tools.google.com/dlpage/gaoptout/.

Do Not Track Signals.  Third parties may keep track of your browsing activities across third party websites.  Certain web browsers enable users to activate a “Do Not Track” signal but we do not currently respond to the “Do Not Track” signal or other similar mechanisms.

To request any other changes or information about our collection, use or disclosure of your information, please email us at privacy@workbravely.com.

Accessing and correcting your information

If you wish to access, update, correct or delete any Personal Information in our possession that you have previously submitted via the Services, please contact us at privacy@workbravely.com.

Please note that we are not responsible for storing any information or content that you provide to us or a Coach or for any content or information that we or a Coach provide to you.  You are solely responsible for retaining backup files of any information and content that you provide or receive in connection with the Services.

Third parties; Links to third-party sites

This Privacy Policy applies only to the Services.  The Services may contain links to other web sites not operated or controlled by us, and the policies and procedures described in this Privacy Policy do not apply to those third party sites, even if you access them through the Services.  The links from the Services do not imply that we endorse or have reviewed the third party sites.  We encourage you to carefully review the privacy policies of any third party sites you access so you know how they will use and share your information.

Data retention

We strive to keep your information only as long as we need it for legitimate business purposes and as permitted by applicable legal requirements.  If you close your account, we will retain certain data for analytical purposes and recordkeeping integrity, as well as to prevent fraud, enforce our Terms of Use, take actions we deem necessary to protect the integrity of our Services or our users, or take other actions otherwise permitted by law.  In addition, if certain information has already been provided to third parties as described in this Privacy Policy, retention of that information will be subject to those third parties’ policies.

Children under the age of 13

Our Services are intended for users who are 18 years of age and older.  If you are under the age of 13, you are not permitted to submit any Personal Information to us.  If you believe we might have any information from or about a child under 13, please contact us at privacy@workbravely.com.

Security

We take reasonable steps to protect the Personal Information provided to us from loss, misuse, and unauthorized access, disclosure, alteration, or destruction and the Personal Information that we collect is secured behind a firewall.  However, no Internet or e-mail transmission is ever fully secure or error free.  In particular, email sent to or from the Services may not be secure.  Therefore, you should take special care in deciding what information you send to us via e-mail.  Please keep this in mind when disclosing any Personal Information to us via the Internet.

We use Twilio to make and receive phone calls and text messages and record these communications.  For additional information on how Twilio secures your personal information, please refer to Twillo’s privacy policy located at:  https://www.twilio.com/legal/privacy.

Information applicable to EEA+ users

This Supplemental EEA+ Privacy Notice applies if you are located in the European Economic Area, the United Kingdom, or Switzerland.

Data Controller and Data Processor

For purposes of the Services, either you or your employer is the data controller, and we are the data processor.

Categories of Personal Data, Purposes of Processing and Source

See “Information we collect and how we collect information” for categories of personal data that we collect, for the purposes we may process your personal data and, if applicable, the source from which the personal data originated.

Special Categories of Data

Special categories of personal data include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health, data concerning an individual’s sex life or sexual orientation, genetic data, and biometric data processed for the purpose of identifying an individual.

With your consent, and if you choose to provide it, we may collect special category data, such as in your registration on the Site, and in your communications to us and to our Coaches. 

We process this personal data, including disclosing this personal data to our Coaches, solely for the purposes of facilitating your receipt of coaching services via the Services, in accordance with your explicit consent per Article 9(2)(a) GDPR. You can withdraw your consent at any time with future effect. 

If there is a life-threatening emergency and the data subject is physically or legally incapable of giving consent, we may process personal data that falls within these special categories as necessary to protect the vital interests of the data subject or another individual per Art. 9(2)(c) GDPR. 

Lawful Bases for Processing

We rely on the following legal bases to process personal data of yours that does not fall within special categories, as appropriate:

  • According to your consent per Article 6(1)(a) GDPR (“Consent Legal Basis”)
  • Necessary for us to perform a contract with you or your employer or to take steps at your request prior to entering into a contract per Article 6(1)(b) GDPR (“Contract Performance Legal Basis”)
  • Necessary for us to comply with an applicable legal obligation per Article 6(1)(c) GDPR (“Legal Obligations Legal Basis”)
  • Necessary in order to protect the vital interests of the data subject or another natural person per Article 6(1)(d) GDPR (“Vital Interests Legal Basis”), or
  • Necessary for us to realize a legitimate interest based on an assessment of that interest and your privacy and other fundamental interests per Article 6(1)(f) GDPR (“Legitimate Interest Legal Basis”), where the legitimate interests could be in particular:
    • open, maintain, administer, and manage profiles and accounts for registered users;
    • ensuring internal quality control and safety;
    • improving our Services;
    • managing and conducting our relationships with third parties in a business or professional capacity;
    • managing and administering our business; 
    • debugging to identify and repair errors with the Services; 
    • enforcing our agreements and policies; 
    • detecting security incidents; 
    • protecting against malicious, deceptive, fraudulent or illegal activity; and 
    • prosecuting those responsible for that activity; ensuring internal quality control and safety; protecting your safety or vital interests, or the safety or vital interests of others. 

We rely on the following legal bases to process personal data which falls within special categories:

  • Pursuant to your explicit consent 
  • Necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent

If we rely on your consent, you can withdraw your consent at any time with future effect by contacting us at the contact details listed below. For additional details regarding the lawful bases of processing your personal data specifically, please contact privacy@workbravely.com.

Categories of Recipients

See “Disclosure of your information” for information on the categories of recipients that we may share your personal data with.

International Data Transfers

By using the Services, personal data will be stored within the United States, where privacy rules differ and may be less stringent than those of the country in which you reside. We may transfer personal data to recipients located in countries for which the European Commission has not issued an adequacy decision in respect of the level of data protection.

We take measures to ensure that recipients in other jurisdictions provide an adequate level of data protection for example including by implementing EU standard contractual clauses and equivalent measures. You can receive more information on the measures we take by contacting us at the contact details listed below.

Your Choices

There is no law or contract between you and us stating that individuals in the EEA, UK, or Switzerland have to use our Services. We may ask you to provide your name, organization, and eligibility information to verify your eligibility to receive certain Services from us, and certain essential details about yourself in an intake form and/or initial questionnaire so that we may connect you to a Coach.  We cannot provide the Services to you unless you provide such information. You do not have to consent to our use of personal data for advertising purposes. If you do not allow us to collect the data we automatically collect from users of our Services, some of our Services may not work properly or be as tailored to you as they could otherwise be, but they will still generally be usable. 

To the extent that you have given consent, you can withdraw your consent at any time with future effect by contacting us as described below. Such a withdrawal will not affect the lawfulness of the processing prior to the withdrawal of consent.

Your Rights

In the EEA, Switzerland and the UK you have the following rights relating to your personal data, subject to the conditions under the GDPR and/or applicable local data protection law: 

  1. Right to request access to personal data: You have the right to obtain from us confirmation as to whether your personal data is being processed, and, where that is the case, to request access to that personal data and details about how we process your personal data, including the categories of personal data processed, the purpose of the processing and the recipients or categories of recipients, the existence of automated decision-making, including profiling and you have the right to obtain copies of the personal data. However, this is not an absolute right and the interests of other individuals may restrict your right of access.
  2. Right to rectification: You have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  3. Right to erasure (right to be forgotten): You have the right to ask us to erase your personal data.  
  4. Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time, to the processing of your personal data, including profiling, by us. This includes the right to object to our processing of your personal data where we are pursuing our legitimate interests or those of a third party. If we process your personal data based on our legitimate interests or those of a third party, you can object to this processing, and we will cease processing your personal data, unless the processing is based on compelling legitimate grounds or is needed for legal reasons.

Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.

  1. Right to restriction of processing: In limited circumstances, you have the right to request restriction of processing of your personal data, in which case, it would be marked and processed by us only for certain purposes. 
  2. Right to data portability: You have the right to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal data to another entity without hindrance from us. 
  3. You also have the right to lodge a complaint with a supervisory authority (only for EEA and UK).
  4. In some jurisdictions such as France, if applicable pursuant to local law, you also have the right to provide us with guidelines as to the processing of your personal data after your death. 

You can exercise your rights by contacting us at privacy@workbravely.com.

You may view a list of supervisory authorities in the EEA, UK and Switzerland and their respective contact information here (however, you have the right to lodge a complaint in the Member State of your habitual residence, place of work or an alleged infringement of the GDPR): 

Jurisdiction Data protection authority’s website
EEA https://edpb.europa.eu/about-edpb/board/members_en
United Kingdom https://ico.org.uk/global/contact-us/
Switzerland https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html 

Additional Information For California Consumers

Under the California Consumer Privacy Act (“CCPA”), as amended by the Consumer Privacy Rights Act (“CPRA”), we are required to provide specific disclosures about how we use and disclose personal information (“California Personal Information”) about you (“consumers” in this section).  

California Personal Information  

Depending on your online and offline interactions with us, we may collect and process the following categories of California Personal Information:

  • Identifiers: including contact details such as real name, postal address, email address, account name, or other similar identifiers;
  • Customer Records: paper and electronic customer records containing Personal Information, such as name, address, telephone number;
  • Internet or Other Electronic Network Activity Information: including your interactions with our Site; 
  • Audio, Electronic, Visual, or Similar Information: audio, electronic, visual, or similar information (but note that we do not sell this information). 
  • Inferences: drawn from the information collected. 

Certain California Personal Information that we collect about you may be considered “Sensitive Personal Information” within the meaning of California Privacy Law. We only use and disclose Sensitive Personal Information as necessary in connection with the performance of services and the provision of goods, compliance with federal, state, or local laws, and as otherwise permitted by California Privacy Law.

Sources

We may collect the categories of California Personal Information identified in the sub-section above directly from you, automatically as you use our Sites and Services, and from third parties such as data analytics providers, social media networks, and distributors and intermediaries. 

Purposes of Use 

We use California Personal Information for the following business and commercial purposes:

Business Purposes Commercial Purposes
Negotiate, conclude, and perform contracts with vendors;

Manage our accounts and records;

Operate our Sites, including through the use of analytics software;

Communicate with individuals that are, or who represent, customers, vendors, or web users related to transactions;

Protect our rights and interests;

Ensure the security of our Sites and other assets;

Legal and regulatory compliance and internal control evaluations and audits (including where conducted by our internal and external audit service providers);

Obtain legal advice, including for legal proceedings and litigation and also in connection with the sale, purchase or merger of a business;

To provide the products, information and services you request;

For security, credit or fraud prevention purposes; 

To provide you with effective customer service; 

To provide you with a personalized experience when you use our Sites;

To contact you with information and notices related to your use of our Sites; 

To improve the content, functionality and usability of our Sites; 

To improve our products and services; and

For any other purpose identified in an applicable Privacy Notice or other agreement between us and you.

 Advertising, marketing, and public relations (including direct marketing);

Market research and competitor analysis;

To display personalized advertising when you visit our Site or a third party website; 

To contact you with special offers, such as financial incentives (where based on consent), new products, contest and sweepstakes, and other information we believe will be of interest to you;

To invite you to participate in surveys and provide feedback to us; 

To better understand your needs and interests; and

To improve our marketing and promotional efforts.

 

Disclosure of California Personal Information

We may disclose the categories of California Personal Information described above, for the business purposes described above, to:

  • Third-party service providers and contractors that perform data processing activities on our behalf, subject to appropriate privacy and security obligations;
  • Customers, distributors, and intermediaries in connection with the performance of transactions;
  • Government and other authorities as required by law; 
  • Potential purchasers and other parties in connection with the sale, purchase, or merger of a business; and
  • Others to the extent necessary to comply with applicable law and as otherwise permitted under California Privacy Law.

We may disclose Identifiers and Internet or Other Electronic Network Activity Information for the commercial purposes described above to: 

  • Third-party service providers; and
  • Social media and advertising networks. 

Your California Privacy Rights

Subject to certain exceptions detailed in California Privacy Law, as a California resident, you have the right to request: (i) deletion of your California Personal Information; (ii) correction of inaccurate California Personal Information; (iii) the right to know/ access the categories of California Personal Information that we collect about you, including the specific pieces of California Personal Information; (iv) the categories of California Personal Information disclosed for a business purpose; and (v) information about the categories of California Personal Information about you that we have shared (as such term is defined under California Privacy Law) and the categories of third parties to whom the California Personal Information was shared. 

In addition, California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

Do-Not-Sell or Share My Personal Information

In addition to the above-stated rights, California residents have the right to opt-out of the selling or sharing of their California Personal Information, as such terms are defined under California Privacy Law.  To exercise this right, please contact us at privacy@workbravely.com 

We will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon your exercising your rights under applicable law.  

Finally, we do not “sell” or “share” California Personal Information about consumers that we know are younger than 16 years old without opt-in consent.

Exercising Your Rights   

If you are a California resident and wish to request the exercise of these rights as detailed above or have questions regarding the California Personal Information collected or shared with third parties, please contact us at privacy@workbravely.com.   When submitting your request, please include the specific nature of your request, referencing “Your California Privacy Rights,” as well as your first and last name, email address, and zip code or mailing address.  We may apply any exceptions or other conditions available under law when responding to access, correction, deletion, or other requests. We will generally fulfill requests for access, correction, and deletion within 45 days of receiving a valid verified request. We may extend the respond time by another 45 days by notifying the individual of the time extension. 

Authorized Agents

To the extent that you elect to designate an authorized agent to make a request on your behalf, the authorized agent must provide appropriate documentation including written signed permission from you, proof of your identity, and verification of the agent’s identity; a valid, designated power of attorney as defined under the California Probate Code, and certificate of registration as an agent before the California Secretary of State.  If you are an agent submitting the request on behalf of a California consumer, please contact us at privacy@workbravely.com

Data Retention

We keep your California Personal Information for as long as needed or permitted according to the purpose(s) for which it was obtained. The criteria used to determine our retention periods include (i) for as long as we have an ongoing relationship with you; (ii) for the duration of a contract with you; (iii) as required by a legal obligation to which we are subject to; or (iv) as advisable considering our legal position (such as in regard of applicable statutes of limitations, litigation, or regulatory investigations).   We may remove California Personal Information for inactive accounts from our database, subject to any applicable legal or regulatory obligations. Furthermore, we may delete California Personal Information from our database at any time and without providing any reason.

Shine The Light 

Separately, under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us their Personal Information are entitled to request and obtain from us, free of charge, information about the Personal Information (if any) we have shared with third parties for their own direct marketing use; such requests may be made once per calendar year for information about any relevant sharing in the prior calendar year (so, requests submitted in 2023 would be applicable to relevant disclosures (if any) in 2022). If you are a California resident and would like to make such a request, please contact us at privacy@workbravely.com, using the subject line “Request for California Privacy Information.” In your request, please attest to the fact that you are a California resident and provide a current California address. We will reply to valid requests by sending a response to the email address from which you submitted your request. Please note that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing and the relevant details required by the Shine the Light law will be included in our response.

Additional Information For Virginia Consumers

Under the Virginia Consumer Data Protection Act (“CDPA”), we are required to provide specific disclosures about how we use and disclose personal information (“Virginia Personal Information”) about you (“consumers” in this section).  

Virginia Personal Information  

Depending on your online and offline interactions with us, we may collect and process the following categories of Virginia Personal Information:

  • Identifiers: including contact details such as real name, postal address, email address, account name, or other similar identifiers;
  • Customer Records: paper and electronic customer records containing Personal Information, such as name, address, telephone number;
  • Internet or Other Electronic Network Activity Information: including your interactions with our Site; 
  • Audio, Electronic, Visual, or Similar Information: audio, electronic, visual, or similar information (but note that we do not sell this information). 
  • Inferences: drawn from the information collected. 

Purposes of Use 

We use Virginia Personal Information for the following business and commercial purposes:

Business Purposes Commercial Purposes
Negotiate, conclude, and perform contracts with vendors;

Manage our accounts and records;

Operate our Site, including through the use of analytics software;

Communicate with individuals that are, or who represent, customers, vendors, or web users related to transactions;

Protect our rights and interests;

Ensure the security of our Sites and other assets;

Legal and regulatory compliance and internal control evaluations and audits (including where conducted by our internal and external audit service providers);

Obtain legal advice, including for legal proceedings and litigation and also in connection with the sale, purchase or merger of a business;

To provide the products, information and services you request; 

For security, credit or fraud prevention purposes; 

To provide you with effective customer service; 

To provide you with a personalized experience when you use our Sites;  

To contact you with information and notices related to your use of our Sites; 

To improve the content, functionality and usability of our Sites; 

To improve our products and services; and

For any other purpose identified in an applicable Privacy Notice or other agreement between us and you.

 Advertising, marketing, and public relations (including direct marketing);

Market research and competitor analysis;

To display personalized advertising when you visit our Sites or a third party website; 

To contact you with special offers, such as financial incentives (where based on consent), new products, contest and sweepstakes, and other information we believe will be of interest to you;

To invite you to participate in surveys and provide feedback to us; 

To better understand your needs and interests; and

To improve our marketing and promotional efforts.

Your Virginia Privacy Rights

As a Virginia resident, you have the right to request: (i) deletion of your Virginia Personal Information; (ii) correction of inaccurate Virginia Personal Information; and (iii) that we confirm whether we have Virginia Personal Information and, if we do, provide access to that Virginia Personal Information that we collect about you (unless an exception applies).  

Exercising Your Rights   

If you are a Virginia resident and wish to request the exercise of these rights as detailed above or have questions regarding the Virginia Personal Information collected or shared with third parties, please contact us at privacy@workbravely.com.   When submitting your request, please include the specific nature of your request, referencing “Your Virginia Privacy Rights,” as well as your first and last name, email address, and zip code or mailing address.  We may apply any exceptions or other conditions available under law when responding to access, correction, deletion, or other requests. We will generally fulfill requests for access, correction, and deletion within 45 days of receiving a valid verified request. We may extend the respond time by another 45 days by notifying the individual of the time extension. 

Authorized Agents

To the extent that you elect to designate an authorized agent to make a request on your behalf, the authorized agent must provide appropriate documentation to verify the agent’s identity. We cannot respond to your request or provide you with personal information if we cannot both verify your identity or authority to make the request and confirm that personal information we have relates to you. If you are an agent submitting the request on behalf of a Virginia consumer, please contact us at privacy@workbravely.com.

Contact information

If you have any questions about this Privacy Policy, please contact us at privacy@workbravely.com.