Privacy Notice

Here at BrainUp Limited and our website https://brain-up.org, we respect your privacy and we are committed to processing personal data of our experts/writers/users/customers in a secure and manner in line with our legal obligations.
This Policy explains how BrainUp Limited will use any personal data that we may collect about you when you use our website https://brain-up.org (hereinafter the “Website”).

1. What data we collect
Our Privacy Policy governs the use and storage of your personal data. You can see our Privacy Policy on the website, which detail our processing.
BrainUp Limited is a Controller of the personal data you (data subject) provide us. We may collect the following types of personal data from you within the following website:

  1. a name and surname, a home address, contact details such as your email address and phone number;
  2. data that identifies you such as your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version;
  3. personal ID card and/or driver license and your birthday details in order to verify your identity;
  4. your diploma or credentials that prove your degree and educational background;
  5. your CV to prove your working experience;
  6. only 4 last digits of your credit/debit card, merchant unique ID or receipt ID or your payment email account to complete payment transactions via our secure payment processors accounts;
  7. data on how you use the website such as your URL clickstreams (the path you take through the website), goods/services viewed, page response times, download errors, how long you stay on webpages, what you do on those pages, how often, and other actions.

2. Why we need it
BrainUp Limited collects your personal data in order:

  • Provide services;
  • Keep the website running;
  • Improve the website;
  • for customer support;
  • for marketing purposes (with your consent)

BrainUp Limited will not sell or provide your data to any third party where you have not provided your consent to do so. All other data is processed in accordance with the General Data Protection Regulation (GDPR) 2018 and other applicable laws.

3. BrainUp Limited collects personal data:
BrainUp Limited collects data when you interact with its website, especially when

  • you browse any page of the website;
  • BrainUp Limited calls you;
  • you use the website;
  • you receive emails from BrainUp Limited;
  • you chat with BrainUp Limited for customer support;
  • you connect integrations;
  • you opt-in to marketing emails.

4. What we do with it
Your personal data is processed by BrainUp Limited Your personal data is transferred to Gibraltar. Hosting and storage of your data takes place within the European Economic Area (EEA) but our current organizational and administrative structure requires to transfer some part of your data to non-EEA countries, namely – in Kyiv, Ukraine and this data will be processed by the Company’s Research and Development Department. The employees and contractors of the Company’s Research and Development department are bound by the respective agreements, Company’s internal policies and Information Security Policy. All the activities with personal data outside the EEA are performed at the secured premises. Any such transfer of data will only be in connection with the services thatBrainUp Limited provides will ensure that the data is protected to a level which meets the requirements of EU law.
By providing your data to us you agree to this transfer taking place.
No third party providers have access to your data, unless specifically required by law, there is a legitimate interest, where you have consented with us to do so, or in order to fulfil our services to you.

5. What are your rights?
You have the right to access to any data that we hold relating to you. Requests must be made in writing and proof of identification is required to protect your data and to ensure it is not disclosed to unauthorized parties.
Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this data, rectify it or have it deleted.
In the event that you wish to complain about how we have handled your personal data, please contact in writing to BrainUp Limited We will then look-into your complaint and work with you to resolve the matter.
To look threw the detailed scope of your rights, please, read our Privacy Policy below.

Privacy Policy

 

  1. Purpose and Scope
    BrainUp Limited, hereinafter referred to as the “Company”, strives to comply with applicable laws and regulations related to Personal Data protection in countries where the Company operates. This Policy sets forth the basic principles by which the Company processes your personal data, and indicates the responsibilities while processing personal data. The Company does not knowingly attempt to solicit or receive information from children under 16 years of age. The Company acknowledges and understands that you are aware of and care about your own personal privacy interests, and the Company takes that seriously. This Privacy Policy describes the policies and practices with regard to the collection and use of your personal data, and sets forth your privacy rights. The Company recognizes that data privacy is an ongoing responsibility, and, therefore, the Company will from time to time update this Privacy Policy and its privacy practice as the Company undertakes new personal data practices or adopt new privacy policies.
  2. Company’s website
    The Company controls and manages https://brain-up.org – hereinafter the “Website”) which may collect particular data for its business purposes.
  3. Definitions of legal bases for the processing>
    Consent – your clear agreement to the processing of your personal data for a specific purpose.
    Contract – the reason why the processing is necessary based on a contract you have with the Company, or because the Company has asked you to take specific steps before entering into that contract.
    Legitimate Interests – the reason why the processing your data is necessary which is based on the legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:

    1. gaining insights from your behaviour on the Website;
    2. prevent fraud;
    3. delivering, developing and improving the Website;
    4. enabling the Company to enhance, customise or modify the Website and services;
    5. determining whether marketing campaigns are effective;
    6. enhancing data security.
  4. Consent rule
    If you have given consent to the processing of your data you can freely withdraw such consent at any time by emailing the Company to [email protected].
    If you do withdraw your consent, and if the Company does not have another legal basis for the processing of your data, then the Company will stop the processing of your personal data.
    If the Company has another legal basis for the processing of your data, then the Company may continue to do so subject to your legal interests and rights.
  5. Company’s responsibilities
    If you are a registered user or a visitor to the Website the Company acts as the ‘data controller’ of personal data. This means that the Company determines how and why your data are processed.
  6. Your responsibilities
    Read this Privacy Policy carefully.
    If you provide the Company with personal data about other individuals, the Company will only employ that data for the special reason for which it was provided to the Company. By sending the data, you confirm that you have the right to dispose to process the data on your behalf in accordance with this Privacy Policy.
    Treat your personal data confidential and secure.
  7. Collected data
    The Company collects data when you interact with its Website, especially when:

    1. you browse any page of the Website;
    2. the Company calls you;
    3. you use the Website and receive services;
    4. you receive emails from the Company;
    5. you chat with the Company for customer support;
    6. you connect integrations;
    7. you opt-in to marketing emails.
    8. The Company collects the following categories of data:
      • a name and surname, a home address, contact details such as your email address and phone number;
      • data that identifies you such as your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version;
      • personal ID card and/or driver license and your birthday details in order to verify your identity;
      • your diploma or credentials that prove your degree and educational background;
      • your CV to prove your working experience;
      • only 4 last digits of your credit/debit card, merchant unique ID or receipt ID or your payment email account to complete payment transactions via our secure payment processors accounts;
      • data on how you use the website such as your URL clickstreams (the path you take through the website), goods/services viewed, page response times, download errors, how long you stay on webpages, what you do on those pages, how often, and other actions.

    The recipients of the collected data are the highest management level of the Company, its employees and contractors, and other third party service providers mentioned below.

  8. Purposes and legal basis for the processing
    The Company processes the data for:

    1. 8.1.1 Providing Services:
      • Details: the Company needs to provide services accessible via the Website.
      • Legal basis: Consent; Contract; Legitimate Interests.
    2. 8.1.2 Keeping the Website running:
      • Details: managing your requests, login and authentication, remembering your settings, processing payments, hosting and back-end infrastructure.
      • Legal basis: Contract; legitimate Interests.
    3. 8.1.3 Improving the Website
      • Details: testing features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping the Website, traffic optimization and data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.
      • Legal basis: Contract; legitimate Interests.
    4. 8.1.4 Customer support
      • Details: notifying you of any changes to the service, solving issues, any bug fixing.
      • Legal basis: Contract; Legitimate Interests.
    5. 8.1.5 Marketing purposes (with your consent only)
      • Details: sending you emails and messages about new functions, goods and services, and content.
      • Legal basis: Consent.
    6. 8.1.6 Preventing fraud
      • Details: evercookies. Evercookies are a javascript API available that produces extremely persistent cookies in a browser which help us identify that no user creates additional account
      • Legal basis: Legitimate Interests.
  9. Your rights
    You may choose not to provide the Company with personal data. If you choose to do so, you can continue to visit the Website and browse its pages, but the Company will not be able to provide its services and process transactions without personal data.
    You may turn off cookies in your browser via settings. You can block cookies on your browser refusing cookies. You may delete cookies. If you turn off cookies, you can continue to use the Website and browse its pages, but the Website and certain services will not work properly.
    You may ask us to refrain from using your data for marketing. You can opt out from marketing by emailing us at [email protected].
    You can exercise the following rights by sending us an email at [email protected].

    1. 9.1.1 You have the right to access information about you, especially:
      • the categories of data;
      • the purposes of data processing;
      • third parties to whom the data disclosed;
      • how long the data will be retained and the criteria used to determine that period;
      • other rights regarding the use of your data.
    2. 9.1.2 You have the right to make the Company correct any inaccurate personal data about you.
    3. 9.1.3 You can object to the Company using your personal data for profiling you or making automated decisions about you. The Company may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour).
    4. 9.1.4 You have the right to the data portability of your data to another service or Website. The Company will give you a copy of your data in readable format so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you.
    5. 9.1.5 You have the right to be “forgotten”. You may ask erasing any personal data about you, if it is no longer necessary for the Company to store the data for purposes of your use of the Website.In the context of the right to access information, the Company shall provide you with the information within one month of your request unless there is a justified requirement to provide such information faster.
  10. Security
    We have security and organizational measures and procedures to secure the data collected and stored. We have security policies and data processing agreements with all our employees and contractors who are obliged to follow and maintain appropriate technical and organisational measures. We have internal Information Security Policy.
    Connections to the Website are encrypted using 256-bit SSL with integrity assured by the SHA2 ECDSA algorithm.
    We use servers that comply with strict international data security standards, including ISO 27001.
    We use servers that are certified under PCI DSS Level 1, ISO/IEC 27001:2013, SOC 1 type II.
    You acknowledge that no perfect security infrastructure exists, no data transmission is guaranteed to be 100% secure, and there may be some security risks.
    You are responsible for your login information and password. You shall keep them confidential.
    In case if your privacy has been breached, please contact the Company immediately on [email protected].
  11. Location of the processing of personal data
    The personal data collected by the Company is processed at the Company’s offices in Gibraltar. The Company is international and can have foreign branches and departments. The Company’s Research and Development department is based in Kyiv at secure premises. The employees and contractors of the Company’s Research and Development department are bound by the respective agreements, Company’s internal policies and Information Security Policy. Our servers for storing the data are located in Germany.
  12. Retention period
    The Company will delete your personal data from the databases no later than 6 years from the last time you used the Website according to the effective legislation of the Gibraltar
  13. Cookies
    Cookies are pieces of data that a Website transfers to a user’s hard drive for record-keeping purposes.
    The Company uses cookies to provide proper functionality on the Website and aggregate traffic data (e.g., what pages are popular). The Company may use evercookies with reference to Legitimate interest only.
    The Company uses the following types of cookies:

    • Strictly needed cookies. These cookies are necessary for the Website to work correctly. They will allow you to move our Website and use its capabilities. These files do not identify you as a person. If you do not agree to use this type of file this may affect the proper work of the Website or its components.
    • Cookies related to performance, efficiency, and analytics. These files help us understand how you interact with our Website by providing information about the areas visited and the amount of time spent on the Website, as well as showing problems in the operation of the Internet resource, for example, error messages. This will help us to improve the work of the Website.
    • Cookies related to analytics. These files help us to measure the effectiveness of advertising campaigns and optimize the content of Websites for those who are interested in our advertising. This type of cookies shall not be used for Your identification. All information that is collected and analyzed is anonymous.
    • Advertising cookies. These cookies record information about Your online activities, including visits to our Website, as well as information about the links and advertising that you have chosen to view. The Company uses such files to collect data about your activity on the Internet and determine your interests, which allows the Company to provide advertising that suits your interests and on which you have given your consent.

    The Website capture limited data (user-agent, HTTP referrer, last URL requested by the user, client-side and server-side clickstream) about visits to the Website. The Company may use this data to analyze patterns and to perform system maintenance. You have several options how to manage cookies on your device. All browsers allow you to block or delete cookies from your device. You may consult the privacy features in your browser to understand what you should do if you need to manage cookies.

  14. Contact details
    BrainUp Limited
    Phone (toll-free): +443300100119
    Email: [email protected]
    5-9 Main Street, Gibraltar
    Index / PO Box GX11 1AA

Privacy Notice for California Residents

 

1. What information we collect
Through your use of our website, we collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”).
Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or personal information covered by specific sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

We obtain the categories of personal information from third-party business partners and/or from you (directly or indirectly).

2. Why we need it
We respect this legislation by only processing the necessary personal information for the following business purposes:

  • Performing Services
  • Certain Short-term Uses
  • Debugging / Repair
  • Internal Research for Tech Development; and
  • Quality and Safety Maintenance and Verification
  • Security
  • Auditing Interactions with Consumers

We will not collect additional categories of personal information or use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you notice.

3. When we may disclose personal information
We may disclose your personal information to a third party for a business purpose. We share the minimum necessary personal information with the service providers that provide operational, technical, legal, or other services, and counselors who provide the counselor services. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

4. Your rights
o Right to Request Access to Information
You have the right to request that we notify you of the personal information about you that we have collected and used. Once we receive and confirm your verifiable consumer request, we will disclose it to you.
o Right to Request Deletion of Information
You have the right to request that we delete any of your personal information that we collected about you and retained. Once we receive your request and verify who you are, we will delete (and direct our service providers to delete) your personal information from our records.
We will not discriminate against you for exercising any of your CCPA rights.

5. Exercising Your Rights
To exercise the rights listed above, please submit a request in writing to us via the contact information contained in the Contact Information section. Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a request related to your personal information. You may also make a request on behalf of your minor child.
You may only make a request for access twice within 12 months. Your request must provide sufficient information that allows us to reasonably verify you are the person about whom we collect personal information or an authorized representative and describe your request with enough detail that will enable us to understand, evaluate, and respond to it appropriately.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a request does not require you to create an account with us. We will only use personal information provided in a request to verify your identity or authority to make the request.
We endeavor to respond to a request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
For Requests to Access, our response will only cover the 12 months preceding the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily available and should allow you to transmit the data from one entity to another without hindrance.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

6. Changes to Privacy Notice
We reserve the right to amend this Privacy Notice at our discretion and at any time. When we make changes to this Privacy Notice, we will post the updated Notice on the Websites and update its effective date.
Regardless of changes to our Privacy Policy, we will never use the information you submit under our current privacy notice in a new way without first notifying you and giving you the option to opt-out.
Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
For more information about our use of your personal information or exercising your rights as outlined above, please contact us at [email protected].
Your personal information must be kept accurate and up-to-date. If any of your personal information we hold changes, please keep us informed as long as we have that information.
Further information about your rights can also be obtained from the authority.
If you have any cause for complaint about our use of your personal information, you have the right to lodge a complaint with the Information Commission Officer (ICO) if you are a resident of the European Union or the EEA.
If you are a resident of Canada, you may contact the Office of the Privacy Commissioner of Canada in case you have any cause for complaint about our use of your personal information.
We would welcome the opportunity to resolve your concerns ourselves, so please contact us first at [email protected].