THIS IS THE PRIVACY POLICY OF BUYER BRAIN.

Buyer Brain, as Controller, complies with EU Data Protection directive.

WHAT IS PERSONAL DATA?

Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

RIGHT OF THE DATA SUBJECTS

Rights which you are entitled to are: Data access rights, Right to restrict processing, Right of Rectification, Right to Erasure (Right to be Forgotten), Right to object to processing, Right to withdraw consent and Data portability rights.

INFORMATION WE COLLECT THROUGH THIS STUDY.

BUYER BRAIN is convinced that a privacy policy is of utmost importance.

Regarding the personal data, as per GDPR, BUYER BRAIN collects only the IP Addresses of the respondents, within its studies.

SCOPE OF THE STUDY

BUYER BRAIN uses and processes data collected only for market research and statistical analysis purposes.

CONFIDENTIALITY

Through this consent, BUYER BRAIN ensures the confidentiality of the respondents answers as well as any information or data provided by the respondent within its studies.

BUYER BRAIN guarantees the strict protection of personal data by protecting their confidentiality (for example, any information about an identified or identifiable person, an identifiable person being a person who can be identified directly or indirectly).

BUYER BRAIN may not use, without the express written consent of the respondent, the information obtained, for any purpose other than the fulfillment of the obligations assumed under this consent. BUYER BRAIN respects the personal data of respondents and does not sell, rent, loan, trade or otherwise transfer any personal data to any third party.

SECURITY

BUYER BRAIN uses appropriate operational and technological processes and procedures to ensure the protection of personal data against unauthorized use or access, loss, destruction, theft or disclosure thereof.

Data collected by BUYER BRAIN through its studies, are stored on the Amazon servers, which are GDPR compliant. Data collected are stored for a period of maximum 6 months, after which they are deleted.

The IP addresses are also collected in a third country, India, by a third party organisation, Terragni Consulting, and registered on the databases hosted on Survey Monkey servers, which are GDPR compliant. Data collected are stored for a period of maximum 6 months, after which they are deleted.

BUYER BRAIN agrees to take all the necessary and appropriate measures for the purpose of confidentiality and protection of personal data, including:

  • Restricting access to all personal data received from the Respondent; and
  • Not use, disclose or disallow access to such personal data of any third party except on the basis of the written authorization received from the Respondent.

Access to BUYER BRAIN’s databases is granted only to BUYER BRAIN employees that are directly involved in carrying out the studies.

BREACH NOTIFICATION

BUYER BRAIN confirms that disclosure or unauthorized use of personal data may cause injury to the Respondent. In the case of a personal data breach, BUYER BRAIN shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.