Our Privacy Policy

Effective starting October 1st, 2018 (view archived versions)

We believe your data is your property and should be under your full control. In order to help you with it and in accordance with global data management regulations (i.e. GDPR, COPPA, Privacy shield notice, etc…), we have provided you with full transparency on what data we may collect from you on this website, how we use it and how you can access and control it. Here are the elements we have updated so you understand:

Here are the elements that remain the same:

In addition to this Privacy policy changes xBrain is committed to answer all requests and questions about your specific personal data at any time upon request at the Contact us information provided at the end of this document.

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personal Data’ or ‘Personally Identifiable Information’ (PII) is being used online.  

Personal Data, as described in The General Data Protection Regulation (GDPR) (EU) 2016/679 is any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person.  

PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.  

This Privacy Policy covers the information we collect about you when you use our website satisfaction.AI, or otherwise interact with us (for example, by attending our events), unless a different policy is displayed.  We and us refers to xBrainsoft, French entity, xBrain, Inc. US entity and any of their products and corporate affiliates.  

Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personal Data or Personally Identifiable Information in accordance with our website. 

What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, Monthly or Annual Customer Contact Volume, reason of your contact inquiry or other details to help you with your experience or better tailor our commercial offering to your organization’s needs.

When do we collect information?

We collect information from you when you subscribe to a newsletter, fill out a form, Use Live Chatenter information on our site or provide us with feedback on our products or services.

How do we use your information?

We may use the information we collect from you when you register, request a demo, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

  • To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested. 
  • To improve our website in order to better serve you. 
  • To allow us to better service you in responding to your customer service requests. 
  • To send periodic emails regarding your order or other products and services announcements. 
  • To follow up with them after correspondence (live chat, email or phone inquiries)

How do we protect your data?

We use regular Malware Scanning. We do not use vulnerability scanning and/or scanning to PCI standards. 

We only provide articles and information. We never ask for credit card numbers and do not process any transactions through our website, blog or apps. 

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. 

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.

How do we share your data?

Third-party disclosure: We do not sell, trade, or otherwise transfer to outside parties your Personal Data or Personally Identifiable Information. 

Third-party links: We do not include or offer third-party products or services on our website. 

Google: Google’s advertising requirements can be summed up by Google’s Advertising Policies at:

https://support.google.com/adwordspolicy/answer/1316548?hl=en

We have not enabled Google AdSense on our site but we may do so in the future.

Use of ‘cookies’

satisfaction.AI and our third-party partners, such as our advertising and analytics partners, may use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices.  

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. 

If you turn cookies off, some of the features that make your site experience more efficient may not function properly, that make your site experience more efficient and may not function properly.

 

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following: 

Users can visit our site anonymously. 

Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. 

Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above. 

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page

You can change your personal information:

  • By emailing us at the Contact us information provided at the end of this document.

How does our site handle Do Not Track signals?

We honor most of the Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. However, because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to all browser DNT signals. You can opt out of receiving marketing communication from us by unsubscribing from each emails you receive from us or emailing us at the Contact us information provided at the end of this document.

Does our site allow third-party behavioral tracking?

We do not allow third-party behavioral tracking

 

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. 

We do not specifically market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. 

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur. We will notify you via email:

  • Within 7 business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

 

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. 

We collect your email address in order to:

  •  Send information, respond to inquiries, and/or other requests or questions 

 To be in accordance with CAN SPAM, we agree to the following: 

  • Not use false or misleading subjects or email addresses. 
  • Identify the message as an advertisement in some reasonable way. 
  • Monitor third-party email marketing services for compliance, if one is used. 
  • Honor opt-out/unsubscribe requests quickly by using the link at the bottom of each email or email us at the Contact information  provided at the end of this document.

How to access and control your personal data

You have the right to request a copy of your information in a structured, electronic format, to object to our use of your information (including for marketing purposes), or to request any of the following items:

  • Access and update your information by contacting us at the emailing us at the Contact us  information provided at the end of this document.
  • Delete your information by emailing us at the Contact us information provided at the end of this document.
  • Request that we stop using your information by emailing us at the Contact us information provided at the end of this document (i.e.: accessing, storing, using and otherwise processing your information where you believe we don’t have the appropriate rights to do so.)
  • Opt out of communications: by clicking on the unsubscribe link within each email or by emailing us at the Contact us information provided at the end of this documentFurthermore, you may be able to opt out of receiving personalized advertisements from other companies who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising. For more information about this practice and to understand your options, please visit: http://www.aboutads.info, http://optout.networkadvertising.org/ and http://www.youronlinechoices.eu/
  • Turn off Cookie Controls: You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
  • Send “Do Not Track” Signals: some browsers and devices have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. You can instruct your browsers and devices, by turning this feature on in their respective settings.
  • Data portability: Data portability means the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier).  Depending on the context, this applies to some of your information, but not to all of your information. You can process your request by emailing us at the Contact us information provided at the end of this document 

How we transfer information we collect internationally

International transfers of information we collect: We collect information globally and primarily store that information in the United States, Canada and France. We transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services.  Whenever we transfer your information, we take steps to protect it.

International transfers within the xBrain Companies: To facilitate our global operations, we transfer information to either France, Canada or the United States and allow access to that information from countries in which xBrainsoft and xBrain Inc. have operations for the purposes described in this policy. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based. When we share information about you within and among xBrain corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area. Please see our Privacy Shield notice below for more information or contact us as provided below.

International transfers to third parties: Some of the third parties described in this privacy policy, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of customers in the European Economic Area, we make use of the EU-U.S. Privacy Shield Frameworks, European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer. Please see our Privacy Shield Notice below.

Privacy Shield Notice 

xBrain Inc., our US entity participates in and complies with the EU-U.S. Privacy Shield Frameworks and the Privacy Shield Principles regarding the collection, use, and retention of information about you that is transferred from the European Union (as applicable) to the U.S.  We ensure that the Privacy Shield Principles apply to all information about you that is subject to this privacy policy and is received from the European Union and the European Economic Area.  

Under the EU-U.S. Privacy Shield Frameworks, we are responsible for the processing of information about you we receive from the EU and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for such onward transfers and remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.  

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, xBrain is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, xBrain may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

To learn more about the Privacy Shield Program, please see here www.privacyshield.gov. 

We encourage you to contact us should you have a Privacy Shield-related (or general privacy-related) complaint. We commit to cooperate with the EU Data Protection Authorities and comply with advice given by them with regard to personal data transferred from EU as applicable.  

Under certain conditions, more fully described on the Privacy Shield website, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration.   

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC). 

 

Contact Us

For any questions or request regarding this privacy policy or your data do not hesitate to contact us as follows: 

If you are a EU resident contact our EEA Representative: 

xBrainsoft
c/o my.satisfaction.AI
6 Boulevard Haussmann
75009 Paris
E-Mail: privacy-eu@xbrain.ai

For all other clients please contact our US Representative

xBrain Inc.
c/o my.satisfaction.AI.
925 Siskiyou drive
Menlo Park, CA 94025
E-Mail: privacy-us@xbrain.ai

 

Last Edited on 10/01/2018