Privacy Policy

Last Updated: 08/19/24

Summary of your Privacy Policy

At Blank Slate Technologies LLC (“braintrust”, “we”, “our”, “us”, “Company”, “trybraintrust.com”, “Braintrust: Memory Companion”) we understand the importance of your privacy and we are dedicated to handling your information with the utmost care and responsibility.

By using our website (“Site”) or our mobile app (“App”) or any other product or services provided by us (together with the Site, referred to as "Services"), you are agreeing to abide by this Privacy Policy. If you disagree with any aspect of our Privacy Policy, you have the choice to refrain from using our Services.

Your information is safeguarded by the terms outlined in this Privacy Policy. 

We urge you to carefully review this Privacy Policy in conjunction with our Terms of Use to understand how we handle your information.

Here's a summary of important points to keep in mind regarding your privacy and data. 

We highly recommend reviewing the full document for more details: 

  1. We never sell or rent your data to third parties. It's yours.
  2. Your data may be stored on our servers or our service provider's servers.
  3. Braintrust may handle protected health information(PHI) and personally identifiable information(PII). Your information is encrypted during transmission and storage. To access the app, you must provide an email and password, or create an account with an existing social media profile. Please keep these credentials confidential. While we work hard to keep your information safe through a variety of methods, please remember to be cautious when sharing sensitive data with braintrust or anywhere online. There is always the potential for a data breach (accidental sharing of information) that includes your protected health information (PHI) or personally identifiable information(PII). 
  4. We follow US and state laws and may need to share your data when required by law. Any changes in data handling will be promptly communicated.

Introduction

Please note that this Privacy Policy may undergo occasional updates. Any updates will be posted on this page, along with the revision date. You will be notified of any changes through methods including but not limited to app notifications and emails. Any alterations become effective immediately upon their posting and apply to all access and utilization of the Services thereafter. Your ongoing utilization of our Services following such modifications indicates your acceptance of the revised Privacy Policy.

Information we collect

Information you share

We may gather information directly from you through our Site and/or App when you create an account, enter content by putting in questions and answers, share progress with friends and family, or contact us about questions, feedback, or other issues. We may also gather information from you when you visit our social media pages or groups (for example, when you visit our Meta page and try to contact us via Facebook Messenger, we may gather information about your username and contact message so we can respond to your query). This information includes but is not limited to:

  • First name;
  • Last name;
  • Email;
  • Phone number;
  • Role of user (caregiver, individual concerned about memory loss);
  • First name of care partner;
  • Phone number of care partner (please note that we will not contact the care partner without your consent and nor for any medical purposes);
  • Method of sign-in (email, Google, Meta, Apple);
  • Social media username;
  • How you heard about braintrust; 
  • Why you are interested in braintrust;
  • Pictures or images entered into braintrust that a user wants help remembering about;
  • Text entered into braintrust by the user.

The details you provide may include Personal Identifiable Information (“PII”), which refers to information that identifies you personally, either alone or in combination with other data, or protected health information (“PHI”) which refers to any data within a medical documentation or designated record set that could potentially identify an individual and was generated, utilized, or shared during the provision of healthcare services, such as diagnosis or treatment. 

When you purchase our Services (e.g. buying a braintrust subscription), you may need to provide financial details, such as a debit/credit card or bank account number, to a third-party payment processor. Please be informed that we neither collect nor retain such financial data, and we hold no responsibility for its storage by third parties. Nonetheless, we may have access to certain account-related information, including but not limited to purchase amounts and dates, if you choose to buy our Services.

Please note that our Services are currently not designed for use by covered entities under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) for transmitting PII or PHI.

Information we collect automatically

We may also automatically gather certain information when you access our Services, and visit our social media pages or groups which may include but not be limited to:

  • Internet Protocol (IP) address: This is the number assigned to your computer when you access the Internet. This can sometimes reveal your general geographic location and time zone.
  • Information about your browser type, device type, and operating system.
  • Service session statistics: These are insights gathered during your time using our Services. They include but are not limited to things like how long you spend on our Services, the websites you visit before navigating to our Services, and what actions you take on our Services.
  • Mobile session tokens: These are similar to digital passes for your phone when you use an app or service. They make sure you are authorized to be there and keep your account secure without needing to log in repeatedly. We may also associate statistics that include but are not limited to the number of sessions and time per session to these tokens when you use our Services.
  • Details regarding your interactions with email messages, including but not limited to email opens, clicks, and forwards.
  • Details regarding your interactions with our social media content.
  • Details regarding your interactions with mobile app notifications.
  • Other information collected through cookies, log files, web beacons, Google Analytics software, Mandrill software, Meta Pixel software, and JavaScript code.

We collect the aforementioned information in a variety of ways including but not limited to through cookies, log files, web beacons, Google Analytics software, Mandrill software, Meta Pixel, and JavaScript code.

Cookies: Cookies are small pieces of data stored on your device that help us recognize your browser and remember certain information. We use cookies to personalize your experience, analyze usage patterns, and provide relevant content. You can control the use of cookies through your browser settings, but please note that disabling cookies may affect the functionality of our platform.

Log files: Like many websites, we gather certain information automatically and store it in log files. This information may include your IP address and browser type. We use this information to analyze trends, administer the Site, track user movement, and gather geographic location.

Web beacons: Web beacons (also known as clear gifs or pixel tags) are small graphic images embedded in web pages or emails. These beacons are used to monitor user interactions with the website or email, such as whether an email has been opened or a web page has been visited. We use web beacons for analytical purposes and to track the effectiveness of our communications.

Google Analytics: We utilize a software called Google Analytics to track and analyze usage statistics across our Services. Through Google Analytics, we gain valuable insights into user behavior, including page views, session durations, and interactions with various features. This data enables us to better understand how our audience engages with our Services, facilitating optimization of user experience and customization of content to better suit their preferences.

Mandrill: We utilize a software called Mandrill to track email interactions, including opens, clicks, and forwards. With Mandrill's tracking functionality, we can monitor when recipients open our emails and which links they click on. This data provides valuable insights into email engagement, allowing us to gauge the effectiveness of our communication efforts. By leveraging Mandrill's tracking capabilities, we can optimize our email campaigns for better reach and engagement, ultimately enhancing the overall effectiveness of our communication strategy.

Meta Pixel: The meta Pixel is a tracking tool provided by Meta that allows us to measure the effectiveness of our advertising by understanding the actions people take on our website. When you visit our website, the Meta Pixel collects information such as your IP address, browser type, referring/exit pages, and device information. Additionally, it may collect data on your interactions with our website, such as pages visited, links clicked, and actions taken. This information is used for purposes including but not limited to optimizing our advertising efforts, targeting relevant audiences, and understanding user behavior to improve our services.

JavaScript code: We may also use JavaScript code snippets to enhance our Site functionality and collect information about user interactions. This code may be used to track actions such as button clicks, form submissions, or page views. The information collected through JavaScript code is used for analytical purposes and to improve the performance of our Site.

By using our Services, you consent to the use of cookies, log files, web beacons, and JavaScript code as described above. 

How we use your information

We may utilize information about or from you, which may include PII or PHI, for various purposes including but not limited to:

  1. Providing you with a personalized experience on our Services;
  2. Researching the efficacy of our Services;
  3. Improving and enhancing the functionality of the Services;
  4. Developing new products and services;
  5. Offering support for the Services we provide and addressing requests and inquiries;
  6. Issuing notices about updates or alterations related to our Services;
  7. Marketing and advertising our Services including but not limited to through promotional emails;

Who we may share your information with 

We aim to provide a comprehensive understanding of the circumstances under which we may share the information we collect. This information may be disclosed to various third parties, including but not limited to:

Service providers: We may share your information with agents and service providers who perform specific functions or services on our behalf. These functions may include hosting our Services, managing databases, conducting analyses, or executing surveys. We do not share data with any medical providers or covered entities. Where possible we will make sure to de-identify your data as per recommended HIPAA guidance (e.g. if your account is temporarily unavailable, we may need to share your account details with service providers to provide service continuity).

Legal obligations and protection: We may disclose your information in situations required by law or necessary to protect the legal rights, safety, and security of our Company and the users of our Services. This includes enforcing our Terms of Service, preventing fraud, and complying with law enforcement or legal processes.

Business transfers: In the event of a sale, partial sale, transfer of our business, assets, merger, business transfer, or bankruptcy proceedings, your information may be transferred to one or more third parties involved in such transactions.

Business and Research partners: Only with your explicit consent, we may share your information with select business and research partners to facilitate collaborative efforts aimed at delivering new and enhanced products and services. We do not share data with any medical providers or covered entities. Any third parties involved will be required to adhere to strict data protection agreements and confidentiality obligations. If we do share your data, we will make sure to de-identify your data as per recommended HIPAA guidance and will avoid sharing any information that can be linked to your identity where possible (e.g. the answers to questions you put into the App) unless otherwise stated by you through an informed consent process for research purposes. However, it is important to note that even after removing identifiers, there is a possibility that the residual data may not achieve complete anonymity. We are also not responsible for the privacy policy of our partners. 

In the event of any change to the ownership or utilization of your information which may include PII or PHI, you shall receive notification through email and/or a notice on our Site. Additionally, you shall be apprised of any available options concerning how to manage your information.

How you can control what information we use, collect, and disclose

We strive to provide you with choices regarding our collection, use, and disclosure of the information you provide to us. The mechanisms listed below aim to provide you with control over such collection, use, and disclosure:

Marketing communications: If you do not want us to send you marketing or promotional communications, you can opt-out by clicking the “unsubscribe” link in any such promotional emails or emailing us at support-braintrust@blankslatetech.co.

Cookies: If you wish to manage first-party cookies on our Services, you can adjust your browser settings to enable, disable, or delete them. Instructions for managing cookies are typically found within the "Help", "Tools", or "Edit" settings of your browser. However, it's important to note that disabling cookies may restrict access to secure areas of the Services and impact the functionality of other parts of the Site. You can refer to the following resources (please note that this is not an exhaustive list) to manage cookies on your browser:

  1. Safari
  2. Android Browser
  3. Google Chrome
  4. Mozilla Firefox

Website data: You may request to edit/delete any information including PII and PHI that you have provided us through our Site by emailing us at support-braintrust@blankslatetech.co

App data: You may review, edit, and/or delete any information including PII and PHI via the App. Additionally, you can email us at support-braintrust@blankslatetech.co to request access to, correction of, and/or deletion of any information including your PII or PHI you have provided to us. However please note that upon account closure/termination, certain data may be retained for maintaining record integrity, fraud prevention, enforcement of our Terms of Use, safeguarding the integrity of our Services or our users, or as permitted by law. If any data was shared with above mentioned third parties for reasons discussed above before account termination, we have no control over that data.

We offer a range of services that allow you to correct or delete data stored in your braintrust account. For example, you can:

  • Edit your first name, last name, email, linked social media account, role, first name of care partner, phone number of care partner, in ‘Settings’ on your braintrust App
  • You can also edit your payment information and billing address in ‘Settings’ on your braintrust App
  • You can delete any content (questions and answers) entered into braintrust App
  • You can delete your braintrust account entirely in ‘Settings’ on your braintrust App
  • If you have previously given us consent to share your data with select business and research partners as described above, you also have the right to withdraw consent by emailing us at support-braintrust@blankslatetech.co. If any data was shared with above mentioned third parties before your withdrawal request, we have no control over that data.

For any other requests please email us at support-braintrust@blankslatetech.co.

User data storage

Your information, including PII and PHI, may be stored on our servers or those of our service providers. We take reasonable measures to safeguard the information provided to us against loss, misuse, unauthorized access, disclosure, alteration, or destruction. Our security protocols include and are not limited to encryption during storage and transmission of data. To access the app, you must provide an email and password, or create an account with an existing social media profile. Please keep these credentials confidential.

However, it's important to recognize that no Internet or email transmission is entirely secure or devoid of errors. Thus, exercise caution when determining what information you share with us. Please bear this in mind when disclosing any PII or PHI to us over the internet. Should a breach of security compromise your information, we will promptly notify you in compliance with applicable laws.

Data retention

At braintrust, we prioritize the protection of your privacy and the secure management of your data. We endeavor to retain your information only for as long as necessary for legitimate business purposes and in compliance with applicable legal obligations. We implement a comprehensive data retention policy to ensure transparency and adherence to privacy standards.

When you delete information/content on braintrust, we follow a clear process to securely delete your data. We remove the data from view to ensure it is no longer visible. We delete your data from our active systems and database to prevent its usage. Any remaining data is then carefully removed from our backup systems. The data may still remain in the backup system for 7 days - in this case,  after 7 days it will be removed automatically. In some cases, we make manual backups of your data (for example, in the case of a database migration), because of which your data may stay in the system for a longer time, but will be deleted as soon as possible.

It's important to note that once your data is deleted, we do not share it with any third parties in the future. However, any data shared before your delete request may still be beyond our control. We may retain certain data throughout the lifespan of your account to enhance your experience on our platform. This may include information that helps us understand user interactions with our App and enables us to continue providing you with certain services. For instance, if you delete a question from our App, we may retain the points you previously earned from reviewing it for as long as we need it to maintain seamless service continuity, in this case, reporting your progress to you. 

When you delete your account, all your information will be deleted. Some data may still remain in the backup system for 7 days and after 7 days it will be removed automatically. In some cases, we make manual backups of your data (for example, in the case of database migration), because of which your data may stay in the system for a longer time, but will be deleted as soon as possible. There may still be some statistical data (such as points earned, questions reviewed per day) left in our database after you delete your account, but it will be stored in a completely de-identified manner. If you want to access our services after account deletion, please create a new account. 

It's important to note that once your account is deleted, we will not share any information from that account with any third parties in the future. However, any data shared before your delete request may still be beyond our control. 

We may extend data retention of certain information for specific reasons, such as legal or business obligations, security measures, fraud prevention, and financial record-keeping. These practices underscore our commitment to providing a secure and reliable platform while safeguarding your privacy.

Privacy and data access

We prioritize the privacy and security of our users' data. Our Services may request permission to access your photos and camera so you can add pictures or images you want to help remembering using the App. We do not request access to your device’s contacts or any other apps and information on your phone. Additionally, our App allows you to share data with social media accounts such as Meta, only with your explicit permission. You have control over the sharing of your data, and you can manage your preferences in the App’s settings.

Data breach notification and data protection

In the unfortunate event of a data breach, our Company is committed to promptly notifying affected individuals in compliance with all applicable laws and regulations. We have implemented robust security measures to safeguard consumers' data against unauthorized access, disclosure, alteration, or destruction. These measures include encryption protocols, access controls, and employee training on data protection practices.

Do not track

Blank Slate Technologies LLC does not monitor its customers' activities across different websites/apps over time to deliver personalized advertising. As a result, it does not acknowledge or respond to "Do Not Track" (DNT) signals.

Third-party information collection

We use third-party software to build certain components of our Services. We may permit third parties to gather information via our Services. For instance, our third-party service providers might collect data for purposes such as traffic measurement, research, and analytics through our Services.

It's important to note that the information collected and stored by these third parties is governed by their policies and practices. We have no control over the tracking technologies employed by these third parties or how they utilize the data.

Presently, we utilize the services of the following third-party vendors, who may collect your information. You can click on the hyperlinks provided below to review their respective privacy policies:

Google: https://policies.google.com/privacy?hl=en-US

Meta, meta Pixel: https://www.facebook.com/privacy/policy/

Apple: https://www.apple.com/legal/privacy/en-ww/

Webflow: https://webflow.com/legal/cookie-policy

Google Analytics: https://policies.google.com/technologies/

partner-sites

RevenueCat: https://www.revenuecat.com/privacy/

Mailchimp: https://mailchimp.com/about/security/

Zapier: https://zapier.com/legal/data-privacy

Mockaroo: https://www.mockaroo.com/help/privacy

LaunchList: https://getlaunchlist.com/legal/privacy

Social networking services

Our Services may offer functionality allowing you to share information on various third-party services or platforms, such as social networking services like Meta. By utilizing this feature, you acknowledge that your activities may be visible to your friends, followers, and subscribers on these third-party services or platforms. Please be aware that interactions on social media platforms, where content from the App and Site is shared, are governed by the privacy policies of those platforms. We are not liable for how they handle your data.

Links to third-party sites and services

Our Services may include links to third-party websites or services. We do not bear responsibility for the privacy practices or content of these third-party sites or services. We recommend reviewing the privacy policies of any third-party sites or services you visit.

Notice to California residents

As a California resident, you have certain rights regarding your personal information, which we are committed to respecting and facilitating. These rights include:

Right to Know and Access: You may request information about:

  • The categories of personal information we collect, sell, or disclose.
  • The purposes for which we collect or disclose personal information.
  • The categories of sources from which we collect personal information.
  • The categories of third parties with whom we share personal information.
  • The specific pieces of personal information collected about you in the past twelve months.

Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions. 

Verification and Submission of Requests: Requests for access to or deletion of personal information are subject to verification of your identity, in accordance with relevant CCPA requirements. To initiate such requests, please contact us at support-braintrust@blankslatetech.co, by including the email address associated with your account, and a statement confirming California residency. 

Please note that exercising your privacy rights will not result in any discriminatory treatment. We are committed to the fair and equal treatment of all users. Regardless of whether you choose to exercise your rights, you'll continue to receive the same level of service and functionality from our app.

Shine the Light: Our policy ensures that we do not rent, sell, or share your personal information with non-affiliated companies for their direct marketing purposes unless we have obtained your explicit permission, as mandated by California's "Shine the Light" law (Civil Code § 1798.83).

Authorization of an Agent: Should you wish to designate an agent to act on your behalf for making requests, kindly provide us with a written authorization signed by both you and the authorized agent at support-braintrust@blankslatetech.co.

If you are under 18 years of age, reside in California, and maintain a registered account with our Services, you possess the right to request removal of publicly posted data on our App or Site. To initiate such a request, please contact us at support-braintrust@blankslatetech.co, by including the email address associated with your account, and a statement confirming California residency. While we will ensure that the data is no longer publicly displayed on our App or Site, please note that it may not be entirely expunged from our systems. For any other requests concerning changes or information about the collection, usage, or disclosure of your information, please email us at support-braintrust@blankslatetech.co.

Children under the age of 13

Our Services are not directed toward children under 13 years of age, and we do not knowingly collect PII from such individuals. If you are under 13, please refrain from using or providing any information on the App or Site. If we discover we have collected or received Personal Information from a child under 13 without verifiable parental consent, we will promptly delete such information. If you suspect we may possess information about a child under 13, please contact us at support-braintrust@blankslatetech.co.

Information about other individuals

The Services are hosted in the United States and are intended for users within the United States. Accessing our Services from outside the United States is at your own risk and it is your responsibility to ensure compliance with applicable laws.  By providing your information to us, you consent to the transfer and processing of your information in the United States, which may not offer the same level of data protection as your country of residence.

Contact us

If you have any questions or concerns about our Terms of Use or Privacy Policy, please contact us at support-braintrust@blankslatetech.co.