Last Modified: 10/11/2020
We do not collect any personally identifiable information about individuals with two exceptions:
When such information is voluntarily submitted by the visitor through forms, and some incidental statistics of site usage which are collected automatically.
Personal Information You Choose to Provide
In order to enable visitors of our website to see certain pages, when specifically requested by them, we require some contact information, (such as name, and e-mail address). The information collected shall be used for the purposes specified when it was collected, to respond to visitor’s inquiries, and fulfil e-mail messaging programmes to notify visitors about new content or services on our website.
If you decide you no longer wish to receive postal mailings and/or e-mails from us, please let us know by sending an e-mail or writing to us and telling us you no longer wish to receive postal mail and/or e-mail. Please provide us with your exact name, postal address, and/or e-mail address. We will make sure your name is removed from our mailing list.
Information Automatically Collected and Stored
In common with many websites, we also measure the performance of our website in order to improve and customise it in favour of our visitors. During your visit, we may automatically collect and temporarily store certain usage information about visits to our websites. This information may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring/ existing pages and URLs, domain names, pages viewed and the date and time of your request and other such information that uniquely identify your browser. Such information is used for system administration and for producing usage statistics. We may entrust third parties with the described performance measurement. Such third parties will be required to use appropriate confidentiality and security measures.
Our website may deposit certain bits of information called “cookies” in a visitor’s computer. Generally, a cookie assigns a unique number to the visitor that has no meaning outside the assigning site. Cookies can tell us how and when pages in a website are visited and by how many people. This technology does not collect an individual visitor’s identifying information; rather, this information is also in an aggregate form. The purpose of this technology and the information it provides is again to help us improve our website. Most web browsers allow the user to deny or accept the cookie feature. However, please note that cookies may be necessary to provide you with certain features (e.g. customized delivery of information) available on our website. Further information about cookies can be found at http://www.microsoft.com/info/cookies.mspx
OUR COMMITMENT TO PRIVACY OF YOUR DATA
- To keep your data safe and private.
- Not to disclose your data to our partners and affiliates without relevant non-disclosure agreements.
The purposes for which personal data may be used by us:
We will use the personal data we collect and process only to perform our business functions. This includes dealing with personnel, administrative, financial, regulatory and business development purposes. We may use personal information for operational reasons, such as recording transactions, training and quality control, ensuring the confidentiality of any sensitive information.
There are instances where we would have to comply with the law and deal with your personal data for regulatory, legal and compliance purposes. These may include:
- Compliance with the legal and regulatory requirements;
- Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests;
- When we are investigating complaints; and
- When we perform functions that are part of our business requirements to deliver best-in-class service to you, e.g. when we are checking references, monitoring and managing staff access to systems and facilities, staff conduct, disciplinary matters etc
What are some examples of global privacy laws?
In the European Union
The European Union’s data privacy law is called the General Data Protection Regulation, more commonly known by its acronym GDPR. GDPR is designed to harmonize data privacy laws across the EU, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy.
Brazil’s privacy law is called the General Data Protection Law, but it is more commonly known by its Portuguese acronym LGPD. The LGPD is similar to GDPR and provides for a strong privacy base in Brazil.
In the United States
Privacy regulations in the United States are mostly segmented along industries, with various federal, state, and local privacy-focused laws that vary in their requirements and scope. However, recent legislative action has resulted in new state-level privacy laws with national and international import. Of particular note to brodmin.com users are the California Consumer Privacy Act, more commonly known by its acronym CCPA. Because of California’s importance to the U.S. and international economy, the CCPA is considered by some as a new national standard until a broad federal privacy law is enacted. The CCPA provides some privacy rights similar to GDPR while expanding certain key definitions and providing user’s the right to opt-out of the sale of their personal data. Additional state privacy laws such as those of Nevada and Maine may also be applicable.
In Other Jurisdictions
While we have chosen to specifically identify and discuss GDPR, LGPD, and CCPA above, this does not change our stance toward other privacy laws in effect in the jurisdictions in which brodmin.com operates.
What is personal data?
The terms personal data, personal information (PI), and personally identifiable information (PII) are all terms used by various worldwide privacy laws to refer to information or data that can (or may reasonably be) linked directly or indirectly to a specific individual. It can include data such as a name, a photo, an email address, or bank details.
brodmin shall comply with the principles of data protection (the Principles) enumerated in the EU General Data Protection Regulation. We will make every effort possible in everything we do to comply with these principles.
The EU GDPR provides the following rights for individuals:
- The right to be informed;
- The right of access;
- The right to rectification;
- The right to erasure;
- The right to restrict processing;
- The right to data portability;
- The right to object; and
- Rights in relation to automated decision making and profiling
brodmin data processing is in line with the key principles stated by the EU GDPR.
We ensure that your data is:
- Processed lawfully, fairly and in a transparent manner in relation to individuals;
- Collected for specified, explicit and legitimate purposes only;
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- Accurate and, where necessary, kept up to date;
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed;
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
In line with EU GDPR you may file a subject access request to find out what information exactly brodmin holds on you in our files.
brodmin will not transfer your data outside the EU, unless the level of protection of your data will be maintained at least to the same level as if it remained in the EU. We will ask your explicit consent if you’re dealing with us would require such a transfer (unless stipulated by regulatory authorities).
Third parties may use tracking technologies to collect information about our users. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement, you should contact the responsible advertiser directly.
Links on this Site to websites are provided as a convenience to you. Such linked sites are outside our control and responsibility and are not covered by this policy. If you use any such linked sites, you should consult the privacy policies posted on those websites.
Upon a user’s request, we shall remove all the user’s data from the website. All removed user’s data shall be kept for three additional months (offline) before deletion.
How We Use Your Information.
We use information that we collect about you or that you provide to us, including any personal information:
- to present our Website, its Services, and its contents to you;
- to provide you with information regarding the Services or products that you request from us;
- to fulfil any other purpose for which you provide it;
- to provide you with notices about your account/subscription to the Services, including expiration and renewal notices;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- to notify you about changes to our Website, Services or any products we offer or provide though it;
- to allow you to participate in interactive features on our Website, including the Services;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent.
We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please check the relevant box located on the form on which we collect your data (the “registration form”) or adjust your user preferences in your account profile.
Although we take necessary measures in order to provide a secure website we cannot fully control and therefore cannot be liable for all interruptions, intrusions, errors, loss of data or any other interferences with the use of this website caused by a breach of security.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.
The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website, including but not limited to its Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website or its Services.
SECURITY CONTROLS OF DATA PROCESSING ACTIVITIES AT brodmin
brodmin are employing high standards for data security, which include, to the minimum:
- Adhering to information security assets and data security policies and procedures brodmin has adopted;
- Maintaining privacy of your data by design;
- Maintaining segregation of access rights for different individuals who are part of brodmin
- Encrypting equipment, wireless networks, data at rest and individual files;
- Maintaining strict mobile device policies; and
- Strong physical and other controls.
brodmin together with its IT services provider, has established and maintains incident response and business continuity procedures. This will allow us to respond to a data incident promptly and inform the ICO, if required, within the 72 hours specified by the EU GDPR documentation.
DATA ACCESS REQUEST PROCEDURE
All data-related requests of data subjects (including data access, data rectification, data erasure, etc.) must be made in writing by email to [email protected]
If we receive a data-related request from you in any other way, we will forward it to the above mentioned electronic address, however, it may take us longer to process your request, but we will never exceed the 40 days stipulated by the EU GDPR documentation.
Limitation of Liability
Under no circumstances, including but not limited to negligence, shall we be liable for any special or consequential damages that results from the use of, or the inability to use, the website and the materials in it.
Without derogating the aforementioned, in no event shall our total liability exceed the amount paid by you, if any, for accessing the site.
For any question or to request modification or deletion of your personal information, please e-mail [email protected]
Changes and Updates to this Policy