Brandsight privacy policy.

Last modified August 1, 2017

As a user of services offered by Brandsight, Inc. “Brandsight”, or any of its subsidiaries or authorized affiliates (“We”, “Us”, “Our”), or simply as a visitor to the Brandsight.com website, you provide us with information about you and the way you use our website. As we use the term in this Privacy Policy, the information that we collect about you is called “Personal Data.”

The purpose of this Privacy Policy is to inform you what Personal Data we collect so you can decide whether or how you will use our services or the tools you use to access our website.

This Privacy Policy explains: what Personal Data we collect and why that Personal Data is collected; how we use and/or retain the Personal Data we collect; and, how you may update, keep current, and limit the distribution of Personal Data in our possession.

Information we collect 

We collect Personal Data we need in order to provide you the services you have purchased from us. We also collect Personal Data we are contractually required to collect by the Internet Corporation for Assigned Names and Numbers (“ICANN”), other domain name registry providers, credit card and payment providers, and third-parties that provide services, such as email and web hosting, that we may offer to you in conjunction with our domain registration services.

All of our services require you to sign up, using your real name and accurate contact information. When you sign up, we will ask for personal and corporate information, including the name of a corporation, your name, postal mailing address, email address, and telephone number.

To make purchases, we will ask you for your payment information, such as your credit card information required by payment processing services to transact your payments to us.

When you sign up for certain services that may result in payments to you, such as domain name divestiture, we may ask for information enabling us to deposit or wire money to your receiving account.

Brandsight Privacy Service, you authorize us to receive email and postal mail on your behalf and forward it to you. When you use this service, we will have access to correspondence intended for you while we are processing it for you and sending it to the email account you have on file with us.

We may collect Personal Data about our services that you use and how you use them. We automatically collect and store certain information in server logs. This server log data may include:

  • your Internet protocol (“IP”) address;
  • telephone log information such as your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls;
  • details of how you used our service, such as your search queries; device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL;
  • cookies that may uniquely identify your browser or your account; device-specific information (such as your hardware model, operating system version, and mobile network information including phone number);
  • information (including personal information) locally on your computer or device using mechanisms such as browser web storage (including HTML 5) and application data caches.

We also use various technologies to collect and store Personal Data when you visit our web site or use our services, and this may include sending one or more cookies or anonymous identifiers to your computer or device. We also use cookies and anonymous identifiers when you interact with services we offer to our partners, such as advertising services or features that may appear on other sites.

When you select us to configure third party services for use with your domain name, we will ask you for access credentials to those third party services for the sole purpose of performing the configuration of them which you requested us to perform. We will not store or retain your access credentials for longer than necessary to perform such third party service configuration.

How we use the Personal Data we collect We use the Personal Data we collect to comply with contractual requirements for the registration and use of domain names. This includes publishing the name and contact information for domain name registrants in publicly accessible whois databases.

We use the Personal Data we collect from all our services to provide, maintain, protect and improve our services, to develop new services, and to protect us, you, and our users.

We engage other companies and individuals to perform functions on our behalf, such as processing credit cards, archiving data, or handling postal mail. These persons have access to Personal Data needed to perform their functions. These companies do not retain, share, store or use personally identifiable information that you provide to us for any secondary purposes.

We also engage other companies and individuals to provide services to you on our behalf, such as providing SSL or DNS hosting services to you. Many of our service providers have access to Personal Data needed to perform their services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.

When you contact us, we may keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.

We use Personal Data collected from cookies and other technologies to improve your user experience and the overall quality of our services.

We will ask for your consent before using Personal Data for a purpose other than those that are set out in this Privacy Policy.

How we handle and store your Personal Data Our primary location is in New York, USA, but we use servers and third-party services outside gloabbly to store, serve and transfer information and manage our services, including services that rely on the use of your Personal Data. In providing services to you, your Personal Data necessarily crosses international boundaries.

Accessing and updating your personal information 

Within your account, we provide you with access to your Personal Data used to conduct transactions through the account. For the Personal Data we have for you, we provide tools for you to use to update your information quickly or to delete it from further use. When updating your Personal Data, we may ask you to verify your identity before we can act on your request. We will retain your Personal Data, even if deleted from your account, to the extent required by law or applicable policy required to provide the services to you.

ICANN Data Retention Requirements and Registry Requirements For TLD registrations authorized by the Internet Corporation for Assigned Names and Numbers (“ICANN”), we are required to comply with the ICANN Data Retention Specification which requires us to:

Collect the following information from registrants at the time of registration of a domain name (a “Registration”) and maintain that information for the duration of Registrar’s sponsorship of the Registration and for a period of two additional years thereafter:

  • First and last name or full legal name of registrant;
  • First and last name or, in the event registrant is a legal person, the title of the registrant’s administrative contact, technical contact, and billing contact;
  • Postal address of registrant, administrative contact, technical contact, and billing contact;
  • Email address of registrant, administrative contact, technical contact, and billing contact;
  • Telephone contact for registrant, administrative contact, technical contact, and billing contact;
  • WHOIS information, as set forth in the ICANN WHOIS Specification;
  • Types of domain name services purchased for use in connection with the Registration; and
  • To the extent collected by Registrar, “card on file,” current period third party transaction number, or other recurring payment data.

The ICANN Data Retention Specification further requires us collect the following information and maintain that information for no less than one hundred and eighty (180) days following the relevant interaction:

  • Information regarding the means and source of payment reasonably necessary for the Registrar to process the Registration transaction, or a transaction number provided by a third party payment processor;
  • Log files, billing records and, to the extent collection and maintenance of such records is commercially practicable or consistent with industry-wide generally accepted standard practices within the industries in which Registrar operates, other records containing communications source and destination information, including, depending on the method of transmission and without limitation: (1) Source IP address, HTTP headers, (2) the telephone, text, or fax number; and (3) email address, Skype handle, or instant messaging identifier, associated with communications between Registrar and the registrant about the Registration; and
  • Log files and, to the extent collection and maintenance of such records is commercially practicable or consistent with industry-wide generally accepted standard practices within the industries in which Registrar operates, other records associated with the Registration containing dates, times, and time zones of communications and sessions, including initial registration.

Should you have concerns about the ICANN Data Retention Specification, and our obligations under it, we encourage you to contact ICANN at your regional Hub Office or Engagement Center using the ICANN contact form at http://www.icann.org/en/contact

The applicable TLD registry, whether under the authority of ICANN or the applicable ccTLD manager, may impose additional or different data retention requirements as a condition of our being able to offer domain registration services to you.

Information we share 

We do not share Personal Data with companies, organizations and individuals outside of our organization unless one of the following circumstances applies:

With your consent: We will share Personal Data with companies, organizations or individuals outside of our company when we have your express consent to do so. For external processing: We provide Personal Data to our partners and other trusted businesses, such as credit card processing companies, to process your Personal Data for us, based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures. For legal reasons: We will share Personal Data with other companies, organizations or individuals if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to: meet any applicable law, regulation, legal process or enforceable governmental request; enforce applicable Terms of Service, including investigation of potential violations; detect, prevent, or otherwise address fraud, security or technical issues; protect against harm to the rights, property or safety of us, our users or the public as required or permitted by law.

Information security 

We work hard to protect our systems and you from unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Data we hold. Specifically, we encrypt many of our services to provide you secure access to our site and your information. We also offer you the ability to enable two-step verification for access to your account. We review our Personal Data collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems. We restrict access to Personal Data to our employees, contractors, and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

We intend to maintain our services in a manner that protects Personal Data from accidental or malicious destruction. Because of this, after you delete Personal Data from our services, we may not immediately delete residual copies from our active servers and may not remove some or all of the information from our backup systems.

Application 

Our Privacy Policy applies to all of the services offered by us but excludes third party services which you may use in conjunction with ours, that have separate privacy policies which do not incorporate this Privacy Policy.

Our Privacy Policy does not apply to services offered by other companies or individuals. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags, and other technologies to serve and offer relevant ads.

If we are involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.

Enforcement We regularly review our compliance with our Privacy Policy. When we receive formal written complaints, we will contact the person who made the complaint to follow up.

Changes 

Our Privacy Policy may change from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes).

Contact for more information 

You may inform us of any changes in your Personal Data and we will update or delete your data accordingly. To find out what Personal Data we hold on you or to have your Personal Data updated, amended or removed from our database, please use the tools provided in your account, or contact us at legal-at-Brandsight.com.