Effective starting October 1st, 2018 (view archived versions)
We believe your data is your property and should be under your full control. In order to help you with it and in accordance with global data management regulations (i.e. GDPR, COPPA, Privacy shield notice, etc…), we have provided you with full transparency on what data we may collect from you on this website, how we use it and how you can access and control it. Here are the elements we have updated so you understand:
- What data we collect
- When we collect it
- How we use the collected information
- How we protect your data
- How we share this data
- How to access and control your personal data
- How we transfer information we collect internationally
Here are the elements that remain the same:
- Use of ‘cookies’
- California Online Privacy Protection Act
- Track signals
- Behavioral tracking
- Children Online Privacy Protection Act COPPA
- Fair Information Practices
- CAN SPAM Act
Personal Data, as described in The General Data Protection Regulation (GDPR) (EU) 2016/679 is any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person.
PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, Monthly or Annual Customer Contact Volume, reason of your contact inquiry or other details to help you with your experience or better tailor our commercial offering to your organization’s needs.
When do we collect information?
We collect information from you when you subscribe to a newsletter, fill out a form, Use Live Chat, enter information on our site or provide us with feedback on our products or services.
How do we use your information?
We may use the information we collect from you when you register, request a demo, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To send periodic emails regarding your order or other products and services announcements.
- To follow up with them after correspondence (live chat, email or phone inquiries)
How do we protect your data?
We use regular Malware Scanning. We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information. We never ask for credit card numbers and do not process any transactions through our website, blog or apps.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
How do we share your data?
Third-party disclosure: We do not sell, trade, or otherwise transfer to outside parties your Personal Data or Personally Identifiable Information.
Third-party links: We do not include or offer third-party products or services on our website.
Google: Google’s advertising requirements can be summed up by Google’s Advertising Policies at:
We have not enabled Google AdSense on our site but we may do so in the future.
Use of ‘cookies’
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, some of the features that make your site experience more efficient may not function properly, that make your site experience more efficient and may not function properly.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
You can change your personal information:
- By emailing us at the Contact us information provided at the end of this document.
How does our site handle Do Not Track signals?
We honor most of the Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. However, because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to all browser DNT signals. You can opt out of receiving marketing communication from us by unsubscribing from each emails you receive from us or emailing us at the Contact us information provided at the end of this document.
Does our site allow third-party behavioral tracking?
We do not allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur. We will notify you via email:
- Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
To be in accordance with CAN SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly by using the link at the bottom of each email or email us at the Contact information provided at the end of this document.
How to access and control your personal data
You have the right to request a copy of your information in a structured, electronic format, to object to our use of your information (including for marketing purposes), or to request any of the following items:
- Access and update your information by contacting us at the emailing us at the Contact us information provided at the end of this document.
- Delete your information by emailing us at the Contact us information provided at the end of this document.
- Request that we stop using your information by emailing us at the Contact us information provided at the end of this document (i.e.: accessing, storing, using and otherwise processing your information where you believe we don’t have the appropriate rights to do so.)
- Opt out of communications: by clicking on the unsubscribe link within each email or by emailing us at the Contact us information provided at the end of this document. Furthermore, you may be able to opt out of receiving personalized advertisements from other companies who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising. For more information about this practice and to understand your options, please visit: http://www.aboutads.info, http://optout.networkadvertising.org/ and http://www.youronlinechoices.eu/
- Turn off Cookie Controls: You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
- Send “Do Not Track” Signals: some browsers and devices have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. You can instruct your browsers and devices, by turning this feature on in their respective settings.
- Data portability: Data portability means the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this applies to some of your information, but not to all of your information. You can process your request by emailing us at the Contact us information provided at the end of this document.
How we transfer information we collect internationally
International transfers of information we collect: We collect information globally and primarily store that information in the United States, Canada and France. We transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services. Whenever we transfer your information, we take steps to protect it.
International transfers within the xBrain Companies: To facilitate our global operations, we transfer information to either France, Canada or the United States and allow access to that information from countries in which xBrainsoft and xBrain Inc. have operations for the purposes described in this policy. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based. When we share information about you within and among xBrain corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area. Please see our Privacy Shield notice below for more information or contact us as provided below.
Privacy Shield Notice
Under the EU-U.S. Privacy Shield Frameworks, we are responsible for the processing of information about you we receive from the EU and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for such onward transfers and remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, xBrain is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, xBrain may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
To learn more about the Privacy Shield Program, please see here www.privacyshield.gov.
We encourage you to contact us should you have a Privacy Shield-related (or general privacy-related) complaint. We commit to cooperate with the EU Data Protection Authorities and comply with advice given by them with regard to personal data transferred from EU as applicable.
Under certain conditions, more fully described on the Privacy Shield website, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration.
We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
If you are a EU resident contact our EEA Representative:
6 Boulevard Haussmann
For all other clients please contact our US Representative
925 Siskiyou drive
Menlo Park, CA 94025
Last Edited on 10/01/2018