Multibrain

Privacy Policy

Multibrain Network, Inc.

This Privacy Policy (the “Policy”) lets you (“you” or “User”) know how Multibrain Network, Inc. (“we” or “us” or “Company”) collects, processes, retains and shares information provided to us for use on the Company website https://multibrain.me. (collectively the “Platform“).

The Company is committed to respecting the privacy rights of Users, customers and other visitors. Accordingly, we process your data in accordance with the legal regulations on data protection, including without limitation the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Policy describes the personal information that is collected or processed by the Platform, how your personal information is used, shared and protected, what choices you have regarding your personal information and how you can contact us.

Responsibility, Data Protection Officer

The Company is responsible for the processing of personal information received through the Platform. The Company is located at:

Multibrain Network, Inc.
4223 Glencoe Ave, Suite B129
Marina del Rey, CA 90292
Presented by: Scott Kramer skramer@multibrain.net

If you have any general comments or questions about privacy, if you wish to update any information we hold about you, or if you revoke your consent or object to a particular use of the data, or if you exercise your rights, you may contact us by e-mail or contact our data protection officer, Chris Sternal-Johnson at chris.privacy@multibrain.net. Our data protection officer can also be reached at the postal address listed above.

Types of data collected

Before your account is activated, you must affirmatively consent to the use of your information on the Platform and to the Terms of Use and this Policy via a pop-up window that will appear when you first attempt to log in to the Platform.

Personal Information

When opening an account, the Company will collect personal information, such as

The Platform will also allow you to insert photos and videos that you personally select and upload from your devices. The Platform will not upload any photos or videos from your devices on its own.

The Company is the controller of information with which you may provide us or which we may record about you on this Site. We will only collect data from third party social media sites such as Facebook, Twitter and Pinterest using tokenized credentials with your authorization and consent, solely for the purpose of completing a content transaction on the Platform. As described below, Personal Information does not include any anonymized aggregated data that is collected for analysis and reporting purposes.

Usage Data

We collect additional personal information from you, including usage data and other information regarding your communications, transaction history and interactions with the Platform and other users, to enable functions within the Platform. When interacting with the Platform, Personal Information is collected automatically by your device or web browser. More information about these operations is provided in the “Cookies” section below.

These data (“Log Data”) include:

You may choose to not have us collect this information, understanding that it may impact your ability to use the Platform and the Services. The Log Data is retained by the Company for a period of six (6) months from the date it is collected.

In many cases, your web browser or mobile device platform will provide additional tools that allow you to control when your device collects or shares categories of Personal Information. For example, your mobile device or web browser will offer tools that allow you to manage cookie usage or location sharing. We suggest that you familiarize yourself with the instruments and use them on your devices.

The Platform automatically recognizes Log Data. The Platform uses cookies (as explained below); the Platform also stores Log Data.

We regularly analyze Log Data anonymously for statistical purposes so that we can determine how our Platform is used. Based on these findings, we then optimize the Platform. In addition, in the event of a system abuse, we may use this information in cooperation with your internet service provider and / or local authorities to identify the originator of the abuse.

Cookies

From time to time, we may use the standard “cookies” feature of major browser applications that allows us to store a small piece of data on your computer about your visit to our Platform and your use of the Services. We only store Personal Information in cookies to identify you as a user and to enhance and customize the Services provided to you on the Platform. Cookies also allow us to learn which areas of our Platform are useful and which areas need improvement. You can choose whether to accept cookies by changing the settings on your browser. However, if you choose to disable this functionality, your experience on the Platform may be diminished and some features may not work as intended.

Do Not Track (DNT) is an optional browser setting that allows you to limit your sharing preferences with respect to third parties. We do not respond to DNT signals.

Cookies may include the following information: your IP address, the specific Cookie Identifier, cookie information, and whether your device has the appropriate software to perform necessary functions, the specific device identification number (UDID) and device type, the domain, the browser type and the language used, operating system and system settings; country and time zone; information about how you interact with the Platform, such as click behavior, and redirecting URLs.

The cookies that we use on the Platform can basically be divided into the following three categories:

Required cookies

These cookies are necessary for the functioning of the Platform and cannot be deactivated on the Platform. Typically, these cookies are only set in response to actions you take to provide you with a service, such as logging in to the Platform, setting your privacy preferences, signing up, or completing forms. They also enable the Platform to help in the management of security problems as well as in the compliance with legal regulations. You can set your browser to block these cookies or to notify you about these cookies. However, some areas of the site may not work and you may not be able to log in to the Platform.

Performance-related cookies

These cookies allow us to analyze Platform usage so that we can measure and improve the Platform’s performance. In some cases, these cookies can improve the speed at which we process your requests and help remember the Platform settings you have selected. Therefore, refusing these cookies may result in recommendations that are poorly tailored to you, or slower on the Platform as a whole.

Analytics (tracking) cookies; Data analysis through pseudonymised usage profiles

We use the web analytics service, Google Analytics of Google LLC (“Google”). Google Analytics uses cookies to analyze the use of the Platform by you. The information generated by the cookie about your use of the Platform is usually transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the Platform, to compile statistical reports on Platform activity for us, and to provide other services related to the use of the Platform and internet usage.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google may transfer this information to third parties if required by law or as far as third parties process this data on behalf of Google.

For more information about how Google uses your information, please see the Google Privacy Policy: https://policies.google.com/privacy?hl=en&hl=en&hl=en&hl=en&hl=en&hl=en and Google’s Advertising Preferences ( https: // adssettings .google.com/authenticated ). You can disable Google services using a browser add-on if you do not want web page analytics. You can download this here: http://tools.google.com/dlpage/gaoptout?hl=de. Alternatively, you can regulate the use of individual cookies through the privacy settings of your browser.

The legal basis for this data processing is Section 15 (3) of the Telemedia Act promulgated under German law (“TMG”) or, if applicable, Article 6 (1) (f) of the GDPR , as we have a legitimate interest in the needs-based design and economic operation of our online offer.

You can also set your computer to be warned each time a cookie is sent. Alternatively, you can prevent the storage of cookies on your computer by appropriate settings of your internet browser. Already saved cookies can be deleted in the system settings of the browser. Please note that the functionality of the Platform may be limited and you may not be able to log in to the Platform.

Your Elections

With your consent, we may communicate with you through multiple channels about your transactions on the Platform and to keep you up-to-date on customer experience content and new content or services.

Once you provide your Personal Information, we may contact you through e-mail or text messages, if you choose to provide your mobile telephone number. We may continue to communicate with you through the channels you have selected until you request to stop receiving these communications by opting out.

At any time, you may elect to (a) stop receiving communications related to your use of the Platform, or (b) update or delete your account and any Personal Information details.

Purposes of Collecting Personal Information; Processing Based on Legitimate Interest

With respect to the processing of Personal Information required for the performance of a contract to which the data subject is a party, the legal basis is provided by Article 6 (1) (b) of the GDPR. This also applies to processing operations required in order to carry out a pre-contractual action, for example, for the presentation of the Platform.

We process your Personal Information on the basis of your consent (Article 6 (1) (a) of the GDPR) to the extent described in the consent for communication purposes. You can revoke your consent at any time with effect for the future.

We process your Personal Information for the following processing purposes in order to safeguard our legitimate interests, in particular the protection of our IT infrastructure, the guarantee of satisfactory customer communication and the ability to provide you with the Services through the Platform (Article 6 (1) (f) of the GDPR):

You may choose to not provide us with Personal Information or any requested additional information, understanding that your ability to use the Platform and the Services may be impacted if you do not provide the minimum information necessary to complete a transaction on the Platform. Similarly, you may terminate your account or our use of Personal Information at any time but the impact may be the same as the impact described in the prior sentence.

We may also obtain Personal Information and non-Personal Information from third party providers; an example would be information that flows to the Platform from the third party social media providers you are using such as Twitter, Facebook and similar services such as information that your Twitter and Facebook followers share with your account.

If you provide us Personal Information about others, or if others give us your Personal Information, we may store that data and will only use that Personal Information for the specific purpose of delivering goods, services or digital content.

In order for transactions to be completed on the Platform, Users will need to share some Personal Information with the Company and with other Users pursuant to the terms of this Policy.

We do not sell, rent or trade your individual Personal Information to third parties without your consent. We may, however, share, sell or rent aggregated data with third parties for analysis and research purposes. This aggregated data would only consist of anonymized data.

Your Personal Information may be shared with current or future affiliates or subsidiaries of the Company.

Transfer of data

The Platform is supported by a network of computers, cloud-based servers and other infrastructure and information technology including but not limited to third-party service providers. In limited circumstances, we may need to share your Personal Information with third parties that perform services on our behalf, such as social media channels to complete a transaction on the Platform. In order for the Company to connect your Platform account with your account from a third-party platform like a social media channel, we will require your affirmative consent, understanding that your Personal Information may be shared with such third-party platforms. The Platform currently allows you to perform social media channel transactions with the following parties:

The Platform also uses the following third party services:

Personal Information can be processed by the social media providers for market research and advertising purposes. For example, user profiles can be created from the user behavior and resulting user interests. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that are supposedly in line with the interests of the users. For these purposes, cookies are usually stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users, in particular if the users are members of the respective platforms and are logged in to them. Your data can also be processed by the respective social media providers outside the European Union.

We process your Personal Information here based on our legitimate interests in a needs-based design of the Platform, which are not outweighed by your interests, rights or freedoms, Art. 6 (1) (f) of the GDPR. As far as linked websites and apps that are not our property and are not under our control, we are not responsible for the content and use of the pages or apps or their respective privacy policies.

In exceptional cases, we may also use your Personal Information for the fulfilment of a legal obligation (Art. 6 (1) (c) of the GDPR), to safeguard vital interests (Art. 6 (1) (d) of the GDPR), or to perform a task in the public interest (Art. 6 (1) (e) of the GDPR). From time to time, we may be required to share Personal Information in response to a valid court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful. We may share Personal Information when we believe that such release is reasonably necessary to protect the rights, property and safety of others and ourselves. We may also transfer Personal Information in the event of a corporate sale, merger, acquisition, dissolution or similar event.

Links to Third Party Sites

The Platform and Services contain links to other websites (“Linked Sites“), including links posted by other Users. The Linked Sites are not under the control of Company and Company is not responsible for the contents or data privacy policies of any Linked Site, including without limitation, any link contained on a Linked Site, or any changes or updates to a Linked Site. The Company is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Company or any association with its operators or their data privacy policies. We encourage you to review the privacy policy of any Linked Site before sharing your personal data with the Linked Site. See the links provided in the section entitled “Use of Information” above.

Data transfers to a third country

The Personal Information we collect in connection with the Platform is processed in the United States. Some of the data recipients to whom the Company may share your Personal Information may be located in countries other than the state where your Personal Information was originally collected. The laws in these states may not guarantee the same level of privacy as the law in the state where you submitted your information to us. However, we will protect your Personal Information in accordance with this Privacy Policy and applicable laws when we transfer your Personal Information to recipients in other countries, including the United States.

We will take the necessary measures to ensure, in compliance with legal regulations, the transfer of personal data to countries outside the EEA that do not offer an adequate level of data protection. We take a variety of measures to ensure that your Personal Information transferred to these countries is adequately protected in accordance with the Privacy Policy. This includes verifying that the recipient has adopted binding corporate rules or adheres to the EU-US Privacy Shield Framework.

EU-U.S. Privacy Shield Framework

The Company complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. The Company has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

If you have any inquiries or complaints about our handling of your Personal Information under Privacy Shield, or about our privacy practices generally, please contact us at: privacyshield@multibrain.net. We will respond to your inquiry promptly. If we are unable to satisfactorily resolve any complaint relating to the Privacy Shield, or if we fail to acknowledge your complaint in a timely fashion, you can submit your complaint to VeraSafe, which provides an independent third-party dispute resolution service based in the United States. VeraSafe has committed to respond to complaints and to provide appropriate recourse at no cost to you. To learn more about VeraSafe’s dispute resolution services or to refer a complaint to VeraSafe, visit here. If neither the Company nor VeraSafe resolves your complaint, you may pursue binding arbitration through the Privacy Shield Panel. To learn more about the Privacy Shield Panel, visit here.

If a privacy complaint or dispute relating to Personal Data received by Multibrain in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

If we transfer Personal Information received under the Privacy Shield to a third party, the third party’s access, use, and disclosure of the personal data must also be in compliance with our Privacy Shield obligations, and we will remain liable under the Privacy Shield for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage.

You can review our Privacy Shield registration here. The Company is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We may be required to disclose Personal Information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

We also use the following service providers that are certified under the EU-US Privacy Shield:

Deletion of your personal data

Unless explicitly stated in this Policy, the Personal Information stored by us will be deleted as soon as they are no longer necessary for the purpose of processing and the deletion does not conflict with any statutory storage requirements. Unless the data is deleted because it is required for other and legally permitted purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.

As discussed in the section above entitled “Personal Information”, Log Data is retained by the Company for a period of six (6) months from the date it is collected.

Your rights as a Data Subject

Right to information

You have the right, at any time upon request, to obtain information from us about your Personal Information concerning you in the scope of Art. 15 GDPR.

Right to rectification

According to Art. 16 GDPR, you have the right to ask us to update your Personal Information or correct incorrect data concerning you.

Right to deletion

You have the right to demand the deletion of your Personal Information under the conditions described in Art. 17 GDPR, including without limitation in circumstances where: a processing purpose has been satisfied, a processing purpose was omitted, if we should process your Personal Information unlawfully, you have revoked an agreement with us where processing of your Personal Information can be continued on another legal basis, if you successfully object to the data processing (see “Right to object” below), and in cases arising from the existence of a deletion obligation on the basis of EU law or the law of an EU Member State to which we are subject.

Right to restriction of processing

In accordance with Art. 18 GDPR, you may require us to process your Personal Information only to a limited extent. This right applies if the accuracy of the Personal Information in question is controversial and under the conditions of a legitimate request for deletion (“Right to deletion”), you request limited processing instead of deletion. This right also applies in the event that the Personal Information is no longer required for the purposes we are pursuing, but you require the data to assert, exercise or defend legal claims and if the success of an objection is still controversial.

Right to Data Portability

In accordance with Art. 20 GDPR, you have the right to obtain from us the Personal Information that you have provided to us in a structured, common, machine-readable format and to transmit this data to another person in charge.

Right to object

You have the right, for reasons of your own particular situation, to object at any time to the processing of Personal Information concerning you. We will cease the processing of your Personal Information unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.

If you object to the processing of your Personal Information for advertising purposes, we will stop this processing in any case.

Exercise of these rights

If you wish to exercise these rights, please contact us at the email address or physical address listed in the section entitled “Responsibility; Data Protection Officer” above.

Withdrawal

If you have given us consent to the processing of your Personal Information, you can revoke it at any time by contacting us at the email address or physical address listed in the section entitled “Responsibility; Data Protection Officer” above.

After receiving your request, we will cease to process your Personal Information, as long as we do not perform the respective data processing on a different legal basis (e.g., in order to be able to continue to fulfill contracts with you).

Complaint

You also have the right to appeal to a supervisory authority, in particular in your Member State of residence, employment or the place of alleged infringement if you believe that the processing of your Personal Information infringes the GDPR.

Security of Your Personal Information

We use reasonable security measures, including but not limited to physical, electronic, and procedural safeguards, to protect the confidentiality of Personal Information under our control and appropriately limit access to Personal Information, including https protection technology.

The Platform has security measures in place to prevent the loss, misuse, disclosure and alteration of the Personal Information that we obtain from you, but we make no assurances to you or to any third party about our ability to prevent any such loss or misuse arising out of any such loss, misuse, disclosure or alteration.

We also avoid storing your user passwords in plain text. While we use the security measures described above along with others, we cannot ensure or warrant the security of any information you transmit to us by e-mail, and you do so at your own risk.

If we become aware of a security breach involving your Personal Information, we may need to notify you electronically of such breach, in addition to posting information about the breach on the Platform or Company website. By using the Platform and Services, you agree to receive such communications.

Information from Children Under 13

We are a general audience website and do not direct any of our content specifically at children under the age of 13 years old. Users must be at least 18 years old to use the Platform and Services. We understand and are committed to respecting the sensitive nature of children’s privacy online and we do not knowingly collect information online from children under 13. If you are a parent or guardian and you learn that your children have created an account or otherwise provided Company with Personal Information, please contact us. If Company becomes aware that Company has collected Personal Information from a child under age 13 without verification of parental consent, Company will take steps to remove that information from Company servers.

California Privacy Rights

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

If you are under 18 years of age, reside in California, and have a registered account with the Platform, you have the right to request removal of unwanted data that you publicly post on the Platform. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Platform, but please be aware that the data may not be completely or comprehensively removed from our systems.

Options Regarding Your Information

You may at any time review or change the information in your account or terminate your account by:

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with legal requirements.

Emails and Communications

If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:

If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.

Privacy Policy Changes

As we continue to improve the Platform and Services, content and the features we provide, this Policy is subject to change. We will post significant changes to this Policy here and/or other formats for you to review. If we change our information practices or this Policy in such a way that your Personal Information may be used or shared in a manner not described in the Policy at the time you provided it, we will give you the opportunity to opt-out of having your Personal Information used or shared in that new manner.

How To Contact Us

If you have questions about our Privacy Policy, please contact us at:

Chris Sternal-Johnson

Data Protection Officer
Multibrain Network, Inc.
7700 Parkwood Drive
Missoula, MT 59808

chris.privacy@multibrain.net

VeraSafe Netherlands BV
EU Representative

Multibrain Network, Inc.
Keizersgracht 555
1017 DR Amsterdam
Netherlands

VeraSafe has been appointed as Multibrain Network, Inc.’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. VeraSafe can be contacted in addition to Chris Sternal-Johnson, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative or via telephone at: +420 228 881 031.