Last Updated: October 2025
Who is Brain Co?
Brain Co (“Brain Co,” “we,” “our,” or “us”) is a technology company based in the United States. We provide a platform and applications to help public, private, and non-governmental organizations leverage AI to drive tangible business outcomes, in a secure and privacy-protective way.This Privacy Policy (“Policy”) applies to the processing activities for which Brain Co and its affiliates act as a “data controller” on their own behalf. This Policy does not cover our clients’ processing of personal data using Brain Co’s platform or applications, as we act solely as a “data processor” for such processing activities. For more information, please refer to the sections entitled Why should you read this Policy and What does this Policy cover? below.
How can you contact us?
If you are looking to understand more about how we use your information, or to exercise your rights, you may reach us at info@brain.co.
Data Controller
Brain Co is a global company headquartered in San Francisco, California, USA. Brain Co is the entity responsible as controller for the processing of your personal data under this Policy in the course of conducting our business. In this Policy, where we refer to “Brain Co,” “we,” “our,” or “us,” we are referring to Brain Co, which decides how and why your information is used.
Why should you read this Policy and what does it cover?
Why should you read this Policy?
As a commercial business, Brain Co may collect, use, and disclose personal data in the course of our standard operations. Where Brain Co processes your personal data as controller, this Policy sets out how we process that data in compliance with data protection and consumer privacy laws. This Policy also explains what rights you have relating to that personal data.
What does this Policy cover?
This Policy sets out how we use and protect personal data. If you live or work in certain U.S. states, there is additional information at the end of this Policy that relates to our use of your personal data.It is important to note that this Policy does not apply to personal data we process on behalf of our clients. When we provide our platform and services to our clients, we act as a data processor. This means it is our clients, and not Brain Co, who are in control of what personal data and other information they process using our platform or applications, and how they do so. Where we are a data processor, we follow our clients’ instructions relating to that processing, in line with applicable laws.Consequently, this Policy does not apply to our clients’ processing of personal data using Brain Co’s platform or applications. If you are seeking to understand how one of our clients processes personal data using Brain Co’s platform or applications – or if you wish to exercise your rights in relation to any personal data a client may process using Brain Co’s platform or applications – the relevant client’s privacy statement is the best place to start to understand those details or to learn how to contact them.As you engage with our services or communications, you may encounter links to third parties outside of the control of Brain Co that enable you to share information with the controllers of those websites or services. We are not responsible for the privacy policies or the data collection, use, or disclosure practices of our clients or third-party sites unless we notify you otherwise. If you wish to understand how they process your personal data, we encourage you to review the privacy policies of each site you visit.
Use of Brain Co Websites and Applications
Your access to and use of Brain Co’s websites and applications are governed by these Terms of Use. By using our sites or applications, you agree to comply with these Terms and all applicable laws and regulations. If you do not agree, you should discontinue use immediately.
Intellectual Property
All content on Brain Co’s websites and applications—including text, graphics, logos, designs, images, videos, software, and other materials—is owned or licensed by Brain Co and protected by copyright, trademark, and other intellectual property laws. You may not reproduce, distribute, modify, publicly display, or create derivative works of any content without prior written authorization from Brain Co.
Acceptable Use
You agree not to misuse or interfere with the proper functioning of Brain Co’s websites or applications. Prohibited activities include but are not limited to:Attempting to gain unauthorized access to systems or accounts;Uploading or transmitting harmful code, malware, or spam;Scraping or data-mining Brain Co websites without permission;Using the site or applications for unlawful, fraudulent, or malicious purposes.Brain Co reserves the right to suspend or terminate access for users who violate these Terms or applicable law.
Disclaimers
The content and functionality on Brain Co’s websites and applications are provided “as is” and “as available,” without warranties of any kind, either express or implied. Brain Co does not guarantee that the websites, applications, or any content will be uninterrupted, error-free, or secure, or that any defects will be corrected.
Limitation of Liability
To the fullest extent permitted by law, Brain Co and its affiliates will not be liable for any indirect, incidental, consequential, special, punitive, or exemplary damages arising out of or relating to your access to or use of the websites or applications. In no event shall Brain Co’s total liability exceed one hundred U.S. dollars (US$100).
Third-Party Links
Brain Co’s websites may include links to third-party sites or resources. These links are provided for convenience only and do not signify endorsement. Brain Co is not responsible for the content, accuracy, or practices of any linked sites.
Changes to These Terms
Brain Co may modify these Terms at any time. When we make changes, we will update the “Last Updated” date at the top of this document. Continued use of our websites or applications following the posting of updates constitutes your acceptance of those changes.
Governing Law and Jurisdiction
These Terms and your use of Brain Co’s websites and applications are governed by the laws of the State of California, United States of America, without regard to its conflict-of-law principles. Any disputes arising out of or relating to your use of Brain Co’s websites or applications shall be resolved exclusively in the state or federal courts located in San Francisco County, California.
Job candidates
If you apply for a role with Brain Co, our Applicant Privacy Notice in this Policy contains information on how we will use your personal data.
Updates to this Statement
We may make updates to this Statement from time to time. When we do so, we will post those changes here, so please check back periodically for any updates. Where we make changes to our processing that may affect the rights of individuals affected by those changes, we will inform those individuals where possible.
What personal data do we collect?
Brain Co collects personal data through three main sources:
Personal data you provide to us, for example through forms or correspondence.
Personal data we collect automatically, for example when you visit Brain Co websites and as described in the Technical Data set out below.
Personal data from other sources such as our service providers, business partners, and publicly available personal data as set out below.
Categories of Personal Data
Contact Data
Name, address, email address, telephone number, mobile phone number, country of residence and social media handles. We may collect this information directly from you, your employer, from publicly available sources, our third-party partners who provide networking contact information, or indirectly through a third-party partner such as if we have co-hosted an event with them.
Professional Data
Company name, occupation contact details, occupation, employment history, areas of expertise, your experience with Brain Co’s platform and applications. We may collect this information directly from you, your employer, from publicly available sources, our third-party partners who provide networking contact information, or indirectly through a third-party partner such as if we have co-hosted an event with them.
Transaction Data
Platform and/or services engaged, types of applications of interest, information provided in the course of the purchase or attempted purchase of Brain Co platform access or services, eligibility information such as whether your company is a client of Brain Co. This can be collected when you engage with Brain Co.
Payment Data
Payment or billing information including tokenized payment details, as necessary. We may collect this information in the course of signing up for Brain Co services or through the use of our website to purchase Brain Co services. When you make a payment on our website, our payment processor collects your Payment Data and Contact Data directly from you. Brain Co does not provide Payment Data to that processor. As a result, the processor is an independent controller of information provided in the course of using its payment processing service on Brain Co platforms. Please refer to your payment provider’s privacy policy and terms.
Technical Data
IP address, operating system, browser information, user agent, identifiers such as cookie IDs (see Cookies and Tracking Technologies below and our Cookie Statement), mobile device ID, Wi-Fi data, interactions with Brain Co websites, authentication credentials, communications and promotional materials. We collect this automatically when you interact with Brain Co websites or third-party platforms hosting Brain Co content. For example, when we send marketing communications, we may collect data on whether you have opened a marketing communication you received or whether you clicked on any links in the message.
Product Usage Data
This includes interactions with our platforms and applications, such as features accessed, content viewed, actions taken (e.g., clicks, scrolls, inputs), and the duration and frequency of your activities.
Communication Data
Messages, correspondence, and other data created or generated by you when communicating with Brain Co via post, SMS, e-mail, posts on Brain Co or third-party channels, forums, social media platforms, other third-party platforms, or other means of electronic communication. We may collect this information when you interact with Brain Co or Brain Co employees, contractors, agents, third-party service providers and partners.
Government Identifiers
Government or state-issued photographic identification documentation such as passport or driver license – for example, when you provide it in the course of verifying your identity.
Audiovisual Data
Image, voice – including photographs, images, and audio and video recordings – collected through security and monitoring systems or recorded during events, for example when you participate in a Brain Co or Brain Co-affiliated event, visit a Brain Co office, or present at a seminar hosted by Brain Co.
Inferred Data
Preferences, likelihood of interest in Brain Co’s platform and/or services. Data generated by combining data such as Contact Data, Professional Data, Transaction Data, Technical Data, and Communication Data collected by Brain Co with information obtained from third parties including partners and publicly available sources, which assist with the sale of services, compliance with laws, and detection and prevention of fraudulent, deceptive, or illegal activity.
Contact Preferences
Consents or preferences that you give us, such as how you would like us to contact you or which Brain Co applications interest you.
Sources of Personal Data
We obtain personal data from a range of sources, depending on the context:Directly from you (for example when you fill out a form, register for an event, or correspond with us).From your employer (if they engage with Brain Co on your behalf or supply your contact details for a business relationship).Automatically through your use of our websites and platforms, via cookies and similar technologies.From service providers and partners (such as marketing firms, networking databases, or joint event organizers).From public databases and professional networking sites that publish business contact information.
Accuracy and Responsibility for Information You Provide
When you provide personal data to Brain Co, you are responsible for ensuring that it is accurate and up to date. If you believe that any of the information we hold about you is inaccurate or requires updating, please contact us at info@brain.co so that we can make appropriate corrections or updates.
Combination of Information
We may combine information we collect from the different sources listed above to improve the accuracy of our records, to understand your interests, and to provide a more personalized experience when you interact with Brain Co. For example, we may combine information collected through our website analytics tools with publicly available information to better understand which applications are most relevant to you or your organization.
Personal Data You Provide About Others
If you provide Brain Co with personal data relating to another individual (for example, a colleague or reference contact), you represent that you have the authority to do so and that you have provided them with a copy of this Policy or otherwise made them aware of how Brain Co will use their information.
Sensitive Personal Data
In general, we do not seek to collect “sensitive” personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health data, sex life or sexual orientation, genetic data, or biometric data used for identification purposes). However, in limited circumstances, we may collect such information when you voluntarily provide it or when required to comply with legal obligations (e.g., health and safety laws at in-person events or accommodation requests). We will apply appropriate safeguards to such information in accordance with applicable law.
Aggregated or De-Identified Information
We may aggregate or de-identify personal data so that it can no longer be used to identify a specific individual. Such information is not considered personal data under applicable law and may be used for any legitimate business purpose, including analytics, research, and improving our platform and applications. If we de-identify data, we will maintain it in de-identified form and will not attempt to re-identify it except as permitted by law (for example, to test the efficacy of our de-identification processes).
Lawful Basis for Processing (Informational)
While this Policy is U.S.-focused and Brain Co does not rely on the lawful basis concept under EU law, we nonetheless process personal data only for legitimate business purposes and in accordance with applicable data-protection requirements. These purposes include providing our platform and services, operating our business, communicating with clients and partners, fulfilling contractual and legal obligations, and protecting the rights and interests of Brain Co and others.Brain Co processes personal data in reliance on one or more of the following legal bases, depending on the context:
Contractual necessity – to perform our obligations under an agreement with you or your organization, such as providing access to Brain Co’s platform and applications.
Legitimate interests – to operate, secure, and improve our business and services, maintain relationships with clients, prevent fraud, and ensure network and information security.
Legal obligations – to comply with laws, regulations, court orders, or lawful governmental requests.
Consent – where required by law or where Brain Co seeks permission for specific processing, such as certain marketing or cookie activities.When we rely on legitimate interests, we balance those interests against your rights and expectations and implement appropriate safeguards.
Data We Do Not Collect
Unless explicitly stated otherwise, we do not intentionally collect the following through our websites or platform: Financial account numbers, except as required to process payments through authorized processors. Any information about individuals under 16 years old. Any biometric data for identification or surveillance purposes.
Retention of This Information
How long we retain each category of personal data is described later in this Policy (see How long do we keep your personal data?), but in general we keep personal data for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, and to protect our rights.
Why and How We Use Your Personal Data
The following section lets you know how and why we use the personal data we collect.
1. To Conduct Our Business Operations and Provide Our Platform and Services
To communicate with you: We use your information, including Contact Data and Communication Data, so that we can communicate with you, answer your queries, or get in touch to understand if you are interested in Brain Co’s platform and applications.
To provide you with our platform and services: We use your information, including your Contact Data, Payment Data, Technical Data, Communication Data, Professional Data, and Training and Educational Data, depending on the services provided, for various reasons, including to verify your identity, send communications relating to the service engaged, provide you with our platform and services (including training or certification services), fulfill our contract with you, provide you with access to our platform and applications.
To process financial transactions: We use your information, including Contact Data, Communication Data, Payment Data, and Transaction Data to process transactions and to provide you with Brain Co services. Payment processing is handled by our payment processor as noted above.
To analyze activity on our websites and improve our public-facing platforms and communications: We use your information, including Technical Data, Communication Data and Training and Educational Data to understand how you use our websites, forums, or training platforms and to understand and improve your experience of those websites, training platforms, and the communications we send.
To enable business transfers and transactions: We process your information in connection with transactions if there is a proposed or actual merger, purchase, sale, acquisition, financing due diligence, transition of service to another service provider, divestiture, bankruptcy, restructuring, receivership, reorganization, dissolution, or other sale or transfer of some or all of Brain Co’s assets, in which personal information processed by Brain Co pursuant to this Policy forms part of the assets transferred or sold.
To ensure compliance with our obligations: We may access, preserve, process, or disclose your information, where required, to comply with a court order or legal requirement, including to respond to governmental or regulatory requests, verify your identity when accessing Brain Co’s platform and applications, enforce our policies and contracts, collect amounts owed to us, or assist with an investigation or prosecution of suspected or actual illegal activity.
To protect the rights, property, life, health, safety, or security: We process your information, where required, to protect the rights, property, life, health, safety, or security of Brain Co, our employees, our users (including you), or others.
To measure, develop, and improve our platform and services: We process your information, including Contact Data, Technical Data, and Communication Data to develop, improve, and measure the performance of our platform and services.
To create de-identified and aggregated information: We may use personal information to create de-identified and/or aggregated information.
2. To Enable Our Sales and Marketing Functions to Carry Out Marketing Related to Brain Co’s Platform and Applications
To send sales and marketing communications: We use your Contact Data, Professional Data, Technical Data, Communication Data, Transaction Data, Training and Educational Data, Inferred Data, and Contact Preferences to send you marketing communications about Brain Co’s platform and applications you have purchased or attempted to purchase, or communications about Brain Co’s platform and applications we think you might be interested in or events you might wish to attend, and to carry out targeted marketing campaigns including posts to third-party platforms such as social-media platforms and networking websites.
To understand who would be most interested and to personalize our communications: We use the data listed above to understand who may be interested in our platform and applications and to personalize communications.
To analyze the effectiveness of our communications: We use your Contact Data, Communication Data, and Technical Data to understand the impact of our communications.
To target advertising: We use your Contact Data, Professional Data, Communication Data, Technical Data, Transaction Data, Training and Educational Data, and Inferred Data to target advertisements and messages to you.
3. To Manage Your Visit to a Brain Co Managed Space or Event
To enable your visit to a Brain Co designated space:We process your Contact Data, Communication Data, Professional Data, Technical Data, and Audiovisual Data when you attend a Brain Co designated space such as offices or pop-ups.
Event management: We process your Contact Data, Professional Data, Communication Data, Audiovisual Data, and Technical Data to enable your attendance at Brain Co-hosted or affiliated events such as conferences or webinars.
To protect our business, our visitors, and others: We process your personal data, which can include Contact Data, Professional Data, Transaction Data, Technical Data, Audiovisual Data, and Communication Data, to monitor for or detect fraudulent, harmful, or illegal activity.
4. To Comply with Legal Obligations and Maintain the Physical and Information Security of Brain Co’s Platform and Services, Employees, and Partners
To comply with legal obligations: Where necessary, we use your personal data, including Contact Data, Technical Data, Communication Data, and Government Identifiers, to comply with legal obligations such as tax reporting, regulatory requirements, or fulfilling your rights request.
To help you exercise your rights and control over your personal data: Where you contact us to exercise your rights as a data subject or to opt-out from certain forms of communication, we may need to further process your personal data such as Contact Data, Communication Data and any applicable personal data together with any Government Identifiers you may provide, to comply with your request (for example, if you request a copy of your personal data and you provide your ID to confirm your identity).
To protect our business and others: We process your personal data, which can include Contact Data, Professional Data, Payment Data, Transaction Data, Technical Data, Audiovisual Data, and Communication Data, to monitor for or detect fraudulent, harmful, or illegal activity.
5. Additional Purposes
In addition to the purposes described above, Brain Co may use your personal data as otherwise permitted or required by applicable law, or as disclosed to you at the time your data is collected.
When Do We Share Your Personal Data
Brain Co may disclose or transfer personal information that we process as required in the course of operating our business to the following recipients and for the following purposes:
Brain Co Affiliates
Personal data is disclosed to and from Brain Co and its affiliates to enable and fulfill our business operations requirements. Affiliates are bound by contractual obligations to process any personal information in compliance with data protection and consumer privacy laws that apply.
Service Providers
We disclose information as needed to our agents, contractors, and service providers. These parties are bound by contractual obligations to keep personal data confidential and use it only for the purposes of providing services for, or with, us. Examples include marketing and sales services, event management, website hosting, information-technology support, analytics, payment processing, and training providers.
Third Parties
We disclose your personal data to third parties, including partners, in situations such as the following:
Identity Verification and Platform Access: To verify your identity when signing up for our platform and applications.
Payment Processing: To payment-processing vendors that enable secure billing.
Training and Certification: To provide your employer with details of your participation, progress, and results for any training courses, quizzes, or certifications you register for with us when these are taken as part of your employment.
Business Transfers: To prospective or actual counterparties in a merger, acquisition, financing, due-diligence process, or sale of Brain Co assets, as described above.
Co-Branded Services and Joint Marketing: To partners when offering co-branded services, running branded events, or engaging in joint marketing.
Advertising and Analytics: To show you relevant advertisements and measure campaign effectiveness.
Legal and Regulatory Disclosures: To comply with a court order or legal requirement, respond to governmental or regulatory requests, enforce our policies or contracts, or assist with an investigation or prosecution of suspected or actual illegal activity.
Protection of Rights and Safety: Where disclosure is necessary to protect the rights, safety, or property of Brain Co, our users, employees, or others.
Corporate Affiliates: Where Brain Co creates or acquires subsidiaries within the United States, we may share information among those controlled entities for internal administrative purposes, consistent with this Policy and applicable law.
Professional Advisors: We may share your personal data with our professional advisors (such as accountants, auditors, or legal counsel) where necessary for the purposes of obtaining advice or protecting and managing our business interests.
Government Authorities and Law Enforcement: We may disclose personal data to competent authorities when required by law or when we believe disclosure is necessary to comply with legal obligations, protect our rights, or prevent fraud or other illegal activity.
At Your Request or Direction: We may share your information where you instruct us to do so — for example, if you authorize Brain Co to connect your account with a partner platform or to provide a reference confirming your participation in a Brain Co program.
Business Transfers and Corporate Events: In the event of a merger, acquisition, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Brain Co’s assets (whether as a going concern or as part of bankruptcy, liquidation, or similar proceedings), personal data held by Brain Co about our customers, users, or visitors may be among the assets transferred. You acknowledge that such transfers may occur and that any acquirer of Brain Co or its assets may continue to process your personal information as set forth in this Policy.
Data Sharing Safeguards
Whenever Brain Co shares personal data with service providers or third parties, we require them to take appropriate security and confidentiality measures and to process the data only for the specific purposes described in this Policy or as otherwise authorized by law. Where applicable, we enter into written agreements that impose equivalent protections on any third-party recipient.
Cross-Border Sharing
Brain Co is a U.S.-based company. However, some of our service providers may process information in other jurisdictions (for example, cloud-hosting environments).Regardless of where processing occurs, we implement measures to ensure that any cross-border transfers of personal data comply with applicable laws and that your data continues to receive appropriate protection consistent with this Policy.
No Sale for Monetary Consideration
Brain Co does not sell your personal data for monetary consideration.However, as explained later in the U.S. State Privacy Law Notice, certain uses of cookies and analytics tools may be deemed a “sale” or “sharing” under specific state privacy statutes.You can opt out of such activities through the mechanisms described in that section and in our Cookie Statement.
De-Identification and Aggregate Information Sharing
We may share de-identified or aggregate information with third parties for research, analysis, and other lawful business purposes.Such information cannot reasonably be used to identify you.When we share de-identified data, we maintain it in de-identified form and do not attempt to re-identify it except as allowed by law — for example, to test the effectiveness of our de-identification processes.
Security and Confidentiality Obligations for Recipients
Brain Co requires all third parties with whom it shares data to:Use the information only for the specified purpose;Protect it using appropriate technical and organizational safeguards; andComply with all applicable privacy and data-protection laws.We perform diligence on these third parties before permitting them to handle personal data and periodically review their controls.
Transparency and Updates to Sharing Practices
Brain Co reviews and may update its sharing practices periodically to reflect changes in business operations or legal requirements.When we make material updates, we will modify this Policy accordingly and post a revised version on brain.co with a new “Last Updated” date.
Cookies and Tracking Technologies
We and our service providers use cookies, web beacons, pixels, scripts, and similar technologies (collectively, “cookies”) to recognize you when you visit our websites, measure the effectiveness of communications, remember your preferences, and generally help us understand how our sites and services are used.Cookies allow us to distinguish you from other visitors, which improves your overall experience and lets us tailor content and features to your interests.
What Are Cookies?
Cookies are small text files that websites store on your computer or mobile device when you visit them. They allow a website to remember your device and how you interacted with it.Some cookies are session-based (they expire when you close your browser); others are persistent (they remain on your device until deleted or expire after a defined period).
Types of Cookies We UseStrictly Necessary Cookies – These are required for the website to function properly and to enable you to move around and use its features, such as accessing secure areas. Without them, services you have asked for—like secure login or language preferences—cannot be provided.
Performance or Analytics Cookies – These collect information about how visitors use our websites, for example which pages are visited most often and if they receive error messages. The data helps us measure and improve performance and user experience.
Functional Cookies – These allow our websites to remember choices you make (such as your region or user name) and provide enhanced, more personal features. They may also be used to provide services you request, like watching a video or commenting on a blog.
Targeting or Advertising Cookies – These record your visit to our websites, the pages you have visited, and the links you have followed so we can make our websites and the advertising displayed on them more relevant to your interests. They may also limit how many times you see an advertisement and help measure the effectiveness of advertising campaigns.
First-Party and Third-Party Cookies
Some cookies are placed by Brain Co (“first-party cookies”). Others are placed by third parties that provide services for analytics, social media, or advertising (“third-party cookies”). Third parties may use these technologies to collect information about your online activities over time and across different websites or applications for interest-based advertising or measurement.Brain Co does not control the operation of third-party cookies and encourages you to review those providers’ own privacy or cookie statements.
Analytics and Advertising Technologies
We use analytics tools (including but not limited to Google Analytics, LinkedIn Insights Tag, and similar services) to help us understand how visitors engage with our sites.These tools use cookies and other technologies to collect and analyze information about your use of the websites and to report on activities and trends.This information is used to improve the functionality and user experience of our sites.You can learn more about Google’s practices at www.google.com/policies/privacy/partners, and you may opt out by downloading the Google Analytics Opt-out Browser Add-on.We may also use social-media pixels (for example, the Meta Pixel or LinkedIn Pixel) to measure the effectiveness of our communications and better understand audience engagement.These pixels may enable those platforms to identify you for purposes of targeted advertising.You can manage your ad preferences on those platforms directly.
Do Not Track and Global Privacy Control Signals
Some browsers transmit “Do Not Track” (“DNT”) or “Global Privacy Control” (“GPC”) signals.Our websites currently respond to legally recognized GPC signals as required by applicable U.S. state privacy laws.Where mandated, we will treat such signals as requests to opt out of any “sale” or “sharing” of personal information for cross-context behavioral advertising.
Your Choices and Controls Over Cookies
You have several options to control or limit how cookies and similar technologies are used:Browser Settings: Most web browsers automatically accept cookies but allow you to modify your settings to refuse or delete cookies. Please note that if you choose to disable cookies, some features of our websites may not function properly.
Cookie Consent Manager: When you first visit a Brain Co website, you will see a cookie banner allowing you to manage your cookie preferences. You can update those preferences at any time using the “Cookie Settings” link on our sites.
Analytics Opt-Out: You can prevent your data from being used by Google Analytics as described above, or by following the opt-out mechanisms provided by other analytics vendors we may use.Email Tracking: If you do not want Brain Co to collect information about whether you open or click links in marketing emails, you can unsubscribe from those communications by following the instructions at the bottom of each message.
Retention of Cookie Data
Cookies remain on your device for varying lengths of time depending on whether they are session or persistent cookies. Persistent cookies are retained until their expiration date or until you delete them using your browser or system tools.We maintain internal schedules to periodically review and remove obsolete cookies and associated log data.
Third-Party Links and Plug-Ins
Brain Co’s websites may include social-media features such as “Like” or “Share” buttons. These features may collect your IP address and which page you are visiting and may set a cookie to enable the feature to function. Your interactions with these features are governed by the privacy policy of the company providing them.
Changes to Cookie Practices
We review our use of cookies and related technologies regularly and may update our Cookie Statement to reflect new cookies we use or changes in applicable laws or guidance. Any updates will be posted on our websites with a new “Last Updated” date.
How Long We Keep Your Personal Data
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to satisfy legal, accounting, audit, security, or reporting requirements. To determine an appropriate retention period, we consider:the amount, nature, and sensitivity of the personal data;the potential risk of harm from unauthorized use or disclosure;the purposes for which we process the data and whether those purposes can be achieved through other means; andapplicable legal, regulatory, tax, accounting, or other requirements.We also consider the periods for which we may need to retain data to comply with our legal obligations or to respond to complaints, inquiries, investigations, audits, or legal claims. Brain Co applies internal retention schedules that set default and maximum periods for each data category. In general, we retain: Client-relationship data (e.g., Contact Data, Professional Data, Transaction Data) for the duration of our relationship and a reasonable period thereafter to maintain business records; Marketing data (e.g., Contact Preferences and Inferred Data) until you withdraw consent or opt out, subject to reasonable implementation times; Technical Data and logs for the time needed to secure, analyze, troubleshoot, and audit our systems; and Training/certification records for the life of the credential and any renewal window required for verification or compliance. When personal data is no longer needed, we delete, anonymize, or aggregate it consistent with our retention policy and applicable law. Where deletion is not feasible (for example, because the data is stored in backup archives), we isolate it and apply technical and organizational measures to prevent further processing until deletion becomes possible. If we de-identify or anonymize data, we will maintain it in de-identified form and will not attempt to re-identify it except to test or validate our de-identification processes or as otherwise permitted by law.
Security Measures
Brain Co maintains physical, technical, and organizational measures designed to protect personal information from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.These measures include encryption in transit and at rest, access controls based on role and need-to-know principles, monitoring of systems for security incidents, periodic testing and audits, and mandatory privacy and security training for personnel handling personal data.
International Transfers of Your Personal Data
Brain Co is a U.S.-based company, and most processing occurs in the United States. However, we and our service providers may process personal data in other countries where we or they maintain facilities (for example, cloud-hosting regions or support locations).Whenever we transfer personal data across borders, we implement appropriate safeguards to ensure the data remains protected in accordance with this Policy and applicable law. These safeguards may include: Standard contractual clauses or other approved data-transfer agreements with our service providers; Intra-group agreements imposing consistent privacy and security requirements across Brain Co entities; Vendor due-diligence reviews that verify security, privacy, and compliance controls; and Technical/organizational measures such as encryption, access controls, and data-minimization.If you are located outside the United States and choose to provide information to Brain Co, you acknowledge that your personal data may be transferred to and processed in the United States, where privacy laws may differ from those in your jurisdiction. Regardless of location, we protect your information as described in this Policy and ensure cross-border transfers comply with applicable legal requirements.
Children’s Personal Data
Our websites, platform, and applications are not directed to children under 16. We do not knowingly collect or solicit personal data from anyone under 16. If we learn that we have collected personal data from a child under 16 without verified parental consent, we will delete it as soon as practicable unless retention is required by law.If you believe a child under 16 has provided personal data to Brain Co, please contact info@brain.co so we can investigate and take appropriate action.
Your Rights in Relation to Your Personal Data
Depending on where you live, work, or interact with Brain Co, applicable privacy and consumer-protection laws may provide you with specific rights in relation to the personal data that we hold about you. These rights are not absolute and may be subject to limitations under the law—for example, where we have compelling legitimate grounds or are required by law to retain certain information.In accordance with applicable laws, you may have some or all of the following rights:
Right to Know and Access
You have the right to request that we confirm whether we process personal data about you, and if we do, to provide you with access to that personal data and related details, including the categories and sources of data collected, the purposes for which we use it, and the types of third parties with whom we share it.
Right to Correct (Rectify)
You may request that we correct inaccurate personal data or complete incomplete personal data we hold about you.
Right to Delete (Erase)
You may request that we delete your personal data where there is no lawful reason for us to continue processing it. However, we may retain certain data to comply with legal obligations, resolve disputes, enforce agreements, or as otherwise permitted by law.
Right to Data Portability
You may request a copy of your personal data in a structured, commonly used, and machine-readable format and have it transmitted to another controller where technically feasible.Right to Restrict or Limit Processing
You may request that we restrict our use of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to our processing, pending verification of our legitimate grounds.
Right to Withdraw Consent
Where our processing of your personal data is based on your consent, you may withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of any processing conducted before the withdrawal.
Right to Object
You may object to our processing of your personal data where such processing is based on our legitimate interests (including profiling based on those interests) or for direct-marketing purposes.
Right to Opt Out of Sale or Sharing
You may request that we do not “sell” or “share” your personal data for cross-context behavioral advertising as defined by applicable U.S. state privacy laws.
Right to Limit Use and Disclosure of Sensitive Personal Data
In certain jurisdictions, you may request that we limit our use and disclosure of sensitive personal data to only what is necessary to provide requested goods or services.
Right to Non-Discrimination
You have the right not to receive discriminatory treatment for exercising any of your privacy rights. This includes the right not to be denied services, charged different prices, or provided a different level or quality of service.
Right to Appeal
If Brain Co declines to act on your privacy request, you may appeal our decision by contacting info@brain.co with the subject line “Privacy Appeal.” We will respond to all verified appeals within forty-five (45) days and provide a written explanation of the outcome. If you remain unsatisfied with the outcome of an appeal or our handling of a privacy request, you may have the right to lodge a complaint with a relevant supervisory authority or state attorney general’s office. The appropriate authority depends on your location; for U.S. residents, this may include your state Attorney General. We encourage you to contact us first at info@brain.co so we can try to resolve your concern.
Right to Designate an Authorized Agent
You may appoint an authorized agent to exercise rights on your behalf, subject to verification of both your identity and the agent’s authorization.If you live or work in certain U.S. states, you may also have additional rights set out in the U.S. State Privacy Law Notice later in this Policy.
Exercising Your Rights
You can exercise your rights by contacting us at info@brain.co. We will review and respond to verified requests in accordance with applicable privacy laws.If your request concerns data that Brain Co processes as a service provider or contractor on behalf of a client, please direct your request to that client, as they are the controller responsible for responding.When submitting a request, please provide enough detail to enable us to locate the relevant data and confirm your identity. For example, you may specify:The type of request (access, deletion, correction, etc.);The nature of your relationship with Brain Co (e.g., client representative, website visitor, applicant); and Contact identifiers (such as email address or phone number) used during interactions with Brain Co.We may contact you for clarification or to obtain additional information necessary to verify your identity and locate the relevant records.Brain Co does not charge a fee for responding to requests unless they are manifestly unfounded, repetitive, or excessive, in which case we may charge a reasonable fee or refuse to act on the request.We will handle all personal data collected in connection with your request in accordance with this Policy and applicable law.
Verification Process
To protect your privacy and maintain the security of your personal data, Brain Co takes reasonable steps to verify your identity before fulfilling a rights request.The verification steps we take depend on the nature of your request and the sensitivity of the information involved.We may verify your identity by: Matching identifying information you provide with information already maintained in our records; Requesting additional identifying details, such as a recently used device identifier, transaction record, or communication history; orIn limited cases, requesting a copy of government-issued identification or other documents sufficient to confirm identity and prevent unauthorized access or deletion of data. We will only use verification information for this purpose and will delete or de-identify it once the verification process is complete.If we cannot verify your identity to a reasonable degree of certainty, we may be unable to fulfill your request.We will notify you if verification cannot be achieved and explain what additional information is required.
Authorized Agents
In jurisdictions that permit the use of an authorized agent, you may designate an agent to make privacy requests on your behalf.Authorized agents must provide:Written authorization from you permitting the agent to act on your behalf; andProof of their identity.In some cases, Brain Co may also require that you directly verify your identity with us and confirm that you have granted the agent authority.If we cannot verify the agent’s authorization, we may deny the request and notify both you and the agent of the reason.
Response Times
Brain Co strives to respond to privacy requests within the timeframe required by applicable laws—generally within 45 days of receipt.If we need additional time to complete your request, we will inform you of the reason for the delay and the anticipated extension period.Where we are unable to act on a request, we will explain the reason and any options available to you.We will retain a record of each request and our response for compliance and accountability purposes.
Appeals
If Brain Co declines to act on a privacy request, you may have the right to appeal that decision.Appeals can be submitted to info@brain.co with the subject line “Privacy Appeal.”We will review and respond to appeals in accordance with applicable laws and will include a written explanation of the outcome.If you remain unsatisfied, you may have the right to contact your state attorney general or another supervisory authority, as provided by law.
Opt-Out Preference Signals
Brain Co honors opt-out preference signals where required by U.S. state privacy laws. This includes the Global Privacy Control (GPC) signal or other legally recognized mechanisms that communicate a consumer’s choice to opt out of the sale or sharing of personal information.When a GPC or similar signal is detected and recognized by our systems, we treat it as a valid request to opt out of the sale or sharing of personal data associated with the browser or device that sent the signal.You may also opt out manually by submitting a request to info@brain.co or by using the “Do Not Sell or Share My Personal Information” link available on our websites where applicable.
Non-Discrimination
Brain Co will not discriminate against you for exercising your privacy rights.This means that, consistent with applicable law, we will not:Deny you goods or services;Charge you different prices or rates for goods or services;Provide a different level or quality of goods or services; orSuggest that you may receive a different price or level of service because you exercised your rights.We may, however, offer financial incentives, loyalty programs, or similar benefits that are reasonably related to the value of your personal information, where permitted by law.If we do so, we will provide you with clear written terms describing the program and obtain your consent to participate.
Recordkeeping
Brain Co maintains internal records of all privacy requests and responses for at least the period required by applicable law.We use these records exclusively for compliance, auditing, and accountability purposes.We also periodically review our request-handling processes to ensure accuracy, timeliness, and fairness.
Security Measures Related to Rights Requests
We implement strict technical and organizational measures to protect the information submitted in connection with privacy requests, including secure submission channels, limited access controls, and encryption in transit and at rest.We continuously monitor and test these controls to prevent unauthorized disclosure or alteration of personal data.
Contact for Rights Requests
If you have questions about your privacy rights or wish to exercise them, please contact:
Email: info@brain.co
Mail: Attention – Legal DepartmentBrain CoSan Francisco, California, USAWhen contacting us, please include sufficient information to allow us to verify your identity and locate responsive records (for example, the nature of the request and any email addresses you may have used when engaging with Brain Co).
Additional Notices for Certain U.S. States
Residents of California, Colorado, Connecticut, Utah, Virginia, Texas, and other states with enacted consumer-privacy laws may have additional rights and disclosures, as detailed in the U.S. State Privacy Law Notice section of this Policy.
Applicant Privacy Notice
This Applicant Privacy Notice (“Notice”) describes how Brain Co (“Brain Co,” “we,” “our,” or “us”) collects, uses, discloses, and protects personal data relating to job applicants and candidates who apply for roles with Brain Co.It also explains your rights and choices with respect to that information. This Notice applies to any personal data submitted through our recruiting systems, third-party recruiting platforms, referrals, or other channels used for recruitment and hiring.If you are offered and accept employment with Brain Co, the personal data we collected during the application process will become part of your employment record and be handled under our internal Employee Privacy Policy.
Scope of this Notice
This Notice applies to all candidates who apply for positions with Brain Co, whether directly through our career site, via a recruiter or third-party employment platform, through referrals, or by other means.It covers both U.S.-based and international candidates but reflects our U.S.-centered operations and data practices.Brain Co may collect personal data about you in connection with:your submission of an application,your participation in interviews or assessments,reference or background checks, orother interactions during the recruitment process.
Categories of Personal Data We Collect
Depending on your interactions with us and the requirements of the role, we may collect and process the following categories of personal data about you:
Identification Data
Name, preferred name, title, date of birth, contact details (email address, telephone number, and mailing address), and unique identifiers (e.g., application IDs).
Application and Professional Data
Employment history, job titles, previous employers, qualifications, academic and professional certifications, education history, skills, experience, and information included in your résumé, cover letter, or other application materials.
Background and Verification Data
Information obtained through reference checks or background checks (where permitted by law), such as employment verification, education records, and criminal history information.
Demographic Data
Where permitted or required by law, we may collect information about gender, race or ethnicity, veteran status, or disability status for equal employment opportunity reporting and diversity monitoring.
Immigration and Work Authorization Data
Information necessary to verify your right to work, such as visa status, citizenship, or immigration documentation.
Interview and Assessment Data
Notes from interviews, technical evaluations, coding exercises, or written assessments conducted during the application process.
Technical and Device Data
When you interact with our online application systems or career portal, we may automatically collect information such as IP address, device identifiers, browser type, and activity logs (see “Cookies and Tracking Technologies”).
Audio, Visual, and Communications Data
Recordings or images captured during video interviews, assessment sessions, or in-person interactions at Brain Co offices or events.
Reference Data
Information provided by individuals you identify as references, including their contact information and feedback on your qualifications, performance, or character.
Publicly Available Information
Professional or employment-related information available from public or commercial sources, such as LinkedIn profiles or professional directories.
Sensitive Personal Data (Limited Use)
In limited circumstances, Brain Co may collect sensitive personal data, such as health information (for accommodation requests or workplace-safety reasons) or demographic data voluntarily disclosed for equal-opportunity purposes.
We only collect this information where required by law or voluntarily provided by you and apply appropriate safeguards to its use.
Sources of Personal Data
We collect personal data about you from the following sources: Directly from you – information you provide in your application, interviews, or other communications with Brain Co; Recruiters and recruitment agencies – third-party partners engaged to identify and refer candidates; Referrals – information provided by current or former employees, business partners, or other individuals referring you for a position; Third-party job platforms – data shared with us when you apply through job boards, professional networks, or recruitment websites; Public sources – such as professional networking sites, publicly available databases, or online portfolios relevant to your candidacy; and Background-screening providers – when applicable, we may obtain verification data from external vendors that conduct background or reference checks, in accordance with applicable laws.
Purposes for Processing Applicant Data
Brain Co processes applicant personal data for legitimate business and legal purposes, including:
Recruitment and Selection
Evaluating your skills, experience, and qualifications against job requirements;Communicating with you about your application status, interviews, or other aspects of the recruitment process;Scheduling and conducting interviews, assessments, or background checks;Managing the recruitment pipeline, including creating candidate profiles and maintaining a record of your application.
Hiring and Onboarding
Assessing and verifying your eligibility to work;Preparing an employment offer and onboarding documentation;Conducting pre-employment background checks and verifying academic or professional qualifications where required;Coordinating relocation, immigration, or visa processes, where applicable.
Compliance with Legal and Regulatory Obligations
Complying with applicable labor, employment, immigration, and equal-opportunity laws;Responding to lawful requests from government or regulatory authorities;Maintaining records required for corporate governance, audits, and legal compliance.
Diversity, Equity, and Inclusion Programs
Where permitted by law, collecting and analyzing diversity-related data to ensure equal employment opportunity, identify trends, and measure the effectiveness of DEI initiatives.Participation in such programs is voluntary unless otherwise required by applicable law.
Internal Reporting and Analytics
Compiling statistics related to recruitment, such as applicant demographics, hiring conversion rates, and time-to-fill metrics;Improving our hiring processes, candidate experience, and workforce-planning capabilities.
Security and Fraud Prevention
Monitoring, detecting, and preventing unauthorized access to Brain Co systems;Protecting the safety, integrity, and security of Brain Co facilities, personnel, and information assets.
Defense of Legal Claims and Business Interests
Establishing, exercising, or defending against potential legal claims;Managing risk and maintaining internal business records consistent with legal and regulatory requirements.We process applicant personal data only for the purposes described above or for compatible purposes that are not inconsistent with the original intent of collection.
When We Share Applicant Data
Brain Co may disclose applicant personal data to the following categories of recipients, always subject to appropriate contractual and confidentiality safeguards:
Within Brain Co
Your personal data may be shared internally among Brain Co personnel who have a legitimate business need to access it, such as members of Human Resources, Recruiting, Legal, Finance, and relevant hiring managers.All internal recipients are bound by confidentiality obligations and access controls.
Service Providers and Vendors
We use third-party service providers to assist with recruiting and employment-related activities. Examples include:Recruitment-management platforms and applicant-tracking systems;Background-check and reference-verification vendors;Technology and IT-support providers;Travel and relocation coordinators; andProfessional advisers such as law firms and auditors.These providers are contractually obligated to use applicant data only for the purposes of providing services to Brain Co and to protect it in accordance with this Notice and applicable law.
Government Authorities and Regulators
We may disclose personal data to government agencies, regulators, or law-enforcement bodies where required by law, regulation, or court order, or where disclosure is necessary to establish, exercise, or defend legal rights.
Corporate Transactions
If Brain Co undergoes a merger, acquisition, restructuring, reorganization, or sale of assets, applicant personal data may be transferred to the acquiring or successor entity, consistent with this Notice and applicable law.If such a transaction occurs, we will take steps to ensure that your personal data continues to be processed in a manner consistent with this Notice.
Professional References and Former Employers
Where applicable, we may share limited information with individuals or organizations you identify as references or with former employers to verify work history or qualifications.
Authorized Disclosures at Your Direction
We may share your data with third parties at your request or with your consent—for example, when you ask us to provide verification of employment eligibility to a recruiter, government agency, or immigration authority.Brain Co does not sell applicant personal data for monetary consideration and does not share it for cross-context behavioral advertising.
Retention of Applicant Data
Brain Co retains applicant personal data for as long as necessary to:complete the recruitment and selection process;comply with legal and regulatory obligations;defend against potential claims; andmaintain records of hiring decisions for legitimate business purposes.Retention periods vary depending on the nature of the data and the jurisdiction. In general: Successful candidates’ information becomes part of their employment record and is retained for the duration of employment and thereafter in accordance with our employee-data retention policies; Unsuccessful candidates’ information is typically retained for a limited period (for example, one to three years) to comply with record-keeping requirements, defend legal claims, and consider candidates for future opportunities; and Background-check information and other sensitive data are retained only as long as necessary to fulfill the purpose for which they were collected or as required by law. Once data is no longer required, we securely delete, de-identify, or anonymize it in accordance with applicable law. Where deletion is not immediately feasible (for example, stored in archival backups), the data is segregated and protected from further use until it can be securely removed.
Security of Applicant Data
Brain Co takes the security of applicant personal data seriously and maintains appropriate technical, administrative, and organizational measures to protect it from unauthorized access, loss, misuse, alteration, or disclosure. These safeguards include: Role-based access controls limiting which employees or contractors may access applicant data; Encryption of data in transit and at rest where technically feasible; Monitoring and auditing of systems handling applicant information; Secure disposal and deletion of data when retention periods expire; and Periodic reviews and updates of policies and training to ensure ongoing compliance with data-protection requirements. Despite these measures, no security system is completely impenetrable. We therefore cannot guarantee the absolute security of information transmitted to or stored by Brain Co. If we become aware of a data breach affecting applicant information, we will investigate promptly and notify affected individuals in accordance with applicable law.Y
our Rights as an Applicant
Applicants have similar privacy rights to other individuals whose personal data is processed by Brain Co. Depending on your jurisdiction, these may include:
Access and Portability
You may request a copy of the personal data we hold about you and information about how it has been used, as well as request a portable copy in a structured, commonly used, machine-readable format.
Correction or Update
You may request correction of any inaccurate or incomplete personal data.
Deletion
You may request deletion of your personal data, subject to Brain Co’s need to retain certain information as required by law or for legitimate business purposes (for example, to maintain hiring records or defend legal claims).
Restriction or Objection
You may request that we restrict or cease certain processing activities, particularly where processing is based on our legitimate interests.
Withdrawal of Consent
If processing is based on your consent, you may withdraw that consent at any time, though this will not affect the lawfulness of prior processing.
Right to Lodge a Complaint
You have the right to lodge a complaint with a data-protection authority or other competent supervisory body where applicable.Brain Co will not discriminate against you for exercising your privacy rights, and your candidacy will not be adversely affected by any such request.
Exercising Your Applicant Rights
To exercise your rights under this Notice, please contact us at info@brain.co and include “Applicant Privacy Request” in the subject line.We will verify your identity before responding to a rights request, using methods consistent with the sensitivity of the data involved. This may include confirming identifying information you previously provided during the application process.If your request involves data obtained through a recruiter or third-party recruitment platform, we may refer you to that platform to exercise your rights directly, where appropriate.Brain Co aims to respond to all verified requests within the timeframes established by applicable law. If we require additional time, we will inform you of the reason and expected extension period.If we decline to act on your request, you will receive an explanation and information on how to appeal the decision.
Automated Decision-Making
Brain Co does not use automated decision-making or profiling in its hiring processes that produce legal or similarly significant effects for applicants.Where automated tools are used to assist in evaluating skills (for example, screening questions or skills assessments), results are always reviewed by human decision-makers as part of a holistic evaluation of each candidate.
Changes to This Applicant Privacy Notice
We may update this Applicant Privacy Notice periodically to reflect changes in our recruitment practices, applicable laws, or business operations.When we make material changes, we will post the updated Notice on our careers page with a new “Last Updated” date.If the changes materially affect how we process applicant data already collected, we will provide additional notice or obtain consent where required by law.Contact InformationIf you have any questions, concerns, or complaints about this Applicant Privacy Notice or Brain Co’s handling of your personal data, please contact us using one of the methods below:
Email: info@brain.co
Mail: Attention – Legal DepartmentBrain CoSan Francisco, California, USA
We will review and respond to all privacy inquiries in accordance with applicable data-protection laws.
U.S. State Privacy Law Notice
This section supplements the information above and applies to residents of U.S. states that have enacted comprehensive privacy laws, including California, Colorado, Connecticut, Utah, Virginia, Texas, Oregon, and others that may adopt similar legislation.It describes how Brain Co collects, uses, and discloses personal information subject to these state laws and provides additional details about the rights available to residents of those states.
Categories of Personal Information Collected
Within the twelve (12) months preceding the effective date of this Policy, Brain Co has collected the following categories of personal information as defined under applicable U.S. state privacy laws: Identifiers – such as name, address, email address, telephone number, IP address, device ID, and other unique identifiers. Personal records – including payment information, contact details, or other identifiers used to provide our platform and applications. Protected class information – including age (40 and over), gender, veteran status, disability status, and similar demographic details (only where required or voluntarily provided). Commercial information – such as records of products, services, or subscriptions purchased or considered. Internet or other electronic activity – including browser type, device information, log data, and interactions with our websites or communications. Geolocation data – approximate location information derived from IP address or device settings. Professional or employment-related information – such as company, role, and professional credentials. Education information – for applicants or participants in Brain Co training programs. Inferences drawn – from the above data to create a profile about preferences, interests, or behaviors. Sensitive personal information – including government identifiers, precise geolocation, health or biometric information, or contents of private communications (collected only when legally required or with explicit consent).Brain Co collects these categories of personal information from the sources and for the purposes described earlier in this Policy.
Disclosure of Personal Information
Brain Co may disclose the categories of personal information listed above to the following categories of third parties for the business purposes described in this Policy: Service providers and contractors that support our operations, including analytics, hosting, security, communications, and recruiting services; Affiliates and subsidiaries within the Brain Co group; Professional advisors such as auditors, accountants, and legal counsel; Government entities and law enforcement where required by law; and Parties to corporate transactions such as mergers or asset transfers.Brain Co has not sold personal information for monetary consideration during the preceding twelve (12) months. However, certain uses of analytics and advertising cookies may constitute a “sale” or “sharing” under state privacy laws. You may opt out of these activities as described below.
Sensitive Personal Information
We collect, use, and disclose sensitive personal information only for limited purposes allowed under applicable law, such as to: Provide requested goods or services; Ensure physical and network security; Prevent fraud or illegal activity; Comply with legal obligations; or Exercise or defend legal claims. We do not use sensitive personal information to infer characteristics about individuals.
Your Privacy Rights Under U.S. State Laws
Residents of the states listed above may exercise the following rights: Right to Know / Access – Request that we disclose the categories and specific pieces of personal information we have collected, the sources, purposes, and categories of third parties with whom we shared the information. Right to Delete – Request deletion of personal information we hold, subject to legal exceptions. Right to Correct – Request correction of inaccurate personal information. Right to Data Portability – Receive a copy of your data in a portable format. Right to Opt Out of Sale or Sharing – Opt out of the sale or sharing of personal information for cross-context behavioral advertising. Right to Limit Use of Sensitive Personal Information – Restrict use of sensitive information to necessary business purposes. Right to Non-Discrimination – Not be discriminated against for exercising your privacy rights. Right to Appeal – Appeal a denied request and receive a written explanation of the decision.Brain Co will respond to verified requests within applicable timeframes and will honor valid opt-out preference signals (such as Global Privacy Control) in accordance with state law. To submit a request or appeal, email info@brain.co or mail a written request to:
Brain Co – Legal Department
San Francisco, California, USA
Authorized Agents and Verification
You may designate an authorized agent to exercise your rights by providing written authorization and proof of identity for both you and your agent.We will verify requests using reasonable methods to confirm the identity of the individual making the request and the authority of any authorized agent.We will not fulfill requests that cannot be verified to a reasonable degree of certainty.
Financial Incentives
If Brain Co offers financial incentives or loyalty programs that relate to the collection or retention of personal information, we will provide a description of the program’s material terms and explain how you may opt in or withdraw.We will not offer such programs unless they are reasonably related to the value of the personal information collected and are permitted under applicable law.Shine the Light ( California Civil Code § 1798.83 )California residents may request information regarding the disclosure of their personal information to third parties for the third parties’ direct marketing purposes during the preceding calendar year.To make such a request, please contact us at info@brain.co with the subject line “California Shine the Light Request.”
Cookie Statement
This Cookie Statement supplements and should be read together with the Cookies and Tracking Technologies section above.While that section explains in detail how Brain Co uses cookies and similar technologies across our websites and applications, this Cookie Statement provides additional information specifically required under U.S. state privacy laws about the types of cookies we use, their purposes, and how you can manage them.Cookies are small text files stored on your device when you visit a website. They help us recognize your device, remember your preferences, and improve your experience. Some cookies are set by Brain Co (first-party cookies) and others by third parties (third-party cookies).Types of Cookies We UseStrictly Necessary Cookies – Enable core functionality such as page navigation, secure login, and form submission.Performance and Analytics Cookies – Collect aggregated data on how visitors use our sites to improve performance and content.Functional Cookies – Remember choices you make (such as language or region) to provide enhanced, personalized features.Targeting or Advertising Cookies – Track browsing activity to deliver content and ads more relevant to your interests and measure campaign effectiveness. Social Media Cookies – Enable you to share content through social networks and allow those networks to collect information about your interaction with our content. Managing CookiesYou can control or limit how cookies are used by adjusting your browser settings or through our cookie-consent manager available on our websites.Most browsers allow you to refuse cookies entirely or to delete specific cookies.Please note that disabling cookies may affect the functionality of our websites or limit your ability to access certain features.You can also manage your preferences for Google Analytics and other advertising technologies as described in the “Cookies and Tracking Technologies” section of this Policy.
Retention of Cookie Data
Cookies remain on your device for varying periods depending on their type. Session cookies expire when you close your browser; persistent cookies remain until their set expiration date or until you delete them.Brain Co periodically reviews and deletes obsolete cookies and log files in accordance with our data-retention policy.
Updates to This Cookie Statement
We may update this Cookie Statement from time to time to reflect changes in our use of cookies or applicable laws.The updated version will be posted on our websites with a revised “Last Updated” date.Where required by law, we will seek your consent to material changes.
Contact Us
If you have any questions or concerns about this Privacy Policy, the Applicant Privacy Notice, or our Cookie Statement, please contact us at:
Email: info@brain.co
Mail: Attention – Legal Department, Brain Co, San Francisco, California, USA
Accessibility
Brain Co is committed to ensuring that our Privacy Policy and related materials are accessible to individuals with disabilities.If you need this Policy in an alternative format or require assistance accessing it, please contact info@brain.co.