← Back

Privacy Policy

Last updated: March 2026

At BrainBack.ai, we take privacy seriously. This policy explains what data we collect, why we collect it, how it is protected, and the choices you have. We are a B2B company — we have no interest in advertising, profiling, or monetising your personal information.

1. Information we collect

We collect information in two ways:

Information you provide directly

  • Name and job title
  • Business email address
  • Phone number (when requesting a callback)
  • Company name and size
  • Any message or details you include in a form submission

Information collected automatically

  • Pages visited and time spent on site
  • Referring URL and browser type
  • Country-level location (derived from IP address)

We do not collect payment details, government IDs, or any sensitive personal data. We do not install third-party advertising or tracking cookies.

2. How we use your information

We use the information we collect solely to:

  • Respond to your access request, demo enquiry, or callback
  • Send product updates or announcements you have opted into
  • Improve our website and understand how visitors engage with it
  • Comply with applicable legal obligations

We will never use your information for automated decision-making that produces legal or similarly significant effects without your explicit consent.

3. We do not sell or share your data

We do not sell, rent, lease, or trade your personal information to any third party — ever.

We do not share your data with advertisers, data brokers, analytics resellers, or any party for their own commercial purposes. Your information is used exclusively to operate and improve BrainBack.ai and to communicate with you directly.

The only circumstance in which we would disclose your information is if required to do so by law, a court order, or a regulatory authority — and in that case we would notify you wherever legally permitted to do so.

4. Third-party service providers

We work with a small number of trusted service providers who help us operate our infrastructure (for example, cloud storage and authentication services). These providers:

  • Process data only on our behalf and under our instructions
  • Are contractually prohibited from using your data for their own purposes
  • Are SOC 2 and ISO 27001 certified
  • Host data in secure, audited environments

We do not grant these providers permission to sell or further share your data.

5. Data retention

We retain your information for as long as needed to fulfil the purpose for which it was collected, or as required by law. If you request deletion, we will remove your data within 7 days, except where retention is required by a legal obligation.

6. Security

We use industry-standard security practices including encrypted connections (TLS), access controls, and audited cloud infrastructure to protect your data. No method of transmission or storage is 100% secure, but we take every reasonable step to protect your information.

7. Your rights

You have the right to:

  • Access — request a copy of the data we hold about you
  • Correction — ask us to correct inaccurate or incomplete data
  • Deletion — ask us to delete your data
  • Objection — object to how we process your data
  • Portability — request your data in a portable format

To exercise any of these rights, email us at [email protected]. We will respond within 7 days.

8. Changes to this policy

We may update this policy from time to time. When we do, we will update the date at the top of this page. We encourage you to review it periodically. Continued use of our site after changes are posted constitutes acceptance of the updated policy.

9. Contact

If you have any questions, concerns, or requests regarding this policy or your personal data, please contact us at [email protected].