In providing our services, we typically do not directly interact with the owners of personal information (data subject). Rather we process information (including in some cases personal information), provided to us by third parties. Therefore, we obligate such third parties to comply with all applicable laws in all applicable jurisdictions, with respect to the collection, use and sharing of personal information.
Information We Collect, Process, or Store
In the course of providing services to Vendors, we do not intentionally collect personally identifiable information, such as names, addresses, phone numbers, etc. However, the Vendors we provide service to may use our services to collect, process and store such information, which may be processed through our platforms/technology. BRAVE may work with third party data platforms that integrate into our platforms and help us to deliver targeted advertisements using our advertising technology more efficiently. Finally, Vendors may use third-party data in combination with data subjects’ user information to deliver targeted advertisement materials and/or inventory across multiple devices that may ultimately be processed by our platforms.
In addition, BRAVE may process information about data subjects’ behavior, including information about domains, referring websites, date and time of visits, page view data, search keywords, visitor activities and actions on publisher’s sites, referring and exit pages, platform type, date/time stamp, and geolocation data (including city, country, zip code, and potentially geographic coordinates if data subjects have enabled location services on their device).
Other information which we may collect includes among others, browser information (e.g. URL, browser type, ‘click through’ data, device type), ad reporting or delivery data (e.g. size/type of ad, ad impressions, data about interactions with the ad such click etc.), device-type information (e.g. mobile/desktop/tablet) and Unique identification numbers (e.g. IP address).
With respect to data collected via our platform on behalf of our Vendors, we may combine information that does not directly identify an individual with data collected from other sources and disclose the combined information to participating Vendors so that they can determine whether to bid on ad inventory and in order to improve the relevance of the advertising presented to users. We also use the information we collect to host, operate, maintain, secure, and further develop and improve our services, such as to keep track of advertising delivery and to measure the effectiveness of advertising delivered through our Services, and investigate compliance with our policies and guidelines.
How BRAVE Collect Information
We may use the following categories of cookies for our Website and services:
Strictly Necessary Cookies – in order to enable you to navigate our Website and use its features (if you disable these cookies certain services cannot be provided).
Performance Cookies – in order to collect anonymous information on Website usage. The data collected by these cookies never include personally identifiable information.
Functionality Cookies –used to provide you with an experience more appropriate to your preferences, geolocation, etc. The information collected by these cookies is anonymized.
Targeting Cookies or Advertising Cookies – in order to collect information about your browsing habits in order to make advertising more relevant to you and your interests.
Our Vendors may also utilize cookies or similar technologies to deliver ads and monitor the performance of such ads. The collection of information through cookies or similar technologies by such third parties will be governed by their own privacy policies and principles.
How We Use User Information
The information that BRAVE collects, both personally identifiable information and non-personally identifiable information, may be used by us, or shared by us with third parties, in any manner and for any purpose permitted by law (including privacy data laws and regulations). If we or our affiliates are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale or company assets, or transition of service to another provider, then any information may be sold or transferred as part of such a transaction as permitted by law and/or relevant agreement.
We primarily use the user information we collect to enable Vendors to find and purchase advertising space. Additionally, BRAVE may use information it collects directly for our purposes: to create sophisticated advertising segments, to run analytics, including forecasting analytics of inventory, and to check (including through third parties) the quality of advertisement or for any other and further research and development purposes acceptable as our legitimate business interests and allowed under applicable laws and regulations.
We also use the information to improve our services and products that we provide to our Vendors, and to develop new products and services, to analyze the market, and generate performance reports. For said purposes, we may share information with our Vendors, partners, and service providers, taken, however, that all of the information sharing is done in aggregate without identifying particular users. Finally, we use the information to protect data subjects, investigate security breaches, and to prevent all illegal activities within our systems.
Rights and Applicability of EU Laws
BRAVE makes no representations regarding the applicability of the laws of in the EU / European Economic Area to us should we inadvertently collect, store, or process information of data subjects located in such territories. However, BRAVE voluntarily implement policies that provide data subjects located in the EU / European Economic Area with a mechanism of additional protection of their rights. Subject to the aforesaid, please be advised that our Data Protection Officer can be reached e-mail: GDPR@thebrave.io.
The new GDPR which entered into force May 25, 2018, applies to the collection, use and disclosure of “personal data”, which includes data that can by itself identify a person (e.g. names, phone numbers, addresses, etc.) as well as information that can only be attributed to a specific person only with the use of additional information (e.g. device-related identifiers like unique IDs and IP addresses, defined as “pseudonymous” data under GDPR). Although BRAVE currently does not collect identifiable personal information, we do collect pseudo-anonymous data. GDPR applies to BRAVE whenever BRAVE processes personal data on behalf of its publishers. As a data processor (and not a data controller), BRAVE is not under obligation to independently secure consent from data subject to collect, use and share information, and relies on its Vendors to obtain such consent in accordance with GDPR requirements. BRAVE complies with all other obligations under GDPR which apply to data processors.
AS A VENDOR OF BRAVE, YOU HEREBY AGREE THAT YOU HAVE PROVIDED NOTICE TO, AND OBTAIN CONSENT FROM, ANY THIRD PARTY INDIVIDUAL WHOSE INFORMATION YOU SUPPLY TO BRAVE WITH RESPECT TO: (A) THE PURPOSES FOR WHICH SUCH INFORMATION HAS BEEN COLLECTED; (B) THE INTENDED RECIPIENT OR CATEGORIES OF RECIPIENTS OF SUCH INFORMATION; (C) HOW THE THIRD PARTY CAN ACCESS, RECTIFY OR ASK TO DELETE OR TO RECEIVE SUCH INFORMATION; (D) WHETHER THE DATA COLLECTED IS MANDATORY OR VOLUNTARY. YOU FURTHER WARRANTS AND UNDERTAKES THAT YOU HAVE COMPLIED WITH EVERY ASPECT OF THE GDPR AND ANY OTHER APPLICABLE LAWS AND REGULATIONS WITH RESPECT TO THE PROVISION OF ANY INFORMATION TO US AND THE USE AND STORAGE OF SUCH INFORMATION.
For data subjects located in the European Economic Area, as defined in the GDPR, our legal basis for collecting and using user information shall be a subject to particular circumstances of collection and/or processing of such information. We believe that the basis for collection, storage, or processing of such information is the data subject’s informed consent, with the exception of cases in which BRAVE has a legitimate interest in processing such user information (e.g., to prevent fraudulent activity).
Withdrawal of Consent
Data subjects may withdraw their consent any time in accordance with applicable laws and regulation. However, since as set forth above, consents are not being collected directly by BRAVE, please note that if you gave your informed consent to any of our Vendors you should contact such Vendor with your request to withdraw your consent and/or with respect to any other inquiry as to your information.
If you withdraw your consent in the appropriate manner through the applicable Vendor, BRAVE will no longer collect, use, share, or otherwise process personal data from you (unless we have a right and/or obligation to store your personal data under applicable law or regulation). We will also delete or de-identify the personal data we have stored about you within the period provided by GDPR, if the technology allows us to do so and subject to cooperation from the applicable Vendor who among others is required to send us your withdrawal request or request the withdrawal in your name.
Storage of Information
BRAVE only stores information in case of necessity. Typically, we delete all the information at least quarterly based on the analysis of the traffic and inventory quality control. Some information such as cookies may expire in accordance with the data subjects’ device settings. We do not need such information and we usually delete it unless it is necessary for performing our services. Certain laws and regulations may subject us to store user information for a particular period of time, including without limitations, money laundering laws, financial reporting regulations, tax laws etc. Furthermore, we may have to comply with the decision of the court of appropriate jurisdiction and maintain information for longer periods.
We share information with our Vendors as well as with our service providers, suppliers, etc., in order to be able to provide our services, to improve them or to develop new products and services. It is done to help them identify, buy advertising, and efficiently target other Vendors. Vendors may use this information in conjunction with other information they have independently collected to provide data subjects with targeted advertising materials. They also evaluate and analyze particular advertisement campaigns, inventory, etc.
We may also share user information in connection with mergers, consolidations or other events of change of control such as a sale of assets or shares. In this case, your informed consent, if applicable, will be granted to a new entity in accordance with the event of a change of control, all in accordance with and subject to applicable law.
In addition, BRAVE may share user information with law enforcement, regulatory authorities, courts with competent jurisdictions, emergency services or other necessary third parties for legal, protection, security, and safety purposes, including but not limited to the purpose of compliance with laws or regulatory requirements and to responses to lawful requests including requests of governmental entities, enforcement of policies and agreements, protection of our Vendors, our employees, directors, officers, shareholders, etc
BRAVE utilizes industry standard physical, technical, and administrative procedures to safeguard any personal information we collect. Please note that although no transmission or storage of information can ever be guaranteed to be completely secure, BRAVE takes all reasonable precautions to protect against security incidents. Unauthorized entry or use, hardware or software failure, and other factors may compromise data security. You acknowledge and agree to assume this risk when communicating with us.