Contracts
- Acceptable Use Policy
- California Privacy Addendum
- CCPA Resources
- Data Subject Rights - CCPA
- Data Subject Rights - EU
- Data Subject Rights - LGPD
- Modern Slavery and Human Trafficking Statement
- Native Compute Library
- Onboarding Services SOW
- Privacy Opt-Out
- Privacy Policy
- Privacy Policy for Job Applicants and Personnel
- Professional Services Terms & Conditions
- SaaS Branch App DPA
- Service Level Addendum
- Supplier Code of Conduct
- Technical Audit Services SOW
- Terms & Conditions
- Third Party List
Acceptable Use Policy
Effective January 1, 2023
DownloadTable of Contents
Deep Linking And Attribution Analytics Services
Acceptable Use Policy
Last updated June 10, 2022
This Acceptable Use Policy (“AUP”) sets forth certain restrictions on Your access and use of Branch Metrics, Inc.’s and its affiliates’ (collectively, “Branch” or “Us”) deep linking and attribution analytics services (collectively, the “Services”). This AUP is incorporated by reference into Branch’s Terms and Conditions, or instead, where there is a service agreement in place between You (“You”, “Your”, or “Customer”) and Branch Metrics, Inc. (“Agreement”). The restrictions set forth in this AUP are not exhaustive.
Applicability. This Branch AUP applies to all Branch Customers, as well as all Authorized Users You provide access to the Services to on Your behalf. A breach of this AUP by You or any Authorized Users is considered a breach of the Agreement between You and Branch.
Definitions. The capitalized terms that are not defined in this AUP will have the meanings assigned to them in the Agreement.
Prohibited Actions. You will not use Branch’s Services to do any of the following:
- collect, transmit or store any information or content that that is illegal, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically based or otherwise poses a threat to the public;
- collect, transmit or store any unsolicited or unauthorized advertising, promotional materials, “junk mail,” “spam,” “chain letters,” “pyramid schemes,” or any other forms of unauthorized solicitation;
- collect, transmit, or store any sensitive information such as end user account passwords, financial information (e.g. bank account numbers, credit/debit card information, or any information regulated under the Gramm–Leach–Bliley Act), personal health information (including information regulated under the Health Insurance Portability and Accountability Act), government identifiers (e.g. driver’s license, passport, national ID, social security, TIN or EIN numbers), or other information considered sensitive under applicable law such as biometric or genetic data, information about one’s religious beliefs, race, sex life or orientation; or
- create lists or segments of children under the age of 13, (and in certain jurisdictions under the age of 16), advertise mobile applications or websites that are directed to children under 13, (and in certain jurisdictions under 16), and/or knowingly market products or services to children under the age of 13 (and in certain jurisdictions under the age of 16), without employing appropriate SDK Privacy Controls settings documented at https://help.branch.io/developers-hub/docs/sdk-privacy-controls within the Services to limit data collection for children under 13 (and in certain jurisdictions under 16), in order to comply with any applicable laws protecting children (including, but not limited to, GDPR and COPPA)
Intellectual Property Restrictions. You shall not attempt to reverse engineer, disassemble, copy or decompile the Services in any way. You shall also refrain from infringing any patent, trademark, trade secret, copyright, or other right of any party (including, but not limited to the Digital Millennium Copyright Act of 1998 ("DMCA") in Your use of the Services. Branch reserves the right to take any and all actions it deems necessary to mitigate and discontinue any suspected or actual infringement of the foregoing.
Service Integrity Restrictions. You shall not attempt to perform any penetration testing, security vulnerability testing or other scans or tests to exploit the Services or attempt to bypass the Service’s security mechanisms or filtering capabilities. Additionally, You shall not attempt to perform any denial of service (DoS) attack on the Services or any other conduct that attempts to disrupt, disable, or overload the Services.
Effective October 11, 2022 to January 1, 2023
DownloadTable of Contents
Deep Linking And Attribution Analytics Services
Acceptable Use Policy
Last updated June 10, 2022
This Acceptable Use Policy (“AUP”) sets forth certain restrictions on Your access and use of Branch Metrics, Inc.’s and its affiliates’ (collectively, “Branch” or “Us”) deep linking and attribution analytics services (collectively, the “Services”). This AUP is incorporated by reference into Branch’s Terms and Conditions, or instead, where there is a service agreement in place between You (“You”, “Your”, or “Customer”) and Branch Metrics, Inc. (“Agreement”). The restrictions set forth in this AUP are not exhaustive.
Applicability. This Branch AUP applies to all Branch Customers, as well as all Authorized Users You provide access to the Services to on Your behalf. A breach of this AUP by You or any Authorized Users is considered a breach of the Agreement between You and Branch.
Definitions. The capitalized terms that are not defined in this AUP will have the meanings assigned to them in the Agreement.
Prohibited Actions. You will not use Branch’s Services to do any of the following:
- collect, transmit or store any information or content that that is illegal, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically based or otherwise poses a threat to the public;
- collect, transmit or store any unsolicited or unauthorized advertising, promotional materials, “junk mail,” “spam,” “chain letters,” “pyramid schemes,” or any other forms of unauthorized solicitation;
- collect, transmit, or store any sensitive information such as end user account passwords, financial information (e.g. bank account numbers, credit/debit card information, or any information regulated under the Gramm–Leach–Bliley Act), personal health information (including information regulated under the Health Insurance Portability and Accountability Act), government identifiers (e.g. driver’s license, passport, national ID, social security, TIN or EIN numbers), or other information considered sensitive under applicable law such as biometric or genetic data, information about one’s religious beliefs, race, sex life or orientation; or
- create lists or segments of children under the age of 13, (and in certain jurisdictions under the age of 16), advertise mobile applications or websites that are directed to children under 13, (and in certain jurisdictions under 16), and/or knowingly market products or services to children under the age of 13 (and in certain jurisdictions under the age of 16), without employing appropriate SDK Privacy Controls settings documented at https://help.branch.io/developers-hub/docs/sdk-privacy-controls within the Services to limit data collection for children under 13 (and in certain jurisdictions under 16), in order to comply with any applicable laws protecting children (including, but not limited to, GDPR and COPPA)
Intellectual Property Restrictions. You shall not attempt to reverse engineer, disassemble, copy or decompile the Services in any way. You shall also refrain from infringing any patent, trademark, trade secret, copyright, or other right of any party (including, but not limited to the Digital Millennium Copyright Act of 1998 ("DMCA") in Your use of the Services. Branch reserves the right to take any and all actions it deems necessary to mitigate and discontinue any suspected or actual infringement of the foregoing.
Service Integrity Restrictions. You shall not attempt to perform any penetration testing, security vulnerability testing or other scans or tests to exploit the Services or attempt to bypass the Service’s security mechanisms or filtering capabilities. Additionally, You shall not attempt to perform any denial of service (DoS) attack on the Services or any other conduct that attempts to disrupt, disable, or overload the Services.
Effective July 1, 2022 to October 11, 2022
DownloadTable of Contents
Deep Linking And Attribution Analytics Services
Acceptable Use Policy
Last updated June 10, 2022
This Acceptable Use Policy (“AUP”) sets forth certain restrictions on Your access and use of Branch Metrics, Inc.’s and its affiliates’ (collectively, “Branch” or “Us”) deep linking and attribution analytics services (collectively, the “Services”). This AUP is incorporated by reference into Branch’s Terms and Conditions, or instead, where there is a service agreement in place between You (“You”, “Your”, or “Customer”) and Branch Metrics, Inc. (“Agreement”). The restrictions set forth in this AUP are not exhaustive.
Applicability. This Branch AUP applies to all Branch Customers, as well as all Authorized Users You provide access to the Services to on Your behalf. A breach of this AUP by You or any Authorized Users is considered a breach of the Agreement between You and Branch.
Definitions. The capitalized terms that are not defined in this AUP will have the meanings assigned to them in the Agreement.
Prohibited Actions. You will not use Branch’s Services to do any of the following:
- collect, transmit or store any information or content that that is illegal, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically based or otherwise poses a threat to the public;
- collect, transmit or store any unsolicited or unauthorized advertising, promotional materials, “junk mail,” “spam,” “chain letters,” “pyramid schemes,” or any other forms of unauthorized solicitation;
- collect, transmit, or store any sensitive information such as end user account passwords, financial information (e.g. bank account numbers, credit/debit card information, or any information regulated under the Gramm–Leach–Bliley Act), personal health information (including information regulated under the Health Insurance Portability and Accountability Act), government identifiers (e.g. driver’s license, passport, national ID, social security, TIN or EIN numbers), or other information considered sensitive under applicable law such as biometric or genetic data, information about one’s religious beliefs, race, sex life or orientation; or
- create lists or segments of children under the age of 13, (and in certain jurisdictions under the age of 16), advertise mobile applications or websites that are directed to children under 13, (and in certain jurisdictions under 16), and/or knowingly market products or services to children under the age of 13 (and in certain jurisdictions under the age of 16), without employing appropriate SDK Privacy Controls settings documented at https://help.branch.io/developers-hub/docs/sdk-privacy-controls within the Services to limit data collection for children under 13 (and in certain jurisdictions under 16), in order to comply with any applicable laws protecting children (including, but not limited to, GDPR and COPPA)
Intellectual Property Restrictions. You shall not attempt to reverse engineer, disassemble, copy or decompile the Services in any way. You shall also refrain from infringing any patent, trademark, trade secret, copyright, or other right of any party (including, but not limited to the Digital Millennium Copyright Act of 1998 ("DMCA") in Your use of the Services. Branch reserves the right to take any and all actions it deems necessary to mitigate and discontinue any suspected or actual infringement of the foregoing.
Service Integrity Restrictions. You shall not attempt to perform any penetration testing, security vulnerability testing or other scans or tests to exploit the Services or attempt to bypass the Service’s security mechanisms or filtering capabilities. Additionally, You shall not attempt to perform any denial of service (DoS) attack on the Services or any other conduct that attempts to disrupt, disable, or overload the Services.
Effective June 1, 2022 to July 1, 2022
DownloadTable of Contents
Deep Linking And Attribution Analytics Services
Acceptable Use Policy
Last updated March 26th, 2020
This Acceptable Use Policy (“AUP”) sets forth certain restrictions on Your access and use of Branch Metrics, Inc.’s and its affiliates’ (collectively, “Branch” or “Us”) deep linking and attribution analytics services (collectively, the “Services”). This AUP is incorporated by reference into Branch’s Terms and Conditions, or instead, where there is a service agreement in place between You (“You”, “Your”, or “Customer”) and Branch Metrics, Inc. (“Agreement”). The restrictions set forth in this AUP are not exhaustive.
Definitions. The capitalized terms that are not defined in this AUP will have the meanings assigned to them in the Agreement.
Prohibited Actions. You will not use Branch’s Services to do any of the following:
- upload, post, email, or otherwise transmit any information that contains anything unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically or otherwise objectionable;
- harm Us or third parties in any way;
- impersonate any person or entity, or otherwise misrepresent Customer’s affiliation with a person or entity;
- upload, post, email, or otherwise transmit any information that Customer does not have a right to transmit under any law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
- upload, post, email or otherwise transmit any information that infringes any patent, trademark, trade secret, copyright, or other right of any party;
- upload, post, email, or otherwise transmit any unsolicited or unauthorized advertising, promotional materials, “junk mail,” “spam,” “chain letters,” “pyramid schemes,” or any other forms of unauthorized solicitation;
- upload, post, email, or otherwise transmit any material that contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment;
- upload, post, email, enable the Services to collect, or otherwise transmit any sensitive information such as end user account passwords, financial information (e.g. bank account numbers, credit/debit card information, or any information regulated under the Gramm–Leach–Bliley Act), personal health information (including information regulated under the Health Insurance Portability and Accountability Act), government identifiers (e.g. driver’s license, passport, national ID, social security, TIN or EIN numbers), or other information considered sensitive under applicable law such as biometric or genetic data, information about one’s religious beliefs, race, sex life or orientation;
- create lists or segments of children under the age of 13, (and in certain jurisdictions under the age of 16), advertise mobile applications or websites that are directed to children under 13, (and in certain jurisdictions under 16), and/or knowingly market products or services to children under the age of 13 (and in certain jurisdictions under the age of 16), without employing appropriate SDK Privacy Controls settings documented at https://help.branch.io/developers-hub/docs/sdk-privacy-controls within the Services to limit data collection for children under 13 (and in certain jurisdictions under 16), in order to comply with any applicable laws protecting children (including, but not limited to, GDPR and COPPA);
- interfere with or disrupt the Services or servers or networks connected to the Services, or disobey any requirements, procedures, policies or regulations of networks connected to the Services;
- intentionally or unintentionally violate any applicable local, state, national or international law or regulation;
- reverse engineer or otherwise attempt to discover the underlying code of the Services;
- “stalk” or otherwise harass another; or
- permit any third party which pools or aggregates data across its customers to use the data provided to Customer through the Services for its own benefit or use.
California Privacy Addendum
Effective January 1, 2023
DownloadTable of Contents
California Privacy Addendum
Effective: January 1, 2023
This California Privacy Addendum (“Addendum”) amends and is an integral part of Branch Metrics, Inc.’s Terms & Conditions (or instead, where there is a service agreement in place between you and Branch (“Service Agreement”), of that Service Agreement), which together with one or more Order Forms, addendums, or exhibits forms the “Agreement” between you (“Customer,” “you,” or “your”) and Branch Metrics, Inc. d/b/a Branch Metrics (“Branch,” “Branch Metrics,” “we,” or “us”), each a “Party” and collectively the “Parties”. This Addendum shall prevail over any conflicting term of the Agreement regarding the Personal Information of residents of the State of California.
I. DEFINITIONS
The following terms will have the meanings set forth below. Capitalized terms used in this Addendum that are not defined herein shall have the meanings set forth in the Agreement.
- “CCPA” means the California Consumer Privacy Act at Cal. Civ. Code §§ 1798.100 - 1798.199, including its implementing regulations.
- “Personal Information” shall have the meaning set forth in the CCPA, limited to the information that Branch processes on behalf of Customer in its performance of its obligations under the Agreement.
- The terms “Business,” “Service Provider,” “Share,” and “Sell” shall have the meaning set forth in the CCPA.
II. PARTIES’ ROLES AND PROCESSING DETAILS
- The Parties agree that you are a Business and Branch is a Service Provider.
- Branch shall process Personal Information as necessary for the performance of the Services, as well as related support and professional services as set forth in the Agreement, or where directed by other reasonable documented instructions provided by Customer (collectively, the “Business Purposes”).
III. BRANCH’S OBLIGATIONS
- Customer Instructions. Customer directs Branch to collect, retain, use, disclose, and/or otherwise process Personal Information (i) to fulfill Branch’s obligations to perform the Business Purposes, (ii) to fulfill Branch’s obligations in this Addendum, (iii) internal use as permitted by the CCPA, (iv) to detect data security incidents or protect against fraudulent or illegal activity, and (v) as otherwise directed by Customer in writing.
- Use Limitations. Except as authorized by the CCPA, Branch shall:
- not Sell or Share Personal Information;
- not retain, use, or disclose Personal Information outside of the direct business relationship between Customer and Branch that would render it a “Third Party” under CCPA;
- not retain, use, or disclose Personal Information for any commercial purpose other than the Business Purposes;
- not attempt to re-identify any pseudonymized, anonymized, aggregate, or de-identified Personal Information without Customer’s express written permission;
- not attempt to link, identify, or otherwise create a relationship between Personal Information and other personal information or any other data without the express authorization of Customer;
- comply with any applicable restrictions under the CCPA on combining Personal Information with personal information that Branch receives from, or on behalf of, another person or persons, or that Branch collects from any interaction between it and any individual;
- provide the same level of protection for Personal Information as is required under the CCPA as to Customer;
- not otherwise engage in any processing of Personal Information that is prohibited or not permitted by Service Providers under the CCPA; and
- notify Customer if Branch determines it can no longer meet its obligations under the CCPA.
- Permitted Uses. In addition to the purposes set forth above, Customer understands and agrees that Branch may collect, retain, use, disclose, and otherwise process Personal Information as follows:
- To collect, use, retain, share, or disclose Personal Information that has been (A) aggregated or (B) de-identified in accordance with the CCPA.
- To comply with applicable laws.
- To comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities
- To cooperate with law enforcement agencies concerning conduct or activity that Customer, Branch, or a third party reasonably and in good faith believes may violate federal, state, or local law.
- To exercise or defend legal claims.
- Access, Deletion, and Correction Requests. Upon written request of Customer, Branch shall assist Customer in complying with Customer’s obligations under the CCPA to respond to verifiable consumer requests to access, delete, or correct Personal Information. Branch shall have no obligation to re-identify or otherwise link information that is not maintained in a manner that would be considered Personal Information.
- Branch Certification. Branch certifies that it understands the restrictions and obligations set forth above.
IV. CUSTOMER RIGHTS AND OBLIGATIONS.
- Compliance with Applicable Law. Customer shall comply with applicable laws, including without limitation, and to the extent required: (i) providing notice; (ii) obtaining consent; (iii) honoring access, deletion, opt-out, and opt-in rights and requests; and (iv) otherwise ensuring that it and Branch have any and all rights required in order for Branch to collect, retain, use, disclose, and otherwise process Personal Information under the Agreement.
- Customer Directions. Customer shall not direct Branch to collect, retain, use, disclose, or otherwise process Personal Information in violation of the CCPA or other applicable laws.
- Responding to Requests. Customer understands and agrees that it is solely responsible for responding to requests to exercise individual rights and that Branch shall have no responsibility to respond directly to an individual on the Customer’s behalf, absent written instructions from the Customer. Where Branch receives a consumer request to access, correct, or delete Personal Information, it may inform the individual that the request cannot be acted upon because the request has been sent to a Service Provider.
- Remediation. Customer may take reasonable and appropriate steps to ensure Branch uses the Personal Information consistent with Customer’s obligations under the CCPA. Customer retains the right to take reasonable and appropriate steps to stop and remediate unauthorized processing of Personal Information, including any Personal Information not expressly authorized in this Addendum.
Effective December 22, 2022 to January 1, 2023
DownloadTable of Contents
California Privacy Addendum
Effective: January 1, 2023
This California Privacy Addendum (“Addendum”) amends and is an integral part of Branch Metrics, Inc.’s Terms & Conditions (or instead, where there is a service agreement in place between you and Branch (“Service Agreement”), of that Service Agreement), which together with one or more Order Forms, addendums, or exhibits forms the “Agreement” between you (“Customer,” “you,” or “your”) and Branch Metrics, Inc. d/b/a Branch Metrics (“Branch,” “Branch Metrics,” “we,” or “us”), each a “Party” and collectively the “Parties”. This Addendum shall prevail over any conflicting term of the Agreement regarding the Personal Information of residents of the State of California.
I. DEFINITIONS
The following terms will have the meanings set forth below. Capitalized terms used in this Addendum that are not defined herein shall have the meanings set forth in the Agreement.
- “CCPA” means the California Consumer Privacy Act at Cal. Civ. Code §§ 1798.100 - 1798.199, including its implementing regulations.
- “Personal Information” shall have the meaning set forth in the CCPA, limited to the information that Branch processes on behalf of Customer in its performance of its obligations under the Agreement.
- The terms “Business,” “Service Provider,” “Share,” and “Sell” shall have the meaning set forth in the CCPA.
II. PARTIES’ ROLES AND PROCESSING DETAILS
- The Parties agree that you are a Business and Branch is a Service Provider.
- Branch shall process Personal Information as necessary for the performance of the Services, as well as related support and professional services as set forth in the Agreement, or where directed by other reasonable documented instructions provided by Customer (collectively, the “Business Purposes”).
III. BRANCH’S OBLIGATIONS
- Customer Instructions. Customer directs Branch to collect, retain, use, disclose, and/or otherwise process Personal Information (i) to fulfill Branch’s obligations to perform the Business Purposes, (ii) to fulfill Branch’s obligations in this Addendum, (iii) internal use as permitted by the CCPA, (iv) to detect data security incidents or protect against fraudulent or illegal activity, and (v) as otherwise directed by Customer in writing.
- Use Limitations. Except as authorized by the CCPA, Branch shall:
- not Sell or Share Personal Information;
- not retain, use, or disclose Personal Information outside of the direct business relationship between Customer and Branch that would render it a “Third Party” under CCPA;
- not retain, use, or disclose Personal Information for any commercial purpose other than the Business Purposes;
- not attempt to re-identify any pseudonymized, anonymized, aggregate, or de-identified Personal Information without Customer’s express written permission;
- not attempt to link, identify, or otherwise create a relationship between Personal Information and other personal information or any other data without the express authorization of Customer;
- comply with any applicable restrictions under the CCPA on combining Personal Information with personal information that Branch receives from, or on behalf of, another person or persons, or that Branch collects from any interaction between it and any individual;
- provide the same level of protection for Personal Information as is required under the CCPA as to Customer;
- not otherwise engage in any processing of Personal Information that is prohibited or not permitted by Service Providers under the CCPA; and
- notify Customer if Branch determines it can no longer meet its obligations under the CCPA.
- Permitted Uses. In addition to the purposes set forth above, Customer understands and agrees that Branch may collect, retain, use, disclose, and otherwise process Personal Information as follows:
- To collect, use, retain, share, or disclose Personal Information that has been (A) aggregated or (B) de-identified in accordance with the CCPA.
- To comply with applicable laws.
- To comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities
- To cooperate with law enforcement agencies concerning conduct or activity that Customer, Branch, or a third party reasonably and in good faith believes may violate federal, state, or local law.
- To exercise or defend legal claims.
- Access, Deletion, and Correction Requests. Upon written request of Customer, Branch shall assist Customer in complying with Customer’s obligations under the CCPA to respond to verifiable consumer requests to access, delete, or correct Personal Information. Branch shall have no obligation to re-identify or otherwise link information that is not maintained in a manner that would be considered Personal Information.
- Branch Certification. Branch certifies that it understands the restrictions and obligations set forth above.
IV. CUSTOMER RIGHTS AND OBLIGATIONS.
- Compliance with Applicable Law. Customer shall comply with applicable laws, including without limitation, and to the extent required: (i) providing notice; (ii) obtaining consent; (iii) honoring access, deletion, opt-out, and opt-in rights and requests; and (iv) otherwise ensuring that it and Branch have any and all rights required in order for Branch to collect, retain, use, disclose, and otherwise process Personal Information under the Agreement.
- Customer Directions. Customer shall not direct Branch to collect, retain, use, disclose, or otherwise process Personal Information in violation of the CCPA or other applicable laws.
- Responding to Requests. Customer understands and agrees that it is solely responsible for responding to requests to exercise individual rights and that Branch shall have no responsibility to respond directly to an individual on the Customer’s behalf, absent written instructions from the Customer. Where Branch receives a consumer request to access, correct, or delete Personal Information, it may inform the individual that the request cannot be acted upon because the request has been sent to a Service Provider.
- Remediation. Customer may take reasonable and appropriate steps to ensure Branch uses the Personal Information consistent with Customer’s obligations under the CCPA. Customer retains the right to take reasonable and appropriate steps to stop and remediate unauthorized processing of Personal Information, including any Personal Information not expressly authorized in this Addendum.
Effective October 11, 2022 to December 22, 2022
DownloadTable of Contents
California Privacy Addendum
Updated: September 9th, 2021
This California Privacy Addendum (“Addendum”) amends and is an integral part of Branch Metrics, Inc.’s Terms & Conditions (or instead, where there is a service agreement in place between you and Branch (“Service Agreement”), of that Service Agreement), which together with one or more Order Forms, addendums, or exhibits forms the “Agreement” between you (“Business,” “you,” or “your”) and Branch Metrics, Inc. d/b/a Branch Metrics (“Branch,” “Branch Metrics,” “we,” or “us”), each a “Party” and collectively the “Parties”. This Addendum shall prevail over any conflicting term of the Agreement with regard to the Personal Information of residents of the State of California.
I. DEFINITIONS
The following terms will have the meanings set forth below. Capitalized terms used in this Addendum that are not defined herein shall have the meanings set forth in the Agreement.
- “CCPA” means the California Consumer Privacy Act at Cal. Civ. Code §§ 1798.100 - 1798.199.
- “Personal Information” shall have the meaning set forth in the CCPA, limited to the information that Branch processes on behalf of Business.
- The terms “Business” and “Sell” shall have the meaning set forth in the CCPA.
II. PARTIES’ ROLES
- The Parties agree that you are a Business and Branch is a Service Provider, as those terms are defined in the CCPA.
III. BRANCH’S OBLIGATIONS
- Business Instructions. Business directs Branch to collect, retain, use, disclose, and/or otherwise process Personal Information for (i) to fulfill Branch’s obligations to perform the Branch Services under the Agreement, (ii) to fulfill Branch’s obligations in this Addendum, (iii) internal use as permitted by the CCPA, (iv) to detect data security incidents or protect against fraudulent or illegal activity, and (v) as otherwise directed by Business in writing.
- Use Limitations. Branch shall not Sell Personal Information or otherwise retain, use, or disclose Personal Information for any commercial purpose other than for the specific purposes set forth herein.
- Permitted Uses. In addition to the purposes set forth above, Business understands and agrees that Branch may collect, retain, use, disclose, and otherwise process Personal Information as follows:
- To collect, use, retain, share, or disclose Personal Information that has been (A) aggregated or (B) de-identified in accordance with the CCPA.
- To comply with applicable laws.
- To comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities
- To cooperate with law enforcement agencies concerning conduct or activity that Business, Branch, or a third party reasonably and in good faith believes may violate federal, state, or local law.
- To exercise or defend legal claims.
- Access and Deletion Requests. Upon written request of Business, Branch shall assist Business in complying with Business’ obligations under the CCPA to respond to verifiable consumer requests to access or delete Personal Information. Branch shall have no obligation to reidentify or otherwise link information that is not maintained in a manner that would be considered Personal Information.
- Branch Certification. Branch certifies that it understands the restrictions and obligations set forth above.
IV. BUSINESS OBLIGATIONS
- Compliance with Applicable Law. Business shall comply with applicable laws, including without limitation, and to the extent required: (i) providing notice; (ii) obtaining consent; (iii) honoring access, deletion, opt-out, and opt-in rights and requests; and (iv) otherwise ensuring that it and Branch have any and all rights required in order for Branch to collect, retain, use, disclose, and otherwise process Personal Information under the Agreement.
- Business Directions. Business shall not direct Branch to collect, retain, use, disclose, or otherwise process Personal Information in violation of the CCPA or other applicable laws.
- Responding to Requests. Business understands and agrees that it is solely responsible for responding to requests to exercise individual rights and that Branch shall have no responsibility to respond directly to an individual on the Business’ behalf, absent written instructions from the Business. Where Branch receives a consumer request to access or delete Personal Information, it may inform the individual that the request cannot be acted upon because the request has been sent to a Service Provider.
CCPA Resources
Effective January 1, 2023
DownloadTable of Contents
Branch, CCPA, and CPRA
On January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) took effect. The California Privacy Rights Act (“CPRA”) amendments to the CCPA become effective January 1, 2023. Building on the privacy foundation established through our GDPR compliance efforts, Branch is committed to ensuring that our services continue to comply with the CCPA.
We have created this CCPA resource page to help you understand the steps that Branch has taken regarding its own CCPA compliance, and the tools available to our customers to enable the use of Branch’s services in a CCPA-compliant way.
In this guide, we have capitalized terms defined by the CCPA, as amended by the CPRA, so you can easily identify them.
The role of Branch under the CCPA
How does the CCPA apply to the relationship between Branch and its customers?
If you are using Branch analytics and deep-linking services as a customer, there is an agreement between you and Branch that describes the services that Branch provides to you. This agreement may include order forms, exhibits, or addenda, and serves as your instruction to Branch to process personal data as part of Branch’s performance of our services. For the purposes of the CCPA, the data that Branch collects on behalf of its customers may include Personal Information.
When using our analytics and deep-linking services, if you are subject to the CCPA, you are a “Business” and Branch is your “Service Provider,” as those terms are defined in the CCPA. Your disclosure of Personal Information related to your end users with Branch, and Branch’s collection on your behalf of Personal Information related to your end users, are done to facilitate Branch’s performance of its services that you contracted for.
Branch Will Never Sell or Share Personal Information
As part of its provision of analytics and deep-linking services to you, Branch does not “Sell” or “Share” Personal Information of your end users as defined under the CCPA.
This Addendum supplements our agreement with you and confirms our commitment to not Sell or Share Personal Information as part of our analytics and deep-linking services.
How Branch supports CCPA compliance for our customers
CCPA Addendum
Branch has updated its terms to codify our position as your Service Provider (as defined by CCPA). We’ve made our California Privacy addendum available for review, which reflects our CCPA standards. This California Privacy Addendum supplements our agreement with you and confirms our commitment to not Sell or Share Personal Information in violation of the CCPA.
Handling Consumer Rights Requests
As a Business, it is your responsibility under the CCPA to respond to requests relating to the Personal Information of your end users, including end user requests to access, delete, or correct their Personal Information.
Verifiable Consumer Requests
As a Service Provider under the CCPA, Branch works with you when your end users contact you to exercise their rights under the CCPA to obtain access to, delete, or correct Personal Information.
Branch will follow your instructions to delete or rectify Personal Information as required under the law, unless Branch concludes that it is necessary for Branch to maintain such Personal Information for one or more permitted purposes under applicable law (e.g., to detect fraudulent or illegal activity, or to prosecute those responsible for these activities).
To submit an end-user request to our team, reach out to us through our data subject request portal and we will work with you to fulfill your end user’s request for Personal Information we process on your behalf. Please include in that request the end-user’s advertising identifier (e.g., IDFA/GAID), and the date you received the end-user’s request. For further information about how to submit these requests to Branch on behalf of your end users, please click here.
CCPA & CPRA - Updated Privacy Policy
Branch’s privacy policy reflects applicable disclosure requirements under the CCPA, as amended by the CPRA. If you have any questions related to Branch’s CCPA compliance efforts, please contact our Privacy Team at: privacy@branch.io.
How to make a request to Branch under the CCPA
If you are a Branch customer who has end users that are California residents and that wish to exercise their CCPA rights, please click below to submit your request on their behalf.
Other Resources
Data collected by Branch
Read our Privacy Policy for full details on the types of data Branch collects, and how we use each one to provide our services.
List of third-party vendors
We maintain a list of vendors that process personal data on Branch's behalf, and the purpose for which we share data with each of these vendors.
California Privacy Addendum
Effective December 22, 2022 to January 1, 2023
DownloadTable of Contents
Branch, CCPA, and CPRA
On January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) took effect. The California Privacy Rights Act (“CPRA”) amendments to the CCPA become effective January 1, 2023. Building on the privacy foundation established through our GDPR compliance efforts, Branch is committed to ensuring that our services continue to comply with the CCPA.
We have created this CCPA resource page to help you understand the steps that Branch has taken regarding its own CCPA compliance, and the tools available to our customers to enable the use of Branch’s services in a CCPA-compliant way.
In this guide, we have capitalized terms defined by the CCPA, as amended by the CPRA, so you can easily identify them.
The role of Branch under the CCPA
How does the CCPA apply to the relationship between Branch and its customers?
If you are using Branch analytics and deep-linking services as a customer, there is an agreement between you and Branch that describes the services that Branch provides to you. This agreement may include order forms, exhibits, or addenda, and serves as your instruction to Branch to process personal data as part of Branch’s performance of our services. For the purposes of the CCPA, the data that Branch collects on behalf of its customers may include Personal Information.
When using our analytics and deep-linking services, if you are subject to the CCPA, you are a “Business” and Branch is your “Service Provider,” as those terms are defined in the CCPA. Your disclosure of Personal Information related to your end users with Branch, and Branch’s collection on your behalf of Personal Information related to your end users, are done to facilitate Branch’s performance of its services that you contracted for.
Branch Will Never Sell or Share Personal Information
As part of its provision of analytics and deep-linking services to you, Branch does not “Sell” or “Share” Personal Information of your end users as defined under the CCPA.
This Addendum supplements our agreement with you and confirms our commitment to not Sell or Share Personal Information as part of our analytics and deep-linking services.
How Branch supports CCPA compliance for our customers
CCPA Addendum
Branch has updated its terms to codify our position as your Service Provider (as defined by CCPA). We’ve made our California Privacy addendum available for review, which reflects our CCPA standards. This California Privacy Addendum supplements our agreement with you and confirms our commitment to not Sell or Share Personal Information in violation of the CCPA.
Handling Consumer Rights Requests
As a Business, it is your responsibility under the CCPA to respond to requests relating to the Personal Information of your end users, including end user requests to access, delete, or correct their Personal Information.
Verifiable Consumer Requests
As a Service Provider under the CCPA, Branch works with you when your end users contact you to exercise their rights under the CCPA to obtain access to, delete, or correct Personal Information.
Branch will follow your instructions to delete or rectify Personal Information as required under the law, unless Branch concludes that it is necessary for Branch to maintain such Personal Information for one or more permitted purposes under applicable law (e.g., to detect fraudulent or illegal activity, or to prosecute those responsible for these activities).
To submit an end-user request to our team, reach out to us through our data subject request portal and we will work with you to fulfill your end user’s request for Personal Information we process on your behalf. Please include in that request the end-user’s advertising identifier (e.g., IDFA/GAID), and the date you received the end-user’s request. For further information about how to submit these requests to Branch on behalf of your end users, please click here.
CCPA & CPRA - Updated Privacy Policy
Branch’s privacy policy reflects applicable disclosure requirements under the CCPA, as amended by the CPRA. If you have any questions related to Branch’s CCPA compliance efforts, please contact our Privacy Team at: privacy@branch.io.
How to make a request to Branch under the CCPA
If you are a Branch customer who has end users that are California residents and that wish to exercise their CCPA rights, please click below to submit your request on their behalf.
Other Resources
Data collected by Branch
Read our Privacy Policy for full details on the types of data Branch collects, and how we use each one to provide our services.
List of third-party vendors
We maintain a list of vendors that process personal data on Branch's behalf, and the purpose for which we share data with each of these vendors.
California Privacy Addendum
Effective December 12, 2022 to December 22, 2022
DownloadTable of Contents
Branch and CCPA
On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) took effect. Building on the privacy foundation established through our GDPR compliance efforts, Branch is committed to ensuring that our services comply with CCPA.
We have created this CCPA resource page to help you understand the steps that Branch has taken regarding its own CCPA compliance, and the tools available to our customers to enable the use of Branch’s services in a CCPA-compliant way.
In this guide, we have capitalized terms defined by CCPA so you can easily identify them.
The role of Branch under CCPA
How does CCPA apply to the relationship between Branch and its customers?
If you are using Branch services as a customer, there is an agreement between you and Branch that describes the services that Branch provides to you. This agreement may include order forms, exhibits, or addenda, and serves as your instruction to Branch to process personal data as part of Branch’s performance of our services. For the purposes of CCPA, the data that Branch collects on behalf of its customers may include Personal Information.
In this context, if you are subject to CCPA, you are a Business and Branch is your Service Provider. Your sharing of Personal Information related to your end users with Branch, and Branch’s collection of Personal Information related to your end users, are done to facilitate Branch’s performance of its services that you contracted for.
Branch Will Never Sell Personal Information
Branch does not Sell Personal Information of your end users as defined under CCPA, or under any other circumstances. Pursuant to the terms of your agreement with Branch, you pay fees or other valuable consideration only in return for the services that Branch performs on your behalf. Branch does not receive from you, and you do not pay Branch, any monetary or other valuable consideration for making Personal Information available to Branch.
How Branch supports CCPA compliance for our customers
CCPA Addendum
Branch has updated its terms to codify our position as your Service Provider (as defined by CCPA). We’ve made our CCPA addendum available for review, which reflects our CCPA standards. This California Privacy Addendum supplements our agreement with you and confirms our commitment to not Sell Personal Information.
Handling Consumer Rights Requests
As a Business, it is your responsibility under CCPA to respond to requests relating to the Personal Information of your end users. It is at your sole discretion whether to accept or deny any request, and how to respond to the end user.
Verifiable Consumer Requests
When your end users exercise their rights under CCPA to obtain access to or delete certain Personal Information that Branch processes, Branch is committed to working with you to fulfill these requests, provided the request comes directly from you.
Branch will follow your instructions to delete Personal Information following a Verifiable Consumer Request as required under CCPA, unless Branch concludes that it is necessary for Branch to maintain such Personal Information for one or more permitted purposes under the CCPA (e.g., to detect fraudulent or illegal activity, or to prosecute those responsible for these activities), or Branch does not consider the information to be “Personal Information” (e.g., because it has been de-identified).
To submit a CCPA end-user request to our team, reach out to us through our data subject request portal and we will work with you to fulfill your end user’s request. Please include in that request the end-user’s advertising identifier (e.g., IDFA/GAID), and the date you received the end-user’s request. For further information about how to submit CCPA requests to Branch on behalf of your end users, please click here.
CCPA-Updated Privacy Policy
Branch’s privacy policy reflects applicable disclosure requirements under CCPA. If you have any questions related to Branch’s CCPA compliance efforts, please contact our Privacy Team at: privacy@branch.io.
How to make a request to Branch under CCPA
If you are a California resident and wish to exercise your CCPA rights, please click below to submit your request.
Other Resources
Data collected by Branch
Read our Privacy Policy for full details on the types of data Branch collects, and how we use each one to provide our services.
List of third-party vendors
We maintain a list of vendors that process personal data on Branch's behalf, and the purpose for which we share data with each of these vendors.
California Privacy Addendum
This Addendum supplements our agreement with you and confirms our commitment to not Sell Personal Information.
Data Subject Rights - CCPA
Effective April 7, 2023
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website. This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
1. Categories of personal information we collect, purposes of use, and to whom we disclose
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- General location, e.g., information inferred from IP addresses
- Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) affiliates; and (4) other parties such as data brokers providing business information and social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding our business and products and services offered by other parties, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, services and platforms offered by other parties, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from other parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Disclose Your Information
We disclose the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may disclose to other parties and the categories of those parties.
| Other Parties to whom we disclose information and why | Categories of information disclosed |
|---|---|
| Our Affiliates. We may disclose information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be disclosed to our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be disclosed to our vendors |
| Other Individuals, Services, and Vendors at Your Request. We will disclose your information to other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. |
|
| Unaffiliated Partners for Marketing Purposes. We may disclose your information to partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may disclose information to our affiliates and other parties for their marketing and other purposes. |
|
| Unaffiliated Partners to Provide Co-Branded Products and Services. In some cases, we may disclose information to unaffiliated partners to provide co-branded products or services (e.g., co-sponsored promotions). |
|
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be disclosed as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be disclosed as necessary |
| Online Advertisers and Ad Networks. As discussed in the “Vendor Tools/Analytics on the Website” Section of our Privacy Policy, the Services may rely on advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
|
The CCPA allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Your account log-in and password or other credentials allowing access to your account constitutes “sensitive personal information” under the CCPA. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt-out under the CCPA.
2. Sales and sharing of Website User personal information
We may disclose Website Users’ personal information to third parties for purposes of Website analytics and advertising the Website and Services. We provide Website User information to analytics providers to better understand how Website Users use the Website so we can improve the Website and create new products and services. We may also provide Website Users’ personal information to third-party advertising providers for targeted advertising purposes, so we can provide Website Users with more relevant and tailored ads regarding our Website and Services. Under the CCPA, disclosing Website User personal information to these third parties may be considered a “sale” of personal information or the “sharing” of personal information for purposes of “cross-context behavioral advertising.” In the last 12 months, we have sold or shared the following categories of Website User personal information to advertisers and ad networks: identifiers, device information and device identifiers, connection and usage data, and general location data.
To opt out of such “sales” or “sharing” of your personal information, please visit this link: Do Not Sell or Share My Personal Information.
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16.
3. California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you, correction of such personal information, and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to correct inaccurate personal information
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Other rights
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
Submitting CCPA Requests
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io or at (650) 209-6461. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a vendor that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
4. Retention of Your Personal Information
Please see the Our Data Retention Policy section provided in Branch’s Privacy Policy.
Effective January 4, 2023 to April 7, 2023
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website. This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
1. Categories of personal information we collect, purposes of use, and to whom we disclose
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- General location, e.g., information inferred from IP addresses
- Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) affiliates; and (4) other parties such as data brokers providing business information and social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding our business and products and services offered by other parties, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, services and platforms offered by other parties, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from other parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Disclose Your Information
We disclose the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may disclose to other parties and the categories of those parties.
| Other Parties to whom we disclose information and why | Categories of information disclosed |
|---|---|
| Our Affiliates. We may disclose information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be disclosed to our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be disclosed to our vendors |
| Other Individuals, Services, and Vendors at Your Request. We will disclose your information to other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. |
|
| Unaffiliated Partners for Marketing Purposes. We may disclose your information to partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may disclose information to our affiliates and other parties for their marketing and other purposes. |
|
| Unaffiliated Partners to Provide Co-Branded Products and Services. In some cases, we may disclose information to unaffiliated partners to provide co-branded products or services (e.g., co-sponsored promotions). |
|
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be disclosed as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be disclosed as necessary |
| Online Advertisers and Ad Networks. As discussed in the “Vendor Tools/Analytics on the Website” Section of our Privacy Policy, the Services may rely on advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
|
The CCPA allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Your account log-in and password or other credentials allowing access to your account constitutes “sensitive personal information” under the CCPA. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt-out under the CCPA.
2. Sales and sharing of Website User personal information
We may disclose Website Users’ personal information to third parties for purposes of Website analytics and advertising the Website and Services. We provide Website User information to analytics providers to better understand how Website Users use the Website so we can improve the Website and create new products and services. We may also provide Website Users’ personal information to third-party advertising providers for targeted advertising purposes, so we can provide Website Users with more relevant and tailored ads regarding our Website and Services. Under the CCPA, disclosing Website User personal information to these third parties may be considered a “sale” of personal information or the “sharing” of personal information for purposes of “cross-context behavioral advertising.” In the last 12 months, we have sold or shared the following categories of Website User personal information to advertisers and ad networks: identifiers, device information and device identifiers, connection and usage data, and general location data.
To opt out of such “sales” or “sharing” of your personal information, please visit this link: Do Not Sell or Share My Personal Information.
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16.
3. California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you, correction of such personal information, and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to correct inaccurate personal information
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Other rights
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
Submitting CCPA Requests
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io or at (650) 209-6461. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a vendor that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
4. Retention of Your Personal Information
Please see the Our Data Retention Policy section provided in Branch’s Privacy Policy.
Effective January 4, 2023 to January 4, 2023
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website. This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
1. Categories of personal information we collect, purposes of use, and to whom we disclose
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- General location, e.g., information inferred from IP addresses
- Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) affiliates; and (4) other parties such as data brokers providing business information and social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding our business and products and services offered by other parties, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, services and platforms offered by other parties, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from other parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Disclose Your Information
We disclose the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may disclose to other parties and the categories of those parties.
| Other Parties to whom we disclose information and why | Categories of information disclosed |
|---|---|
| Our Affiliates. We may disclose information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be disclosed to our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be disclosed to our vendors |
| Other Individuals, Services, and Vendors at Your Request. We will disclose your information to other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. |
|
| Unaffiliated Partners for Marketing Purposes. We may disclose your information to partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may disclose information to our affiliates and other parties for their marketing and other purposes. |
|
| Unaffiliated Partners to Provide Co-Branded Products and Services. In some cases, we may disclose information to unaffiliated partners to provide co-branded products or services (e.g., co-sponsored promotions). |
|
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be disclosed as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be disclosed as necessary |
| Online Advertisers and Ad Networks. As discussed in the “Vendor Tools/Analytics on the Website” Section of our Privacy Policy, the Services may rely on advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
|
The CCPA allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Your account log-in and password or other credentials allowing access to your account constitutes “sensitive personal information” under the CCPA. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt-out under the CCPA.
2. Sales and sharing of Website User personal information
We may disclose Website Users’ personal information to third parties for purposes of Website analytics and advertising the Website and Services. We provide Website User information to analytics providers to better understand how Website Users use the Website so we can improve the Website and create new products and services. We may also provide Website Users’ personal information to third-party advertising providers for targeted advertising purposes, so we can provide Website Users with more relevant and tailored ads regarding our Website and Services. Under the CCPA, disclosing Website User personal information to these third parties may be considered a “sale” of personal information or the “sharing” of personal information for purposes of “cross-context behavioral advertising.” In the last 12 months, we have sold or shared the following categories of Website User personal information to advertisers and ad networks: identifiers, device information and device identifiers, connection and usage data, and general location data.
To opt out of such “sales” or “sharing” of your personal information, please visit this link:
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16.
3. California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you, correction of such personal information, and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to correct inaccurate personal information
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Other rights
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
Submitting CCPA Requests
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io or at (650) 209-6461. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a vendor that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
4. Retention of Your Personal Information
Please see the Our Data Retention Policy section provided in Branch’s Privacy Policy.
Effective January 4, 2023 to January 4, 2023
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website. This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
1. Categories of personal information we collect, purposes of use, and to whom we disclose
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- General location, e.g., information inferred from IP addresses
- Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) affiliates; and (4) other parties such as data brokers providing business information and social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding our business and products and services offered by other parties, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, services and platforms offered by other parties, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from other parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Disclose Your Information
We disclose the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may disclose to other parties and the categories of those parties.
| Other Parties to whom we disclose information and why | Categories of information disclosed |
|---|---|
| Our Affiliates. We may disclose information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be disclosed to our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be disclosed to our vendors |
| Other Individuals, Services, and Vendors at Your Request. We will disclose your information to other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. |
|
| Unaffiliated Partners for Marketing Purposes. We may disclose your information to partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may disclose information to our affiliates and other parties for their marketing and other purposes. |
|
| Unaffiliated Partners to Provide Co-Branded Products and Services. In some cases, we may disclose information to unaffiliated partners to provide co-branded products or services (e.g., co-sponsored promotions). |
|
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be disclosed as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be disclosed as necessary |
| Online Advertisers and Ad Networks. As discussed in the “Vendor Tools/Analytics on the Website” Section of our Privacy Policy, the Services may rely on advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
|
The CCPA allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Your account log-in and password or other credentials allowing access to your account constitutes “sensitive personal information” under the CCPA. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt-out under the CCPA.
2. Sales and sharing of Website User personal information
We may disclose Website Users’ personal information to third parties for purposes of Website analytics and advertising the Website and Services. We provide Website User information to analytics providers to better understand how Website Users use the Website so we can improve the Website and create new products and services. We may also provide Website Users’ personal information to third-party advertising providers for targeted advertising purposes, so we can provide Website Users with more relevant and tailored ads regarding our Website and Services. Under the CCPA, disclosing Website User personal information to these third parties may be considered a “sale” of personal information or the “sharing” of personal information for purposes of “cross-context behavioral advertising.” In the last 12 months, we have sold or shared the following categories of Website User personal information to advertisers and ad networks: identifiers, device information and device identifiers, connection and usage data, and general location data.
To opt out of such “sales” or “sharing” of your personal information, please visit this link:
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16.
3. California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you, correction of such personal information, and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to correct inaccurate personal information
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Other rights
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
Submitting CCPA Requests
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io or at (650) 209-6461. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a vendor that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
4. Retention of Your Personal Information
Please see the Our Data Retention Policy section provided in Branch’s Privacy Policy.
Effective January 1, 2023 to January 4, 2023
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website. This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
1. Categories of personal information we collect, purposes of use, and to whom we disclose
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- General location, e.g., information inferred from IP addresses
- Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) affiliates; and (4) other parties such as data brokers providing business information and social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding our business and products and services offered by other parties, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, services and platforms offered by other parties, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from other parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Disclose Your Information
We disclose the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may disclose to other parties and the categories of those parties.
| Other Parties to whom we disclose information and why | Categories of information disclosed |
|---|---|
| Our Affiliates. We may disclose information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be disclosed to our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be disclosed to our vendors |
| Other Individuals, Services, and Vendors at Your Request. We will disclose your information to other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. |
|
| Unaffiliated Partners for Marketing Purposes. We may disclose your information to partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may disclose information to our affiliates and other parties for their marketing and other purposes. |
|
| Unaffiliated Partners to Provide Co-Branded Products and Services. In some cases, we may disclose information to unaffiliated partners to provide co-branded products or services (e.g., co-sponsored promotions). |
|
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be disclosed as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be disclosed as necessary |
| Online Advertisers and Ad Networks. As discussed in the “Vendor Tools/Analytics on the Website” Section of our Privacy Policy, the Services may rely on advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
|
The CCPA allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Your account log-in and password or other credentials allowing access to your account constitutes “sensitive personal information” under the CCPA. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt-out under the CCPA.
2. Sales and sharing of Website User personal information
We may disclose Website Users’ personal information to third parties for purposes of Website analytics and advertising the Website and Services. We provide Website User information to analytics providers to better understand how Website Users use the Website so we can improve the Website and create new products and services. We may also provide Website Users’ personal information to third-party advertising providers for targeted advertising purposes, so we can provide Website Users with more relevant and tailored ads regarding our Website and Services. Under the CCPA, disclosing Website User personal information to these third parties may be considered a “sale” of personal information or the “sharing” of personal information for purposes of “cross-context behavioral advertising.” In the last 12 months, we have sold or shared the following categories of Website User personal information to advertisers and ad networks: identifiers, device information and device identifiers, connection and usage data, and general location data.
To opt out of such “sales” or “sharing” of your personal information, please visit this link: Do Not Sell My Information.
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16.
3. California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you, correction of such personal information, and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to correct inaccurate personal information
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Other rights
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
Submitting CCPA Requests
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io or at (650) 209-6461. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a vendor that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
4. Retention of Your Personal Information
Please see the Our Data Retention Policy section provided in Branch’s Privacy Policy.
Effective December 29, 2022 to January 1, 2023
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website. This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
1. Categories of personal information we collect, purposes of use, and to whom we disclose
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- General location, e.g., information inferred from IP addresses
- Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; (3) affiliates; and (4) other parties such as data brokers providing business information and social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding our business and products and services offered by other parties, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services.
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners.
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, services and platforms offered by other parties, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from other parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website? ” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Disclose Your Information
We disclose the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may disclose to other parties and the categories of those parties.
Other Parties to whom we disclose information and why | Categories of information disclosed |
Our Affiliates. We may disclose information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be disclosed to our affiliates |
Vendors that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be disclosed to our vendors |
Other Individuals, Services, and Vendors at Your Request. We will disclose your information to other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. | · Contact and account registration · Demographic and statistical information · Communications with event vendors · Location · Other Information |
Unaffiliated Partners for Marketing Purposes. We may disclose your information to partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may disclose information to our affiliates and other parties for their marketing and other purposes. | · Contact and account registration · Demographic and statistical information |
Unaffiliated Partners to Provide Co-Branded Products and Services. In some cases, we may disclose information to unaffiliated partners to provide co-branded products or services (e.g., co-sponsored promotions). | · Contact and account registration · Demographic and statistical information · Location |
Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of other parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be disclosed as necessary |
Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be disclosed as necessary |
Online Advertisers and Ad Networks. As discussed in the “Vendor Tools/Analytics on the Website” Section of our Privacy Policy, the Services may rely on advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. | · Identifiers · Device information and device identifiers · Connection and usage data · Geolocation |
The CCPA allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Your account log-in and password or other credentials allowing access to your account constitutes “sensitive personal information” under the CCPA. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt-out under the CCPA.
2. Sales and sharing of Website User personal information
We may disclose Website Users’ personal information to third parties for purposes of Website analytics and advertising the Website and Services. We provide Website User information to analytics providers to better understand how Website Users use the Website so we can improve the Website and create new products and services. We may also provide Website Users’ personal information to third-party advertising providers for targeted advertising purposes, so we can provide Website Users with more relevant and tailored ads regarding our Website and Services. Under the CCPA, disclosing Website User personal information to these third parties may be considered a “sale” of personal information or the “sharing” of personal information for purposes of “cross-context behavioral advertising.” In the last 12 months, we have sold or shared the following categories of Website User personal information to advertisers and ad networks: identifiers, device information and device identifiers, connection and usage data, and general location data.
To opt out of such “sales” or “sharing” of your personal information, please visit this link: Do Not Sell My Information.
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16.
3. California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you, correction of such personal information, and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose the categories of personal information we have collected or disclosed about you, the categories of sources of such information, the business or commercial purpose for collecting, “selling,” or “sharing” your personal information, the categories of third parties to whom we disclose or “sell,” or with whom we “share,” personal information, and the categories of personal information we “sell”. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to correct inaccurate personal information
You may request that we correct inaccurate personal information about you. We may deny your request as permitted by the CCPA. For example, we may not correct personal information stored in backups or archives except where required by the CCPA.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io, or at (650) 209-6461.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable) , we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Other rights
You may have the right to receive information about the financial incentives that we offer to you, if any. You also have the right to opt out of the “sale” or “sharing” of your personal information as described above.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
Submitting CCPA Requests
For our Website: If you are a California Consumer, please submit a CCPA request here , or contact us at privacy@branch.io or at (650) 209-6461. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a vendor that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
4. Retention of Your Personal Information
Please see the Our Data Retention Policy section provided in Branch’s Privacy Policy.
Effective October 11, 2022 to December 29, 2022
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website.This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants, or personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- Geolocation, e.g., information inferred from IP addresses Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) third parties such as from social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding Business and third-party products, services, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services.
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners.
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, third party services and platforms, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from third parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Share and Disclose Your Information
We share the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may share with other parties and the categories of those parties.
| Other Parties with which we share information and why | Categories of information shared |
|---|---|
| Our Affiliates. We may share information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be shared with our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be shared with our service providers |
| Other Individuals, Services, and Vendors at Your Request. We will share your information with other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. |
|
| Third Party Partners for Marketing Purposes. We may share your information with partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may share information with our affiliates and other third parties for their marketing and other purposes. |
|
| Third Party Partners to Provide Co-Branded Products and Services. In some cases, we may share information with third-party partners to provide co-branded products or services (e.g., co-sponsored promotions). |
|
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be shared as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be shared as necessary |
| Third-Party Online Advertisers and Ad Networks. As discussed in the “Third Party Tools / Analytics on the Website” Section of our Privacy Policy, the Services may rely on third-party advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
|
The CCPA sets forth certain obligations for businesses that “sell” personal information. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we do not believe we engage in such activity and have not engaged in such activity in the past twelve months. Instead, we limit our sharing of information as set forth in the “How does Branch Share Information?” section of this Privacy Policy, and to allow third parties to collect certain information about your activity for limited purposes, for example through cookies, as explained in the “Third-Party Tools / Analytics on the Website” section of our Privacy Policy.
California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose what categories of your personal information that we collect, use, or sell. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose what categories of your personal information that we collect, use, or sell. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a service provider that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Effective June 1, 2022 to October 11, 2022
DownloadTable of Contents
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to residents of California. If you are a California resident interacting with us through our provision of services to our Clients, your personal information is controlled by the applicable Client(s), and you should contact them to exercise your rights under the CCPA. This section applies to you if you are a resident of California about whom we collect personal information independent of the services we provide to Clients (“California Consumer”), such as if you provide us personal information on our Website.This section does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants, or personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in the CCPA.
As described in our Privacy Policy, in the preceding twelve months, we may have collected the following categories of personal information about you for business or commercial purposes:
- Identifiers, e.g., name, email address, Github ID
- Device Information and Device Identifiers, e.g., IP address, browser type and device locale, operating system, mobile platform, device model
- Financial Information, e.g., credit or debit card number, verification number, and expiration date
- Commercial Information, e.g., delivery information and information about your transactions and purchases with us
- Connection and Usage Data, e.g., web browsing activity on the Website
- Geolocation, e.g., information inferred from IP addresses Inferences, e.g. information on your employer inferred from an IP address
- Other Information, e.g., any other information you provide to us through the Website
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Website; and (3) third parties such as from social networking providers if you connect Branch to your use of those services.
As described above in our Privacy Policy, we collect the categories of personal information identified above for the following business and commercial purposes:
- Communicate with you, such as (1) to respond to your requests for information and provide you with customer service and technical support; (2) to send communications or content that you have requested; (3) to provide you with transactional updates and information about the Services (e.g., inform you about updates to our Services, information about your account); and/or (4) in accordance with applicable legal requirements, contact you by email, postal mail, phone, advertising or SMS regarding Business and third-party products, services, surveys, promotions, special events and other subjects that we think may be of interest to you.
- Transact with you if you use our products or services.
- Provide the Services, such as (1) to process and fulfill your transactions or requests; (2) to engage in analysis, research, and reports to better understand how you use the Services, so we can improve them; (3) to administer entries into promotions or surveys; and/or (4) to understand and resolve technical issues with our Services.
- Tell you about products and services offered by Branch and Branch’s selected partners.
- Personalize your experience, such as (1) to customize the advertising and content on the Services based on your activities and interests; (2) to create and update audience segments that can be used for targeted advertising and marketing on the Services, third party services and platforms, and mobile apps; and/or (3) to create profiles about you, including adding and combining information we obtain from third parties, which may be used for analytics, marketing, and advertising.
- Improve our offerings.
- Secure our Services and fraud prevention, such as (1) to monitor, prevent, and detect fraud, such as through verifying your identity; (2) to combat spam or other malware or security risks; and/or (3) to monitor, enforce, and improve the security of our Services.
- Defending our legal rights and complying with the law, such as (1) to comply with any applicable procedures, laws, and regulations where it is necessary for our legitimate interests or the legitimate interests of others; and/or (2) to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others (e.g., to enforce compliance with our Terms and Conditions, Privacy Policy, or to protect our Services, Users, or others).
Additional information concerning the business and commercial purposes is set forth in the “How Does Branch Use the Information Collected through its Website?” section of our Privacy Policy. We may disclose the categories of personal information identified in this California Privacy Notice about our California Consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
How We Share and Disclose Your Information
We share the information collected from and about you as discussed above for various business purposes. The chart below explains the categories of information that we may share with other parties and the categories of those parties.
| Other Parties with which we share information and why | Categories of information shared |
|---|---|
| Our Affiliates. We may share information we collect within our family of companies to deliver products and services to you, and enhance our products, services, and your customer experience. | All categories of information we collect may be shared with our affiliates |
| Service Providers that perform services on our behalf: including billing and payment processing, sales, marketing, advertising, data analysis and insight, research, technical support and customer service, data storage, security, fraud prevention, and legal services. | All categories of information we collect may be shared with our service providers |
| Other Individuals, Services, and Vendors at Your Request. We will share your information with other businesses and services at your request. For example, if you direct us to communicate information to one of your vendors. | |
| Third Party Partners for Marketing Purposes. We may share your information with partners whose offerings we think may interest you. For example, if you participate in co-sponsored promotions, then we may share information with our affiliates and other third parties for their marketing and other purposes. | |
| Third Party Partners to Provide Co-Branded Products and Services. In some cases, we may share information with third-party partners to provide co-branded products or services (e.g., co-sponsored promotions). | |
| Other Parties for Legal Purposes. By using the Services, you acknowledge and agree that we may access, retain, and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process or a regulatory investigation (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; and/or (d) protect our rights, property or personal safety, or that of our agents and affiliates, our users and/or the public. This includes exchanging information with other companies and organizations for information security, fraud protection, spam/malware prevention, and similar purposes. | All categories of information we collect may be shared as necessary |
| Other Parties in a Business Transaction. We may disclose information in connection with an actual or contemplated corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets. | All categories of information we collect may be shared as necessary |
| Third-Party Online Advertisers and Ad Networks. As discussed in the “Third Party Tools / Analytics on the Website” Section of our Privacy Policy, the Services may rely on third-party advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use, and these technologies will collect certain information from your use of the Services to assist in delivering such ads. |
The CCPA sets forth certain obligations for businesses that “sell” personal information. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we do not believe we engage in such activity and have not engaged in such activity in the past twelve months. Instead, we limit our sharing of information as set forth in the “How does Branch Share Information?” section of this Privacy Policy, and to allow third parties to collect certain information about your activity for limited purposes, for example through cookies, as explained in the “Third-Party Tools / Analytics on the Website” section of our Privacy Policy.
California Rights and Choices
Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect about you and to delete that information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Right to request access to your personal information
California residents have the right to request that we disclose what categories of your personal information that we collect, use, or sell. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
California residents have the right to request that we disclose what categories of your personal information that we collect, use, or sell. You may also request the specific pieces of personal information that we have collected from you. However, we may withhold some personal information as permitted under applicable law. For example, to protect your security, we may withhold your account password from the information provided in response to a request for the specific pieces of personal information that we have collected about you.
Right to request deletion of your personal information
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
You may also request that we delete any personal information that we collected from you. However, we may retain personal information necessary to (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so that we can provide our Services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
How to exercise your access and deletion rights
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io.
Subject to restrictions under applicable law, California residents may exercise their California privacy rights by submitting your request to us, or by contacting us at privacy@branch.io.
For security purposes, when you request to exercise your California privacy rights we will verify your identity. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate:
- Transparency. Where you have requested the categories of personal information that we have collected about you, we will direct you to the sections of our Privacy Policy relevant to your request.
- Access. Where you have requested specific pieces of personal information, we will provide the information you have requested, except where not permitted under applicable law or otherwise exempted by the CCPA.
- Deletion. Where you have requested that we delete personal information that we have collected from you, we will delete any information about you that is not necessary for the purposes indicated above. Upon completion, we will send you a notice confirming that we deleted the information we collected from you. Certain information may be exempt from such requests under applicable law.
If we are unable to complete your requests fully for any of the reasons above, we will provide you additional information about the reasons that we could not comply with your request.
Right to nondiscrimination
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
Authorized Agents
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps both to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf (e.g. through providing us with a signed written authorization or a copy of a power of attorney).
For our Website: If you are a California Consumer, please submit a CCPA request here, or contact us at privacy@branch.io. To protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.
Requests from Our Client’s Users: Because Branch is a service provider that processes data on behalf of its Clients, any requests from Users who are California residents seeking to exercise their rights of access and deletion under the CCPA must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Data Subject Rights - EU
Effective April 7, 2023
DownloadTable of Contents
Rights For Residents of the European Economic Area and United Kingdom
Services: Because Branch is a vendor (acting as a data processor) that processes data on behalf of its Clients (acting as data controllers), any requests relating to European and United Kingdom Users’ exercise of their Personal Data rights under the European General Data Protection Regulation, or equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation, must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website and Business Contacts: Under applicable law, Branch is the data controller of Personal Data we collect from the Website and from offline sources and vendors for marketing purposes. The laws of some jurisdictions such as the laws of the European Economic Area and the United Kingdom require data controllers to tell you about the legal ground that they rely on for using, sharing, or disclosing of your information. To the extent those laws apply, our legal grounds are as follows:
- Contractual Commitments: We may use, share, or disclose information to honor our contractual commitments to you. For example, we will process your Personal Data to comply with our agreements with you, and to honor our commitments in any contracts that we have with you.
- With Your Consent: Where required by law, and in some other cases, we use, share, or disclose information on the basis of your consent.
- Legitimate Interests: In many cases, we use, share, or disclose information on the ground that it furthers our legitimate business interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals, such as customer service, certain promotional activities, analyzing and improving our business, providing security for the Services, preventing fraud, and managing legal issues.
- Legal Compliance: We need to use, share, and disclose information in certain ways to comply with our legal obligations.
Website Users and others who are residents of the European Economic Area or United Kingdom may (1) seek confirmation regarding whether Branch is processing Personal Data about you, (2) request access to such data, (3) ask that we correct, amend, or delete it where it is inaccurate, (4) ask us to restrict how we process and disclose certain of your Personal Data, (5) transfer your Personal Data to another party, or (6) revoke consent for the processing of your Personal Data (if your consent is the legal basis we rely on to process your Personal Data).
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. Although we make good faith efforts to provide you with access to your Personal Data, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where it is commercially proprietary. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Residents of the European Economic Area and United Kingdom have the right to file a complaint regarding their Personal Data directly with the appropriate data protection authority. For information on who those parties are and how they can be reached please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for EU residents and https://ico.org.uk/ for residents of the United Kingdom.
Effective January 1, 2023 to April 7, 2023
DownloadTable of Contents
Rights For Residents of the European Economic Area and United Kingdom
Services: Because Branch is a vendor (acting as a data processor) that processes data on behalf of its Clients (acting as data controllers), any requests relating to European and United Kingdom Users’ exercise of their Personal Data rights under the European General Data Protection Regulation, or equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation, must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website and Business Contacts: Under applicable law, Branch is the data controller of Personal Data we collect from the Website and from offline sources and vendors for marketing purposes. The laws of some jurisdictions such as the laws of the European Economic Area and the United Kingdom require data controllers to tell you about the legal ground that they rely on for using, sharing, or disclosing of your information. To the extent those laws apply, our legal grounds are as follows:
- Contractual Commitments: We may use, share, or disclose information to honor our contractual commitments to you. For example, we will process your Personal Data to comply with our agreements with you, and to honor our commitments in any contracts that we have with you.
- With Your Consent: Where required by law, and in some other cases, we use, share, or disclose information on the basis of your consent.
- Legitimate Interests: In many cases, we use, share, or disclose information on the ground that it furthers our legitimate business interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals, such as customer service, certain promotional activities, analyzing and improving our business, providing security for the Services, preventing fraud, and managing legal issues.
- Legal Compliance: We need to use, share, and disclose information in certain ways to comply with our legal obligations.
Website Users and others who are residents of the European Economic Area or United Kingdom may (1) seek confirmation regarding whether Branch is processing Personal Data about you, (2) request access to such data, (3) ask that we correct, amend, or delete it where it is inaccurate, (4) ask us to restrict how we process and disclose certain of your Personal Data, (5) transfer your Personal Data to another party, or (6) revoke consent for the processing of your Personal Data (if your consent is the legal basis we rely on to process your Personal Data).
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. Although we make good faith efforts to provide you with access to your Personal Data, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where it is commercially proprietary. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Residents of the European Economic Area and United Kingdom have the right to file a complaint regarding their Personal Data directly with the appropriate data protection authority. For information on who those parties are and how they can be reached please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for EU residents and https://ico.org.uk/ for residents of the United Kingdom.
Effective December 29, 2022 to January 1, 2023
DownloadTable of Contents
Rights For Residents of the European Economic Area and United Kingdom
Services: Because Branch is a vendor (acting as a data processor) that processes data on behalf of its Clients (acting as data controllers), any requests relating to European and United Kingdom Users’ exercise of their Personal Data rights under the European General Data Protection Regulation, or equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation, must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website and Business Contacts: Under applicable law, Branch is the data controller of Personal Data we collect from the Website and from offline sources and vendors for marketing purposes. The laws of some jurisdictions such as the laws of the European Economic Area and the United Kingdom require data controllers to tell you about the legal ground that they rely on for using, sharing, or disclosing of your information. To the extent those laws apply, our legal grounds are as follows:
- Contractual Commitments: We may use, share, or disclose information to honor our contractual commitments to you. For example, we will process your Personal Data to comply with our agreements with you, and to honor our commitments in any contracts that we have with you.
- With Your Consent: Where required by law, and in some other cases, we use, share, or disclose information on the basis of your consent.
- Legitimate Interests: In many cases, we use, share, or disclose information on the ground that it furthers our legitimate business interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals, such as customer service, certain promotional activities, analyzing and improving our business, providing security for the Services, preventing fraud, and managing legal issues.
- Legal Compliance: We need to use, share, and disclose information in certain ways to comply with our legal obligations.
Website Users and others who are residents of the European Economic Area or United Kingdom may (1) seek confirmation regarding whether Branch is processing Personal Data about you, (2) request access to such data, (3) ask that we correct, amend, or delete it where it is inaccurate, (4) ask us to restrict how we process and disclose certain of your Personal Data, (5) transfer your Personal Data to another party, or (6) revoke consent for the processing of your Personal Data (if your consent is the legal basis we rely on to process your Personal Data).
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. Although we make good faith efforts to provide you with access to your Personal Data, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where it is commercially proprietary. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Residents of the European Economic Area and United Kingdom have the right to file a complaint regarding their Personal Data directly with the appropriate data protection authority. For information on who those parties are and how they can be reached please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for EU residents and https://ico.org.uk/ for residents of the United Kingdom.
Effective October 11, 2022 to December 29, 2022
DownloadTable of Contents
Rights For Residents of the European Economic Area and United Kingdom
Services: Because Branch is a service provider (acting as a data processor) that processes data on behalf of its Clients (acting as data controllers), any requests relating to European and United Kingdom Users’ exercise of their Personal Data rights under the European General Data Protection Regulation, or equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation, must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website and Business Contacts: Under applicable law, Branch is the data controller of Personal Data we collect from the Website and from offline sources and service providers for marketing purposes. Website Users and others who are residents of the European Economic Area or United Kingdom may (1) seek confirmation regarding whether Branch is processing Personal Data about you, (2) request access to such data, (3) ask that we correct, amend, or delete it where it is inaccurate, (4) ask us to restrict how we process and disclose certain of your Personal Data, (5) transfer your Personal Data to a third party, or (6) revoke consent for the processing of your Personal Data (if your consent is the legal basis we rely on to process your Personal Data).
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. Although we make good faith efforts to provide you with access to your Personal Data, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where it is commercially proprietary. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Residents of the European Economic Area and United Kingdom have the right to file a complaint regarding their Personal Data directly with the appropriate data protection authority. For information on who those parties are and how they can be reached please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for EU residents and https://ico.org.uk/ for residents of the United Kingdom.
Effective June 1, 2022 to October 11, 2022
DownloadTable of Contents
Rights For Residents of the European Economic Area and United Kingdom
Services: Because Branch is a service provider (acting as a data processor) that processes data on behalf of its Clients (acting as data controllers), any requests relating to European and United Kingdom Users’ exercise of their Personal Data rights under the European General Data Protection Regulation, or equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation, must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website and Business Contacts: Under applicable law, Branch is the data controller of Personal Data we collect from the Website and from offline sources and service providers for marketing purposes. Website Users and others who are residents of the European Economic Area or United Kingdom may (1) seek confirmation regarding whether Branch is processing Personal Data about you, (2) request access to such data, (3) ask that we correct, amend, or delete it where it is inaccurate, (4) ask us to restrict how we process and disclose certain of your Personal Data, (5) transfer your Personal Data to a third party, or (6) revoke consent for the processing of your Personal Data (if your consent is the legal basis we rely on to process your Personal Data).
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. Although we make good faith efforts to provide you with access to your Personal Data, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where it is commercially proprietary. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Residents of the European Economic Area and United Kingdom have the right to file a complaint regarding their Personal Data directly with the appropriate data protection authority. For information on who those parties are and how they can be reached please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for EU residents and https://ico.org.uk/ for residents of the United Kingdom.
Data Subject Rights - LGPD
Effective April 7, 2023
DownloadTable of Contents
Data Subject Rights under Lei Geral de Proteção de Dados (“LGPD”)
This supplemental privacy notice applies to personal data processing activities in accordance with Brazilian data protection law. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in Lei Geral de Proteção de Dados (“LGPD”). If you have any questions about this supplemental privacy notice, you can contact our Data Protection Officer, Cathleen Hartge, at privacy@branch.io.
Services: Because Branch is a vendor that processes data on behalf of its Clients, any requests relating to Brazilian Users’ exercise of their rights under LGPD must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website: Under applicable law, Branch is the data controller of Personal Data we collect from the Website. If you are a Website User who is a resident of Brazil, you may have certain rights under LGPD. Brazilian law may permit you to request that we: confirm whether we process your data; provide access to and/or a copy of certain information we hold about you; correct incomplete, inaccurate and outdated data; anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law; port your personal data to another service or product vendor; delete personal data processed with your consent, when applicable; provide you with information regarding the public and private entities to which we disclose data; provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable; and / or withdraw your consent.
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Effective January 1, 2023 to April 7, 2023
DownloadTable of Contents
Data Subject Rights under Lei Geral de Proteção de Dados (“LGPD”)
This supplemental privacy notice applies to personal data processing activities in accordance with Brazilian data protection law. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in Lei Geral de Proteção de Dados (“LGPD”). If you have any questions about this supplemental privacy notice, you can contact our Data Protection Officer, Cathleen Hartge, at privacy@branch.io.
Services: Because Branch is a vendor that processes data on behalf of its Clients, any requests relating to Brazilian Users’ exercise of their rights under LGPD must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website: Under applicable law, Branch is the data controller of Personal Data we collect from the Website. If you are a Website User who is a resident of Brazil, you may have certain rights under LGPD. Brazilian law may permit you to request that we: confirm whether we process your data; provide access to and/or a copy of certain information we hold about you; correct incomplete, inaccurate and outdated data; anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law; port your personal data to another service or product vendor; delete personal data processed with your consent, when applicable; provide you with information regarding the public and private entities to which we disclose data; provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable; and / or withdraw your consent.
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Effective December 29, 2022 to January 1, 2023
DownloadTable of Contents
Data Subject Rights under Lei Geral de Proteção de Dados (“LGPD”)
This supplemental privacy notice applies to personal data processing activities in accordance with Brazilian data protection law. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in Lei Geral de Proteção de Dados (“LGPD”). If you have any questions about this supplemental privacy notice, you can contact our Data Protection Officer, Cathleen Hartge, at privacy@branch.io.
Services: Because Branch is a vendor that processes data on behalf of its Clients, any requests relating to Brazilian Users’ exercise of their rights under LGPD must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website: Under applicable law, Branch is the data controller of Personal Data we collect from the Website. If you are a Website User who is a resident of Brazil, you may have certain rights under LGPD. Brazilian law may permit you to request that we: confirm whether we process your data; provide access to and/or a copy of certain information we hold about you; correct incomplete, inaccurate and outdated data; anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law; port your personal data to another service or product vendor; delete personal data processed with your consent, when applicable; provide you with information regarding the public and private entities to which we disclose data; provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable; and / or withdraw your consent.
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Effective October 11, 2022 to December 29, 2022
DownloadTable of Contents
Data Subject Rights under Lei Geral de Proteção de Dados (“LGPD”)
This supplemental privacy notice applies to personal data processing activities in accordance with Brazilian data protection law. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in Lei Geral de Proteção de Dados (“LGPD”). If you have any questions about this supplemental privacy notice, you can contact our Data Protection Officer, Cathleen Hartge, at privacy@branch.io.
Services: Because Branch is a service provider that processes data on behalf of its Clients, any requests relating to Brazilian Users’ exercise of their rights under LGPD must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website: Under applicable law, Branch is the data controller of Personal Data we collect from the Website. If you are a Website User who is a resident of Brazil, you may have certain rights under LGPD. Brazilian law may permit you to request that we: confirm whether we process your data; provide access to and/or a copy of certain information we hold about you; correct incomplete, inaccurate and outdated data; anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law; port your personal data to another service or product vendor; delete personal data processed with your consent, when applicable; provide you with information regarding the public and private entities with which we share data; provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable; and / or withdraw your consent.
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Effective June 1, 2022 to October 11, 2022
DownloadTable of Contents
Data Subject Rights under Lei Geral de Proteção de Dados (“LGPD”)
This supplemental privacy notice applies to personal data processing activities in accordance with Brazilian data protection law. This notice supplements the information in our Privacy Policy. Certain terms used below have the meanings given to them in Lei Geral de Proteção de Dados (“LGPD”). If you have any questions about this supplemental privacy notice, you can contact our Data Protection Officer, Cathleen Hartge, at privacy@branch.io.
Services: Because Branch is a service provider that processes data on behalf of its Clients, any requests relating to Brazilian Users’ exercise of their rights under LGPD must be provided to Branch by a Client. Clients can notify Branch of these requests here.
Moreover, Branch supports functionality to allow Clients to respect granular controls regarding User data privacy rights. Clients can flag in the Branch SDK that a particular User has requested that their data not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Website: Under applicable law, Branch is the data controller of Personal Data we collect from the Website. If you are a Website User who is a resident of Brazil, you may have certain rights under LGPD. Brazilian law may permit you to request that we: confirm whether we process your data; provide access to and/or a copy of certain information we hold about you; correct incomplete, inaccurate and outdated data; anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law; port your personal data to another service or product vendor; delete personal data processed with your consent, when applicable; provide you with information regarding the public and private entities with which we share data; provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable; and / or withdraw your consent.
You can submit such requests at https://privacy.branch.io/hc/en-us/requests/new, which will be processed in line with applicable law. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.
Modern Slavery and Human Trafficking Statement
Effective February 15, 2023
DownloadTable of Contents
Branch Metrics Modern Slavery and Human Trafficking Statement
Purpose of this Statement
This statement is made by Branch Metrics, Inc. and its subsidiaries (collectively, “Branch,” “us,” “we” or “our”) pursuant to section 54(1) of the United Kingdom Modern Slavery Act 2015.
Introduction
Branch is committed to providing a fair and ethical workplace and operating its business in a socially responsible way that supports the protection of human rights globally. We respect the standards embodied in the Universal Declaration of Human Rights and the International Labour Organization conventions. Specifically, Branch is strongly opposed to slavery and human trafficking and will not knowingly support or conduct business with any organization involved in such activities.
Our Business Activities and Organization
Branch provides the leading mobile linking platform, with solutions that unify user experience and measurement across different devices, platforms, and channels. Top brands use Branch to grow their business, improve their customer experience, and measure and optimize campaign performance. We are a Delaware corporation headquartered in Palo Alto, California with subsidiaries and operations around the world, including the United Kingdom. More information about us can be found at branch.io.
Our key suppliers are primarily based in the United States and are typically in the fields of technology, data, office and facilities, and professional advisory services. We only use reputable providers of goods and services. Based on the geography of our business and suppliers, the industry in which we operate, and the structure of our business, there is a low risk of slavery and human trafficking taking place within our supply chain. However, we remain vigilant against the risk of human trafficking and any form of slavery and take steps to assess and manage that risk.
Relevant Policies and Processes
Our Global Code of Conduct applies to all employees, officers, directors, independent contractors, contingent workers and other service providers and helps to ensure that we are conducting business in an ethical and transparent manner. All Personnel are expected to read and comply with our Global Code of Conduct. Our Global Code of Conduct requires, among other things, that our personnel not engage in any unlawful activity in conducting our business or in performing their day-to-day duties. In addition, Branch is committed to acting in accordance with applicable law and requests its suppliers and partners to maintain at least the same standards by complying with Branch’s Supplier Code Of Conduct (“Supplier Code”). The Supplier Code encompasses compliance with all applicable laws, which includes the UK Modern Slavery Act.
Branch also has a robust employee recruitment process, effectively attracting, training, and integrating a large number of new employees, including conducting, where permitted and in compliance with applicable law, background and eligibility to work in the country of employment checks for all employees to safeguard against human trafficking or individuals being forced to work against their will.
Continuing Action To Address Modern Slavery
Branch is committed to continuing to improve its operational and management systems and controls to combat slavery and human trafficking by, among other actions, conducting additional risk-based due diligence prior to supplier onboarding and continually assessing and improving the effectiveness of our ethics and compliance programs.
This statement is made pursuant to section 54(1) of the Modern Slavery Act 2015 and constitutes Branch's slavery and human trafficking statement for the financial year ending December 31, 2022. This statement was approved by the Board of Directors of Branch Metrics, Inc. on January 25, 2023.
Alex Austin
Chief Executive Officer
Branch Metrics, Inc.
Effective January 1, 2023 to February 15, 2023
DownloadTable of Contents
Branch Metrics Modern Slavery and Human Trafficking Statement
Purpose of this Statement
This statement is made by Branch Metrics, Inc. and its subsidiaries (collectively, “Branch,” “us,” “we” or “our”) pursuant to section 54(1) of the United Kingdom Modern Slavery Act 2015.
Introduction
Branch is committed to providing a fair and ethical workplace and operating its business in a socially responsible way that supports the protection of human rights globally. We respect the standards embodied in the Universal Declaration of Human Rights and the International Labour Organization conventions. Specifically, Branch is strongly opposed to slavery and human trafficking and will not knowingly support or conduct business with any organization involved in such activities.
Our Business Activities and Organization
Branch provides the leading mobile linking platform, with solutions that unify user experience and measurement across different devices, platforms, and channels. Top brands use Branch to grow their business, improve their customer experience, and measure and optimize campaign performance. We are a Delaware corporation headquartered in Palo Alto, California with subsidiaries and operations around the world, including the United Kingdom. More information about us can be found at branch.io.
Our key suppliers are primarily based in the United States and are typically in the fields of technology, data, office and facilities, and professional advisory services. We only use reputable providers of goods and services. Based on the geography of our business and suppliers, the industry in which we operate, and the structure of our business, there is a low risk of slavery and human trafficking taking place within our supply chain. However, we remain vigilant against the risk of human trafficking and any form of slavery and take steps to assess and manage that risk.
Relevant Policies and Processes
Our Global Code of Conduct applies to all employees, officers, directors, independent contractors, contingent workers and other service providers and helps to ensure that we are conducting business in an ethical and transparent manner. All Personnel are expected to read and comply with our Global Code of Conduct. Our Global Code of Conduct requires, among other things, that our personnel not engage in any unlawful activity in conducting our business or in performing their day-to-day duties.
Branch also has a robust employee recruitment process, effectively attracting, training, and integrating a large number of new employees, including conducting, where permitted and in compliance with applicable law, background and eligibility to work in the country of employment checks for all employees to safeguard against human trafficking or individuals being forced to work against their will.
Continuing Action To Address Modern Slavery
Branch is committed to continuing to improve its operational and management systems and controls to combat slavery and human trafficking by, among other actions, conducting additional risk-based due diligence prior to supplier onboarding and continually assessing and improving the effectiveness of our ethics and compliance programs.
This statement is made pursuant to section 54(1) of the Modern Slavery Act 2015 and constitutes Branch's slavery and human trafficking statement for the financial year ending December 31, 2021. This statement was approved by the Board of Directors of Branch Metrics, Inc. on August 9, 2022.
Mike Molinet
Chief Operating Officer
Branch Metrics, Inc.
Chief Operating Officer
Branch Metrics, Inc.
Date: June 6, 2022
Effective October 28, 2022 to January 1, 2023
DownloadTable of Contents
Branch Metrics Modern Slavery and Human Trafficking Statement
Purpose of this Statement
This statement is made by Branch Metrics, Inc. and its subsidiaries (collectively, “Branch,” “us,” “we” or “our”) pursuant to section 54(1) of the United Kingdom Modern Slavery Act 2015.
Introduction
Branch is committed to providing a fair and ethical workplace and operating its business in a socially responsible way that supports the protection of human rights globally. We respect the standards embodied in the Universal Declaration of Human Rights and the International Labour Organization conventions. Specifically, Branch is strongly opposed to slavery and human trafficking and will not knowingly support or conduct business with any organization involved in such activities.
Our Business Activities and Organization
Branch provides the leading mobile linking platform, with solutions that unify user experience and measurement across different devices, platforms, and channels. Top brands use Branch to grow their business, improve their customer experience, and measure and optimize campaign performance. We are a Delaware corporation headquartered in Palo Alto, California with subsidiaries and operations around the world, including the United Kingdom. More information about us can be found at branch.io.
Our key suppliers are primarily based in the United States and are typically in the fields of technology, data, office and facilities, and professional advisory services. We only use reputable providers of goods and services. Based on the geography of our business and suppliers, the industry in which we operate, and the structure of our business, there is a low risk of slavery and human trafficking taking place within our supply chain. However, we remain vigilant against the risk of human trafficking and any form of slavery and take steps to assess and manage that risk.
Relevant Policies and Processes
Our Global Code of Conduct applies to all employees, officers, directors, independent contractors, contingent workers and other service providers and helps to ensure that we are conducting business in an ethical and transparent manner. All Personnel are expected to read and comply with our Global Code of Conduct. Our Global Code of Conduct requires, among other things, that our personnel not engage in any unlawful activity in conducting our business or in performing their day-to-day duties.
Branch also has a robust employee recruitment process, effectively attracting, training, and integrating a large number of new employees, including conducting, where permitted and in compliance with applicable law, background and eligibility to work in the country of employment checks for all employees to safeguard against human trafficking or individuals being forced to work against their will.
Continuing Action To Address Modern Slavery
Branch is committed to continuing to improve its operational and management systems and controls to combat slavery and human trafficking by, among other actions, conducting additional risk-based due diligence prior to supplier onboarding and continually assessing and improving the effectiveness of our ethics and compliance programs.
This statement is made pursuant to section 54(1) of the Modern Slavery Act 2015 and constitutes Branch's slavery and human trafficking statement for the financial year ending December 31, 2021. This statement was approved by the Board of Directors of Branch Metrics, Inc. on August 9, 2022.
Mike Molinet
Chief Operating Officer
Branch Metrics, Inc.
Date: June 6, 2022
Chief Operating Officer
Branch Metrics, Inc.
Date: June 6, 2022
Native Compute Library
Effective January 1, 2023
DownloadTable of Contents
BRANCH METRICS, INC. SOFTWARE LICENSE TERMS
BRANCH NATIVE COMPUTE SDK LIBRARY (hereinafter referred to as the “software”)
These terms are an agreement between you and Branch Metrics, Inc. ("Branch"). They apply to the software named above. The software includes, but is not limited to SDK, content, visual interfaces, interactive features, information, graphics, design, compilation, computer code, products, services, and all other elements of the SDK and related documentation. The terms also apply to any Branch services or updates for the software, except to the extent those have different terms.
IF YOU COMPLY WITH THESE TERMS, YOU HAVE THE FOLLOWING LIMITED, NON-EXCLUSIVE, NON-TRANSFERABLE, NON-SUBLICENSABLE, REVOCABLE RIGHTS BELOW. BY DOWNLOADING, INSTALLING, OR OTHERWISE ACCESSING OR USING THE SOFTWARE, YOU AGREE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS. IF YOU DO NOT AGREE, YOU MAY NOT USE THE SOFTWARE.
- INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software to develop and test your applications.
- THIRD PARTY COMPONENTS. The software may include third party components with separate legal notices or governed by other agreements, as may be described in the third party notices file(s) accompanying the software.
- ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS.
- DISTRIBUTABLE CODE. The software is comprised of Distributable Code. “Distributable Code” is code that you are permitted to distribute in applications you develop if you comply with the terms below.
- Right to Use and Distribute. You may copy and distribute the object code form of the software.
- Third Party Distribution. You may permit distributors of your applications to copy and distribute the Distributable Code as part of those applications
- Distribution Requirements. For any Distributable Code you distribute, you must (i) use the Distributable Code in your applications and not as a standalone distribution; (ii) require distributors and external end users to agree to terms that protect it at least as much as this agreement; and (iii) indemnify, defend, and hold harmless Branch from any claims, including attorneys’ fees, related to the distribution or use of your applications, except to the extent that any claim is based solely on the unmodified Distributable Code.
- Distribution Restrictions. You may not: (i) use Branch’s trademarks in your applications’ names or in a way that suggests your applications come from or are endorsed by Branch; or (ii) modify or distribute the source code of any Distributable Code so that any part of it becomes subject to an Excluded License. An “Excluded License” is one that requires, as a condition of use, modification or distribution of code, that (a) it be disclosed or distributed in source code form; or (b) others have the right to modify it.
- DISTRIBUTABLE CODE. The software is comprised of Distributable Code. “Distributable Code” is code that you are permitted to distribute in applications you develop if you comply with the terms below.
- DATA
- Data Collection. The software may collect information about you and your use of the software, and send that to Branch. Branch may use this information to provide services and improve our products and services. There are also features in the software that may enable you and Branch to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with Branch’s Privacy Policy. Branch’s Privacy Policy is located at https://branch.io/policies/privacy-policy/. You can learn more about data collection and its use from the software documentation and Branch's Privacy Policy. Your use of the software operates as your consent to these practices
- b. Processing of Personal Data. To the extent Branch is a processor or subprocessor of personal data in connection with the software, Branch makes the commitments with respect to data subjects as set forth in the “Rights For Residents of the European Economic Area and United Kingdom” section of Branch’s Privacy Policy to all customers effective May 25, 2018, at https://branch.io/policies/data-subject-rights/#data-subject-rights-european-general-data-protection-regulation (or its successor URL).
- SCOPE OF LICENSE. The software is licensed, not sold. This agreement only gives you some rights to use the software. Branch reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not (i) work around any technical limitations in the software; (ii) reverse engineer, decompile or disassemble the software, or otherwise attempt to derive the source code for the software, except and to the extent required by third party licensing terms governing use of certain open source components that may be included in the software; (iii) remove, minimize, block or modify any notices of Branch or its suppliers in the software; (iv) use the software in any way that is against the law; or (v) share, publish, rent or lease the software, provide the software as a stand-alone offering for others to use, or transfer the software or this agreement to any third party.
- FEEDBACK. If you provide Branch with any verbal or written comments, bug reports, feedback, enhancements, optimizations, or modifications proposed or suggested by you for the software ("Feedback"), such Feedback is provided on a non-confidential basis (notwithstanding any notice to the contrary you may include in any accompanying communication), and Branch shall have the right to use such Feedback at its discretion, including, but not limited to the incorporation of such suggested changes into the software. You hereby grant Branch a worldwide, perpetual, irrevocable, royalty-free, fully paid, transferable, sublicensable, non-exclusive right and license under all rights necessary to so incorporate, use, and exploit your Feedback in any manner, without restriction, for any purpose, including to make and sell Branch products and services.
- RESERVATION OF RIGHTS. The software is owned by Branch and is licensed, not sold, to you. The software is protected by copyright, trade dress, patent, and trademark laws of the United States and other jurisdictions, international conventions, and all other relevant intellectual property and proprietary rights, and applicable laws. As between you and Branch, all aspects of the software, including intellectual property rights therein and thereto, are the sole and exclusive property of Branch or its subsidiaries or affiliated companies and/or its third-party licensors. You may not sell, license, distribute, copy, modify, publicly perform or display, transmit, publish, edit, adapt, create derivative works from, or make any use of the software except as expressly authorized hereunder. Branch reserves all rights not expressly granted in this agreement. You do not acquire any right, title or interest to the software, whether by implication, estoppel, or otherwise, except for the limited rights set forth in this agreement.
- SOFTWARE EXPECTATIONS. The software: (i) is not an official product and has not been commercially released; (ii) may not be in final form or be fully functional; (iii) may contain errors, design flaws or other problems; (iv) may generate or produce inaccurate information or unexpected or incorrect results; (v) may cause loss of data or communications, project delays or other unpredictable damage or loss; (vi) may never be released as a commercial version; and (vii) may be discontinued by Branch in whole or in part, at any time and without any obligation or liability to you or your users. Use of the software may be conditional on your acceptance of additional terms and conditions accompanying the software. In the event of any conflict between this agreement and additional terms and conditions accompanying the software, the latter will govern and control unless expressly stated otherwise.
- EXPORT RESTRICTIONS. You must comply with all domestic and international trade export laws and regulations that apply to the software, which include restrictions on destinations, end users, and end use. You represent that you are not named on any U.S. Government Consolidated Screening denied-party list which may be searched at: https://www.export.gov/article?id=Consolidated-Screening-List. You shall not permit any entity or individual to access or use the software who is listed on the Consolidated Screening List or located in a U.S. government-embargoed country, or known to be engaged in proliferation of nuclear, chemical or biological weapons or missiles, or otherwise in violation of any U.S. export law or regulation.
- SUPPORT SERVICES. Because this software is “as is,” Branch may not provide support services for it.
- ENTIRE AGREEMENT. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.
- APPLICABLE LAW. If you acquired the software in the United States, California law applies to interpretation of and claims for breach of this agreement, and the laws of the state where you live apply to all other claims. If you acquired the software in any other country, its laws apply.
- CONSUMER RIGHTS; REGIONAL VARIATIONS. This agreement describes certain legal rights. You may have other rights, including consumer rights, under the laws of your state or country. Separate and apart from your relationship with Branch, you may also have rights with respect to the party from which you acquired the software. This agreement does not change those other rights if the laws of your state or country do not permit it to do so. For example, if you acquired the software in one of the below regions, or mandatory country law applies, then the following provisions apply to you:
- Australia. You have statutory guarantees under the Australian Consumer Law and nothing in this agreement is intended to affect those rights.
- Canada. If you acquired this software in Canada, the product documentation, if any, may specify how to update the software integrated into your digital properties.
- Germany and Austria.
- Warranty. The software will perform substantially as described in any Branch materials that accompany it. However, Branch gives no contractual guarantee in relation to the software.
- Limitation of Liability. In case of intentional conduct, gross negligence, claims based on the Product Liability Act, as well as in case of death or personal or physical injury, Branch is liable according to the statutory law. Subject to the foregoing clause (ii), Branch will only be liable for slight negligence if Branch is in breach of such material contractual obligations, the fulfillment of which facilitate the due performance of this agreement, the breach of which would endanger the purpose of this agreement and the compliance with which a party may constantly trust in (so-called "cardinal obligations"). In other cases of slight negligence, Branch will not be liable for slight negligence.
- DISCLAIMER OF WARRANTY. THE SOFTWARE IS LICENSED “AS-IS.” YOU BEAR THE RISK OF USING IT. BRANCH GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, BRANCH EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
- LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM BRANCH AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $100.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES. This limitation applies to (a) anything related to the software, services, content (including code) on third party Internet sites, or third party applications; and (b) claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law. It also applies even if Branch knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your state or country may not allow the exclusion or limitation of incidental, consequential or other damages.
Effective December 6, 2022 to January 1, 2023
DownloadTable of Contents
BRANCH METRICS, INC. SOFTWARE LICENSE TERMS
BRANCH NATIVE COMPUTE SDK LIBRARY (hereinafter referred to as the “software”)
These terms are an agreement between you and Branch Metrics, Inc. ("Branch"). They apply to the software named above. The software includes, but is not limited to SDK, content, visual interfaces, interactive features, information, graphics, design, compilation, computer code, products, services, and all other elements of the SDK and related documentation. The terms also apply to any Branch services or updates for the software, except to the extent those have different terms.
IF YOU COMPLY WITH THESE TERMS, YOU HAVE THE FOLLOWING LIMITED, NON-EXCLUSIVE, NON-TRANSFERABLE, NON-SUBLICENSABLE, REVOCABLE RIGHTS BELOW. BY DOWNLOADING, INSTALLING, OR OTHERWISE ACCESSING OR USING THE SOFTWARE, YOU AGREE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS. IF YOU DO NOT AGREE, YOU MAY NOT USE THE SOFTWARE.
1. INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software to develop and test your applications.
2. THIRD PARTY COMPONENTS. The software may include third party components with separate legal notices or governed by other agreements, as may be described in the third party notices file(s) accompanying the software.
3. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS.
a. DISTRIBUTABLE CODE. The software is comprised of Distributable Code. “Distributable Code” is code that you are permitted to distribute in applications you develop if you comply with the terms below.
a. DISTRIBUTABLE CODE. The software is comprised of Distributable Code. “Distributable Code” is code that you are permitted to distribute in applications you develop if you comply with the terms below.
- Right to Use and Distribute. You may copy and distribute the object code form of the software.
- Third Party Distribution. You may permit distributors of your applications to copy and distribute the Distributable Code as part of those applications
- Distribution Requirements. For any Distributable Code you distribute, you must (i) use the Distributable Code in your applications and not as a standalone distribution; (ii) require distributors and external end users to agree to terms that protect it at least as much as this agreement; and (iii) indemnify, defend, and hold harmless Branch from any claims, including attorneys’ fees, related to the distribution or use of your applications, except to the extent that any claim is based solely on the unmodified Distributable Code.
- Distribution Restrictions. You may not: (i) use Branch’s trademarks in your applications’ names or in a way that suggests your applications come from or are endorsed by Branch; or (ii) modify or distribute the source code of any Distributable Code so that any part of it becomes subject to an Excluded License. An “Excluded License” is one that requires, as a condition of use, modification or distribution of code, that (a) it be disclosed or distributed in source code form; or (b) others have the right to modify it.
4. DATA
a. Data Collection. The software may collect information about you and your use of the software, and send that to Branch. Branch may use this information to provide services and improve our products and services. There are also features in the software that may enable you and Branch to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with Branch’s Privacy Policy. Branch’s Privacy Policy is located at https://branch.io/policies/privacy-policy/. You can learn more about data collection and its use from the software documentation and Branch's Privacy Policy. Your use of the software operates as your consent to these practices.
a. Data Collection. The software may collect information about you and your use of the software, and send that to Branch. Branch may use this information to provide services and improve our products and services. There are also features in the software that may enable you and Branch to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with Branch’s Privacy Policy. Branch’s Privacy Policy is located at https://branch.io/policies/privacy-policy/. You can learn more about data collection and its use from the software documentation and Branch's Privacy Policy. Your use of the software operates as your consent to these practices.
b. Processing of Personal Data. To the extent Branch is a processor or subprocessor of personal data in connection with the software, Branch makes the commitments with respect to data subjects as set forth in the “Rights For Residents of the European Economic Area and United Kingdom” section of Branch’s Privacy Policy to all customers effective May 25, 2018, at https://branch.io/policies/data-subject-rights/#data-subject-rights-european-general-data-protection-regulation (or its successor URL).
5. SCOPE OF LICENSE. The software is licensed, not sold. This agreement only gives you some rights to use the software. Branch reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not (i) work around any technical limitations in the software; (ii) reverse engineer, decompile or disassemble the software, or otherwise attempt to derive the source code for the software, except and to the extent required by third party licensing terms governing use of certain open source components that may be included in the software; (iii) remove, minimize, block or modify any notices of Branch or its suppliers in the software; (iv) use the software in any way that is against the law; or (v) share, publish, rent or lease the software, provide the software as a stand-alone offering for others to use, or transfer the software or this agreement to any third party.
6. FEEDBACK. If you provide Branch with any verbal or written comments, bug reports, feedback, enhancements, optimizations, or modifications proposed or suggested by you for the software ("Feedback"), such Feedback is provided on a non-confidential basis (notwithstanding any notice to the contrary you may include in any accompanying communication), and Branch shall have the right to use such Feedback at its discretion, including, but not limited to the incorporation of such suggested changes into the software. You hereby grant Branch a worldwide, perpetual, irrevocable, royalty-free, fully paid, transferable, sublicensable, non-exclusive right and license under all rights necessary to so incorporate, use, and exploit your Feedback in any manner, without restriction, for any purpose, including to make and sell Branch products and services.
7. RESERVATION OF RIGHTS. The software is owned by Branch and is licensed, not sold, to you. The software is protected by copyright, trade dress, patent, and trademark laws of the United States and other jurisdictions, international conventions, and all other relevant intellectual property and proprietary rights, and applicable laws. As between you and Branch, all aspects of the software, including intellectual property rights therein and thereto, are the sole and exclusive property of Branch or its subsidiaries or affiliated companies and/or its third-party licensors. You may not sell, license, distribute, copy, modify, publicly perform or display, transmit, publish, edit, adapt, create derivative works from, or make any use of the software except as expressly authorized hereunder. Branch reserves all rights not expressly granted in this agreement. You do not acquire any right, title or interest to the software, whether by implication, estoppel, or otherwise, except for the limited rights set forth in this agreement.
8. SOFTWARE EXPECTATIONS. The software: (i) is not an official product and has not been commercially released; (ii) may not be in final form or be fully functional; (iii) may contain errors, design flaws or other problems; (iv) may generate or produce inaccurate information or unexpected or incorrect results; (v) may cause loss of data or communications, project delays or other unpredictable damage or loss; (vi) may never be released as a commercial version; and (vii) may be discontinued by Branch in whole or in part, at any time and without any obligation or liability to you or your users. Use of the software may be conditional on your acceptance of additional terms and conditions accompanying the software. In the event of any conflict between this agreement and additional terms and conditions accompanying the software, the latter will govern and control unless expressly stated otherwise.
9. EXPORT RESTRICTIONS. You must comply with all domestic and international trade export laws and regulations that apply to the software, which include restrictions on destinations, end users, and end use. You represent that you are not named on any U.S. Government Consolidated Screening denied-party list which may be searched at: https://www.export.gov/article?id=Consolidated-Screening-List. You shall not permit any entity or individual to access or use the software who is listed on the Consolidated Screening List or located in a U.S. government-embargoed country, or known to be engaged in proliferation of nuclear, chemical or biological weapons or missiles, or otherwise in violation of any U.S. export law or regulation.
10. SUPPORT SERVICES. Because this software is “as is,” Branch may not provide support services for it.
11. ENTIRE AGREEMENT. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.
12. APPLICABLE LAW. If you acquired the software in the United States, California law applies to interpretation of and claims for breach of this agreement, and the laws of the state where you live apply to all other claims. If you acquired the software in any other country, its laws apply.
13. CONSUMER RIGHTS; REGIONAL VARIATIONS. This agreement describes certain legal rights. You may have other rights, including consumer rights, under the laws of your state or country. Separate and apart from your relationship with Branch, you may also have rights with respect to the party from which you acquired the software. This agreement does not change those other rights if the laws of your state or country do not permit it to do so. For example, if you acquired the software in one of the below regions, or mandatory country law applies, then the following provisions apply to you:
a. Australia. You have statutory guarantees under the Australian Consumer Law and nothing in this agreement is intended to affect those rights.
b. Canada. If you acquired this software in Canada, the product documentation, if any, may specify how to update the software integrated into your digital properties.
c. Germany and Austria.
- Warranty. The software will perform substantially as described in any Branch materials that accompany it. However, Branch gives no contractual guarantee in relation to the software.
- Limitation of Liability. In case of intentional conduct, gross negligence, claims based on the Product Liability Act, as well as in case of death or personal or physical injury, Branch is liable according to the statutory law. Subject to the foregoing clause (ii), Branch will only be liable for slight negligence if Branch is in breach of such material contractual obligations, the fulfillment of which facilitate the due performance of this agreement, the breach of which would endanger the purpose of this agreement and the compliance with which a party may constantly trust in (so-called "cardinal obligations"). In other cases of slight negligence, Branch will not be liable for slight negligence.
14. DISCLAIMER OF WARRANTY. THE SOFTWARE IS LICENSED “AS-IS.” YOU BEAR THE RISK OF USING IT. BRANCH GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, BRANCH EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
15. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM BRANCH AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $100.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES. This limitation applies to (a) anything related to the software, services, content (including code) on third party Internet sites, or third party applications; and (b) claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law. It also applies even if Branch knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your state or country may not allow the exclusion or limitation of incidental, consequential or other damages.
Onboarding Services SOW
Effective April 13, 2023
DownloadTable of Contents
Addendum to Order Form
Onboarding Services Statement of Work
This Onboarding Services Statement of Work (“SOW”) describes Onboarding Services to be performed by Branch for Customer (each a “party”, collectively “Parties”) to the extent Customer has purchased Onboarding Services, as set forth in Customer’s Order Form. By executing an Order Form that references this SOW, Customer agrees to the terms of this SOW and the Professional Services Terms & Conditions available at https://legal.branch.io/#professional-services (the “PS Terms”). Any capitalized terms not otherwise defined herein shall have the meaning set forth in the PS Terms.
- SCOPE OF SERVICES. Branch PS will provide Customer with resources to assist Customer’s staff as set forth below (the “Project”), subject to Customer’s payment of all applicable fees as set forth in the applicable Order Form. Branch PS and Customer (collectively, the “Project Team”) will commit resources to work on the Project. In providing the Onboarding Services hereunder, Branch PS will employ reasonable, industry-standard Onboarding processes and activities.
Service | Onboarding Service Description |
|---|---|
Discovery |
|
Engagement Management |
|
Engagement Support |
|
Software Configuration |
|
Enablement |
|
- PROJECT ROLES AND RESPONSIBILITIES. This is a list of Project roles, NOT individuals, required to complete the Project. A single individual may take responsibility for any number of roles, or a single role may require more than one individual. Customer acknowledges its participation is critical for Project success.
Role | Branch PS | Customer |
|---|---|---|
Sponsor | Responsible for allocating Branch PS resources
| Responsible for providing Customer resources needed for successful onboarding, and promote process change where necessary |
Project Manager | Responsible for oversight of Branch PS resources, schedules. Supporting responsibilities include:
| Responsible for the oversight of Customer resources, schedules and responsibilities including:
|
Administrator | N/A | Responsible for ongoing Branch administration, once onboarding is complete
|
Functional Consultant(s) / Business Process Owner(s) | Responsible for providing leadership and guidance on the overall usage of Branch
| Responsible for review and acceptance of Branch integration, and identification of exceptions/risks
|
Extended Team | As needed Branch PS resources (including Solution Architects, Subject Matter Experts, Technical and/or Education resources) to support the scope of the Project | Additional Customer resources as needed to support the scope of the Project |
- ONBOARDING SERVICE ASSUMPTIONS. Unless otherwise noted in this SOW or agreed to in writing by the Parties, the following assumptions are based on information provided by the Customer relating to the Project and have been used to estimate Branch PS’s required level of effort and fees. Deviations from these assumptions may lead to commensurate changes in the timeline and fees and will be handled through a formal Change Order.
- Term Length: Unless otherwise agreed upon by both Parties and duly executed in writing, the obligation of Branch to provide Onboarding Services under this SOW expires after the timeframe identified in the Order Form, following the SOW “Effective Date.”
- Reasonable Work Hours: Customer agrees that (1) Branch PS staffing commitments (“Staffing Commitments”) include up to the amount set forth in the Order Form (if any); (2) Staffing Commitments in this SOW may not have been fully scoped, and there is no assurance that the work identified by the Customer for Branch PS subject to Staffing Commitments can be completed within the time period scoped or even that such work can be completed at all; (3) Branch PS reserves the right to reject any request for work identified by Customer to be provided by Branch PS as Staffing Commitments, if Branch PS reasonably believes such work is outside of the type of services normally provided by Branch PS; and (4) Staffing Commitments may be consumed by Branch PS in completing preparations for meetings, completing offline research, and completing offline configurations or other action items.
- Overages: Branch PS will secure Customer’s approval to bill against overages that exceed initial Staffing Commitments before the provisioning of any such overage services.
- Cancellation / Postponement: Branch PS and Customer will use commercially reasonable efforts to attend all scheduled Project meetings. The repeated cancellation of Project meetings may result in Project delay and additional costs.
- CUSTOMER RESOURCE AVAILABILITY. Project timeline estimates provided by Branch PS are dependent on the availability of Customer resources and key decision makers. Lack of access to or the material change to resources and/or Project stakeholders may impact estimated timelines and whether additional Onboarding Services may be needed. Customer is responsible for acknowledging, reviewing, and responding to communications from Branch PS to support this Project. Some integration features may require Customer’s contractual signature / e-signature with a third party before Branch PS can continue with the provisioning of services, and Customer is responsible for responding and executing such third party agreements in a timely and collaborative fashion. Customer is responsible for any engagement and management of third-party vendors that Customer uses in conjunction with Branch. Customer will provide relevant contacts and subject matter experts in a timely fashion to be made available for any necessary work to conduct this SOW according to a mutually agreed upon Project schedule. Should Customer choose not to go live with any aspect of the deployment, and then at a future date need additional Onboarding Services, this will require another statement of work or Change Order to extend the Onboarding Services term and may result in additional costs.
- FEES. Customer will pay Branch for the Onboarding Services at the rates specified in the applicable Order Form.
Effective January 1, 2023 to April 13, 2023
DownloadTable of Contents
Addendum to Order Form
Onboarding Services Statement of Work
This Onboarding Services Statement of Work (“SOW”) describes Onboarding Services to be performed by Branch for Customer (each a “party”, collectively “Parties”) to the extent Customer has purchased Onboarding Services, as set forth in Customer’s Order Form. By executing an Order Form that references this SOW, Customer agrees to the terms of this SOW. Except where otherwise expressly indicated within this SOW, this SOW is subject to the terms of the applicable Order Form and Branch’s Terms and Conditions, or instead, where there is a service agreement in place between Customer and Branch, that service agreement, as applicable, between the Parties as referenced in the relevant Order Form (“Service Agreement”).
Customer may not receive Onboarding Services if Customer is Branch’s direct competitor, except with Branch’s prior written consent. In addition, Customer may not receive Onboarding Services for the purposes of evaluating or monitoring their quality or performance, or for any other benchmarking or competitive purposes.
I. DEFINITIONS
- “Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
- “Branch” means Branch Metrics, Inc., the entity you are hereby contracting with.
- “Branch OS” means Branch’s Onboarding Services organization.
- “Customer” means the company or other legal entity for which you are accepting this SOW together with Affiliates of that company or entity which have signed SOWs or Order Forms for Onboarding Services.
- “Change Order” means any change to an SOW or Order Form, as applicable, as described in the “Change Orders” section below. Change Orders will be deemed incorporated by reference in the applicable SOW or Order Form, as applicable in the absence of an SOW.
- “Order Form” means an ordering document specifying the Onboarding Services to be provided hereunder and that is entered into between Customer and Branch, including any addenda and supplements thereto.
- “Onboarding Services” means work performed by Branch under a SOW or Order Form, including Branch’s Onboarding assistance specified in such SOW or Order Form. For clarity, the “Service(s)” under the Service Agreement do not include Onboarding Services.
- “SOW” or “Statement of Work” means a statement of work describing Onboarding Services to be provided hereunder, that is entered into between Customer and Branch which is incorporated into an Order Form that is entered into between Customer and Branch.
- “Effective Date” means the date signed by both Parties in the Order Form; if the Parties signed on different dates, the later of the two dates will constitute the Effective Date.
- “Work Product” means all works of authorship, inventions, know-how, ideas, materials, information, designs, and files made or conceived or reduced to practice, in whole or in part by Branch or its subcontractors in connection with the Onboarding Services, and all intellectual property rights relating thereto.
II. SCOPE OF SERVICES. Branch OS will provide Customer with resources to assist Customer’s staff as set forth below (the “Project”), subject to Customer’s payment of all applicable fees as set forth in the applicable Order Form. Branch OS and Customer (collectively, the “Project Team”) will commit resources to work on the Project. In providing the Onboarding Services hereunder, Branch OS will employ reasonable, industry-standard Onboarding processes and activities.
| Service | Onboarding Service Description |
| Discovery |
|
| Engagement Management |
|
| Engagement Support |
|
| Software Configuration |
|
| Enablement |
|
III. PROJECT ROLES AND RESPONSIBILITIES. This is a list of Project roles, NOT individuals, required to complete the Project. A single individual may take responsibility for any number of roles, or a single role may require more than one individual. Customer acknowledges its participation is critical for Project success.
| Role | Branch OS | Customer |
| Sponsor | Responsible for allocating Branch OS resources
| Responsible for providing Customer resources needed for successful onboarding, and promote process change where necessary |
| Project Manager | Responsible for oversight of Branch OS resources, schedules. Supporting responsibilities include:
| Responsible for the oversight of Customer resources, schedules and responsibilities including:
|
| Administrator | N/A | Responsible for ongoing Branch administration, once onboarding is complete
|
| Functional Consultant(s) / Business Process Owner(s) | Responsible for providing leadership and guidance on the overall usage of Branch
| Responsible for review and acceptance of Branch integration, and identification of exceptions/risks
|
| Extended Team | As needed Branch OS resources (including Solution Architects, Subject Matter Experts, Technical and/or Education resources) to support the scope of the Project | Additional Customer resources as needed to support the scope of the Project |
IV. ONBOARDING SERVICE ASSUMPTIONS. Unless otherwise noted in this SOW or agreed to in writing by the Parties, the following assumptions are based on information provided by the Customer relating to the Project and have been used to estimate Branch OS’s required level of effort and fees. Deviations from these assumptions may lead to commensurate changes in the timeline and fees and will be handled through a formal Change Order.
- Term Length: Unless otherwise agreed upon by both Parties and duly executed in writing, the obligation of Branch to provide Onboarding Services under this SOW expires after the timeframe identified in the Order Form, following the SOW “Effective Date.”
- Scope: Any item or activity not specifically included within the scope of this SOW is deemed outside the scope of this SOW and may require a Change Order, or separate SOW. Services referenced herein are in support of standard Branch software functionality as defined by the applicable Service Agreement, except as may otherwise be specified in this SOW. Any changes to the software functionality supplied are outside the scope of this SOW.
- No Recording: Customer will not film or record Branch delivery of Onboarding Services or Branch materials.
- Reasonable Work Hours: Customer agrees that:
- Branch OS staffing commitments (“Staffing Commitments”) include up to the amount set forth in the Order Form (if any);
- Staffing Commitments in this SOW may not have been fully scoped, and there is no assurance that the work identified by the Customer for Branch OS subject to Staffing Commitments can be completed within the time period scoped or even that such work can be completed at all;
- Branch OS reserves the right to reject any request for work identified by Customer to be provided by Branch OS as Staffing Commitments, if Branch OS reasonably believes such work is outside of the type of services normally provided by Branch OS; and
- Staffing Commitments may be consumed by Branch OS in completing preparations for meetings, completing offline research, and completing offline configurations or other action items.
- Overages: Branch OS will secure Customer’s approval to bill against overages that exceed initial Staffing Commitments before the provisioning of any such overage services.
- Cancellation / Postponement: Branch OS and Customer will use commercially reasonable efforts to attend all scheduled Project meetings. The repeated cancelation of Project meetings may result in Project delay and additional costs.
- Business Hours: Branch OS resources will be reachable over email during normal business hours (9 am - 6 pm local time, Monday – Friday, excluding nationally recognized holidays), and issues escalated outside of normal business hours may be sent to support@branch.io.
- Non-Solicitation: During the term of the SOW and for a period of three (3) years thereafter, Customer shall not interfere with Branch’s relationship with, or endeavor to entice away from Branch, any person who, on the date of the termination of or expiration of the Agreement, was an employee of Branch.
V. CUSTOMER RESOURCE AVAILABILITY. Project timeline estimates provided by Branch OS are dependent on the availability of Customer resources and key decision makers. Lack of access to or the material change to resources and/or Project stakeholders may impact estimated timelines and whether additional Onboarding Services may be needed. Customer is responsible for acknowledging, reviewing, and responding to communications from Branch OS to support this Project. Some integration features may require Customer’s contractual signature / e-signature with a third party before Branch OS can continue with the provisioning of services, and Customer is responsible for responding and executing such third party agreements in a timely and collaborative fashion. Customer is responsible for any engagement and management of third-party vendors that Customer uses in conjunction with Branch. Customer will provide relevant contacts and subject matter experts in a timely fashion to be made available for any necessary work to conduct this SOW according to a mutually agreed upon Project schedule. Should Customer choose not to go live with any aspect of the deployment, and then at a future date need additional Onboarding Services, this will require another statement of work or Change Order to extend the Onboarding Services term and may result in additional costs.
VI. CHANGE ORDERS. Changes to a SOW or Order Form will require a written Change Order signed by the Parties prior to implementation of the changes. Such changes many include, for example, changes to the scope of work and any corresponding changes to the estimated fees and schedule.
VII. FEES. Customer will pay Branch for the Onboarding Services at the rates specified in the applicable Order Form.
VIII. LICENSES PROCUREMENT AND ACCEPTANCE OF TERMS
- Any rights for Customer to use and access Branch software (including without limitation any service functionalities, products, modules and features) are outside the scope of this SOW and must be separately procured by Customer from Branch pursuant to an Order Form or the applicable Service Agreement.
- Customer is responsible for separately procuring, at its own expense, all necessary rights for its and/or Branch OS’s use of any Customer or third-party technology that will be used within the scope of this SOW, including any applications and/or services with which the Branch Service can be connected through integrations. Customer represents and warrants that it will procure all such rights prior to using or permitting Branch OS’s use of any such third-party technology hereunder. Customer acknowledges that use of third-party technology and/or services not already licensed or purchased by Customer may require additional licenses and fee(s) that must be obtained separately by the Customer from the specific third-party provider of such applications and/or services.
IX. INTELLECTUAL PROPERTY
- Customer will retain all right, title, and interest in and to any materials provided to Branch OS and the Branch OS resources pursuant to this SOW (“Customer Materials”). Customer grants Branch (including Branch OS) and its contractors a worldwide, non-exclusive, right to use, copy, distribute, create derivative works based on, display, and perform its Customer Materials as reasonably necessary for Branch OS to provide the Onboarding Services and Services to Customer.
- Except for the rights granted in this Section, and subject to Customer’s rights in the Customer Materials, Branch owns and reserves all right, title, and interest in and to the Work Product. Branch grants Customer a limited, non-exclusive, non-transferable license to access and use the Work Product with the Services for Customer’s internal business purposes during the Term of the applicable Service Agreement.
- Customer will not (and will not allow any third party to): (a) remove or alter proprietary notices from the Work Product or (b) use, sell, copy, modify, create derivative works based on, publicly perform, publicly display, or distribute the Work Product outside of the Services.
X. DISCLAIMER. TO THE FULLEST EXTENT PERMITTED BY LAW, BRANCH AND ITS AFFILIATES (A) MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, STATORY OR OTHERWISE REGARDING THE ONBOARDING SERVICES AND WORK PRODUCT, AND (B) DISCLAIMS ALL WARRANTIES, INCLUDING ANY IMPLIED OR EXPRESS WARRANTIES (I) OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT OR (II) THAT THE ONBOARDING SERVICES AND WORK PRODUCT ARE ACCURATE, COMPLETE, OR RELIABLE. THE ONBOARDING SERVICES AND WORK PRODUCT ARE PROVIDED “AS IS” AND “AS AVAILABLE.” NO ADVICE OR INFORMATION OBTAINED FROM THE ONBOARDING SERVICES AND WORK PRODUCT WILL CREATE ANY WARRANTY NOT EXPRESSLY MADE IN THIS SOW.
XI. TERM AND TERMINATION
- Term. This SOW will expire or terminate in accordance with the Section on “Term Length” above.
- Termination for Cause. Either party may terminate this SOW if the other party is in material breach of the SOW and fails to cure that breach within thirty days after receipt of written notice. Any termination of the applicable Service Agreement will also terminate this SOW.
- Surviving Provisions. The Sections on “Intellectual Property” and the “Disclaimer” will survive termination of this SOW.
Effective December 6, 2022 to January 1, 2023
DownloadTable of Contents
Addendum to Order Form
Onboarding Services Statement of Work
This Onboarding Services Statement of Work (“SOW”) describes Onboarding Services to be performed by Branch for Customer (each a “party”, collectively “Parties”) to the extent Customer has purchased Onboarding Services, as set forth in Customer’s Order Form. By executing an Order Form that references this SOW, Customer agrees to the terms of this SOW. Except where otherwise expressly indicated within this SOW, this SOW is subject to the terms of the applicable Order Form and Branch’s Terms and Conditions, or instead, where there is a service agreement in place between Customer and Branch, that service agreement, as applicable, between the Parties as referenced in the relevant Order Form (“Service Agreement”).
Customer may not receive Onboarding Services if Customer is Branch’s direct competitor, except with Branch’s prior written consent. In addition, Customer may not receive Onboarding Services for the purposes of evaluating or monitoring their quality or performance, or for any other benchmarking or competitive purposes.
I. DEFINITIONS
- “Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
- “Branch” means Branch Metrics, Inc., the entity you are hereby contracting with.
- “Branch OS” means Branch’s Onboarding Services organization.
- “Customer” means the company or other legal entity for which you are accepting this SOW together with Affiliates of that company or entity which have signed SOWs or Order Forms for Onboarding Services.
- “Change Order” means any change to an SOW or Order Form, as applicable, as described in the “Change Orders” section below. Change Orders will be deemed incorporated by reference in the applicable SOW or Order Form, as applicable in the absence of an SOW.
- “Order Form” means an ordering document specifying the Onboarding Services to be provided hereunder and that is entered into between Customer and Branch, including any addenda and supplements thereto.
- “Onboarding Services” means work performed by Branch under a SOW or Order Form, including Branch’s Onboarding assistance specified in such SOW or Order Form. For clarity, the “Service(s)” under the Service Agreement do not include Onboarding Services.
- “SOW” or “Statement of Work” means a statement of work describing Onboarding Services to be provided hereunder, that is entered into between Customer and Branch which is incorporated into an Order Form that is entered into between Customer and Branch.
- “Effective Date” means the date signed by both Parties in the Order Form; if the Parties signed on different dates, the later of the two dates will constitute the Effective Date.
- “Work Product” means all works of authorship, inventions, know-how, ideas, materials, information, designs, and files made or conceived or reduced to practice, in whole or in part by Branch or its subcontractors in connection with the Onboarding Services, and all intellectual property rights relating thereto.
II. SCOPE OF SERVICES. Branch OS will provide Customer with resources to assist Customer’s staff as set forth below (the “Project”), subject to Customer’s payment of all applicable fees as set forth in the applicable Order Form. Branch OS and Customer (collectively, the “Project Team”) will commit resources to work on the Project. In providing the Onboarding Services hereunder, Branch OS will employ reasonable, industry-standard Onboarding processes and activities.
Service | Onboarding Service Description |
Discovery |
|
Engagement Management |
|
Engagement Support |
|
Software Configuration |
|
Enablement |
|
III. PROJECT ROLES AND RESPONSIBILITIES. This is a list of Project roles, NOT individuals, required to complete the Project. A single individual may take responsibility for any number of roles, or a single role may require more than one individual. Customer acknowledges its participation is critical for Project success.
Role | Branch OS | Customer |
Sponsor | Responsible for allocating Branch OS resources
| Responsible for providing Customer resources needed for successful onboarding, and promote process change where necessary |
Project Manager | Responsible for oversight of Branch OS resources, schedules. Supporting responsibilities include:
| Responsible for the oversight of Customer resources, schedules and responsibilities including:
|
Administrator | N/A | Responsible for ongoing Branch administration, once onboarding is complete
|
Functional Consultant(s) / Business Process Owner(s) | Responsible for providing leadership and guidance on the overall usage of Branch
| Responsible for review and acceptance of Branch integration, and identification of exceptions/risks
|
Extended Team | As needed Branch OS resources (including Solution Architects, Subject Matter Experts, Technical and/or Education resources) to support the scope of the Project | Additional Customer resources as needed to support the scope of the Project |
IV. ONBOARDING SERVICE ASSUMPTIONS. Unless otherwise noted in this SOW or agreed to in writing by the Parties, the following assumptions are based on information provided by the Customer relating to the Project and have been used to estimate Branch OS’s required level of effort and fees. Deviations from these assumptions may lead to commensurate changes in the timeline and fees and will be handled through a formal Change Order.
- Term Length: Unless otherwise agreed upon by both Parties and duly executed in writing, the obligation of Branch to provide Onboarding Services under this SOW expires after the timeframe identified in the Order Form, following the SOW “Effective Date.”
- Scope: Any item or activity not specifically included within the scope of this SOW is deemed outside the scope of this SOW and may require a Change Order, or separate SOW. Services referenced herein are in support of standard Branch software functionality as defined by the applicable Service Agreement, except as may otherwise be specified in this SOW. Any changes to the software functionality supplied are outside the scope of this SOW.
- No Recording: Customer will not film or record Branch delivery of Onboarding Services or Branch materials.
- Reasonable Work Hours: Customer agrees that:
- Branch OS staffing commitments (“Staffing Commitments”) include up to the amount set forth in the Order Form (if any);
- Staffing Commitments in this SOW may not have been fully scoped, and there is no assurance that the work identified by the Customer for Branch OS subject to Staffing Commitments can be completed within the time period scoped or even that such work can be completed at all;
- Branch OS reserves the right to reject any request for work identified by Customer to be provided by Branch OS as Staffing Commitments, if Branch OS reasonably believes such work is outside of the type of services normally provided by Branch OS; and
- Staffing Commitments may be consumed by Branch OS in completing preparations for meetings, completing offline research, and completing offline configurations or other action items.
- Overages: Branch OS will secure Customer’s approval to bill against overages that exceed initial Staffing Commitments before the provisioning of any such overage services.
- Cancellation / Postponement: Branch OS and Customer will use commercially reasonable efforts to attend all scheduled Project meetings. The repeated cancelation of Project meetings may result in Project delay and additional costs.
- Business Hours: Branch OS resources will be reachable over email during normal business hours (9 am - 6 pm local time, Monday – Friday, excluding nationally recognized holidays), and issues escalated outside of normal business hours may be sent to support@branch.io.
- Non-Solicitation: During the term of the SOW and for a period of three (3) years thereafter, Customer shall not interfere with Branch’s relationship with, or endeavor to entice away from Branch, any person who, on the date of the termination of or expiration of the Agreement, was an employee of Branch.
V. CUSTOMER RESOURCE AVAILABILITY. Project timeline estimates provided by Branch OS are dependent on the availability of Customer resources and key decision makers. Lack of access to or the material change to resources and/or Project stakeholders may impact estimated timelines and whether additional Onboarding Services may be needed. Customer is responsible for acknowledging, reviewing, and responding to communications from Branch OS to support this Project. Some integration features may require Customer’s contractual signature / e-signature with a third party before Branch OS can continue with the provisioning of services, and Customer is responsible for responding and executing such third party agreements in a timely and collaborative fashion. Customer is responsible for any engagement and management of third-party vendors that Customer uses in conjunction with Branch. Customer will provide relevant contacts and subject matter experts in a timely fashion to be made available for any necessary work to conduct this SOW according to a mutually agreed upon Project schedule. Should Customer choose not to go live with any aspect of the deployment, and then at a future date need additional Onboarding Services, this will require another statement of work or Change Order to extend the Onboarding Services term and may result in additional costs.
VI. CHANGE ORDERS. Changes to a SOW or Order Form will require a written Change Order signed by the Parties prior to implementation of the changes. Such changes many include, for example, changes to the scope of work and any corresponding changes to the estimated fees and schedule.
VII. FEES. Customer will pay Branch for the Onboarding Services at the rates specified in the applicable Order Form.
VIII. LICENSES PROCUREMENT AND ACCEPTANCE OF TERMS
- Any rights for Customer to use and access Branch software (including without limitation any service functionalities, products, modules and features) are outside the scope of this SOW and must be separately procured by Customer from Branch pursuant to an Order Form or the applicable Service Agreement.
- Customer is responsible for separately procuring, at its own expense, all necessary rights for its and/or Branch OS’s use of any Customer or third-party technology that will be used within the scope of this SOW, including any applications and/or services with which the Branch Service can be connected through integrations. Customer represents and warrants that it will procure all such rights prior to using or permitting Branch OS’s use of any such third-party technology hereunder. Customer acknowledges that use of third-party technology and/or services not already licensed or purchased by Customer may require additional licenses and fee(s) that must be obtained separately by the Customer from the specific third-party provider of such applications and/or services.
IX. INTELLECTUAL PROPERTY
- Customer will retain all right, title, and interest in and to any materials provided to Branch OS and the Branch OS resources pursuant to this SOW (“Customer Materials”). Customer grants Branch (including Branch OS) and its contractors a worldwide, non-exclusive, right to use, copy, distribute, create derivative works based on, display, and perform its Customer Materials as reasonably necessary for Branch OS to provide the Onboarding Services and Services to Customer.
- Except for the rights granted in this Section, and subject to Customer’s rights in the Customer Materials, Branch owns and reserves all right, title, and interest in and to the Work Product. Branch grants Customer a limited, non-exclusive, non-transferable license to access and use the Work Product with the Services for Customer’s internal business purposes during the Term of the applicable Service Agreement.
- Customer will not (and will not allow any third party to): (a) remove or alter proprietary notices from the Work Product or (b) use, sell, copy, modify, create derivative works based on, publicly perform, publicly display, or distribute the Work Product outside of the Services.
X. DISCLAIMER. TO THE FULLEST EXTENT PERMITTED BY LAW, BRANCH AND ITS AFFILIATES (A) MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, STATORY OR OTHERWISE REGARDING THE ONBOARDING SERVICES AND WORK PRODUCT, AND (B) DISCLAIMS ALL WARRANTIES, INCLUDING ANY IMPLIED OR EXPRESS WARRANTIES (I) OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT OR (II) THAT THE ONBOARDING SERVICES AND WORK PRODUCT ARE ACCURATE, COMPLETE, OR RELIABLE. THE ONBOARDING SERVICES AND WORK PRODUCT ARE PROVIDED “AS IS” AND “AS AVAILABLE.” NO ADVICE OR INFORMATION OBTAINED FROM THE ONBOARDING SERVICES AND WORK PRODUCT WILL CREATE ANY WARRANTY NOT EXPRESSLY MADE IN THIS SOW.
XI. TERM AND TERMINATION
- Term. This SOW will expire or terminate in accordance with the Section on “Term Length” above.
- Termination for Cause. Either party may terminate this SOW if the other party is in material breach of the SOW and fails to cure that breach within thirty days after receipt of written notice. Any termination of the applicable Service Agreement will also terminate this SOW.
- Surviving Provisions. The Sections on “Intellectual Property” and the “Disclaimer” will survive termination of this SOW.
Privacy Opt-Out
Effective December 31, 2022
DownloadTable of Contents
User Tracking Opt-out
We take our customers’ privacy very seriously and provide mechanisms for opting out of data collection features, which are identified below. You can learn more about the types of data that we need to collect for our core service here: https://branch.io/policies/#privacy. We collect limited device information to improve our deep linking technology and to provide attribution and analytics services, but we understand that some users would like to opt out of this data processing.
BROWSER-BASED OPT-OUTS
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer set cookies (beyond the opt-out cookie itself). Due to the nature of the Services, some functionality will be degraded or no longer work as a result. Cookie-based opt-outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt-out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”), and adheres to its Codes of Conduct. NAI provides you with the opportunity to opt-out (on a browser-by-browser basis) from data collection by participating NAI members, including Branch. That opt-out is available here.
DEVICE-BASED OPT-OUTS & CHOICES
Mobile Device Identifier: To exercise the mobile device privacy settings controls, please visit the privacy settings of your Android or iOS device and select “opt-out of interest based ads” (Android) or “limit ad tracking” (Apple iOS) . Branch will only be able to collect information as permitted by these settings.
Branch’s Device-Based Opt-Out: You can submit a request to opt-out of the Branch Services on a particular device by submitting a request here. Due to the nature of the Services, some functionality will be degraded or no longer work once that request is executed.
Effective October 11, 2022 to December 31, 2022
DownloadTable of Contents
User Tracking Opt-out
We take our customers’ privacy very seriously and provide mechanisms for opting out of data collection features, which are identified below. You can learn more about the types of data that we need to collect for our core service here: https://branch.io/policies/#privacy. We collect limited device information to improve our deep linking technology and to provide attribution and analytics services, but we understand that some users would like to opt out of this data processing.
BROWSER-BASED OPT-OUTS
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer set cookies (beyond the opt-out cookie itself). Due to the nature of the Services, some functionality will be degraded or no longer work as a result. Cookie-based opt-outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt-out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”), and adheres to its Codes of Conduct. NAI provides you with the opportunity to opt-out (on a browser-by-browser basis) from data collection by participating NAI members, including Branch. That opt-out is available here.
DEVICE-BASED OPT-OUTS & CHOICES
Mobile Device Identifier: To exercise the mobile device privacy settings controls, please visit the privacy settings of your Android or iOS device and select “opt-out of interest based ads” (Android) or “limit ad tracking” (Apple iOS) . Branch will only be able to collect information as permitted by these settings.
Branch’s Device-Based Opt-Out: You can submit a request to opt-out of the Branch Services on a particular device by submitting a request here . Due to the nature of the Services, some functionality will be degraded or no longer work once that request is executed.
Effective June 1, 2022 to October 11, 2022
DownloadTable of Contents
User Tracking Opt-out
We take our customers’ privacy very seriously and provide mechanisms for opting out of data collection features, which are identified below. You can learn more about the types of data that we need to collect for our core service here: https://branch.io/policies/#privacy. We collect limited device information to improve our deep linking technology and to provide attribution and analytics services, but we understand that some users would like to opt out of this data processing.
BROWSER-BASED OPT-OUTS
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer set cookies (beyond the opt-out cookie itself). Due to the nature of the Services, some functionality will be degraded or no longer work as a result. Cookie-based opt-outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt-out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”), and adheres to its Codes of Conduct. NAI provides you with the opportunity to opt-out (on a browser-by-browser basis) from data collection by participating NAI members, including Branch. That opt-out is available here.
DEVICE-BASED OPT-OUTS & CHOICES
Mobile Device Identifier: To exercise the mobile device privacy settings controls, please visit the privacy settings of your Android or iOS device and select “opt-out of interest based ads” (Android) or “limit ad tracking” (Apple iOS). Branch will only be able to collect information as permitted by these settings.
Branch’s Device-Based Opt-Out: You can submit a request to opt-out of the Branch Services on a particular device by submitting a request here. Due to the nature of the Services, some functionality will be degraded or no longer work once that request is executed.
Privacy Policy
Effective May 8, 2023
DownloadTable of Contents
Privacy Policy
The Branch Guiding Privacy Principles
We are a linking and analytics platform for app and website developers. And we are proud of our commitment to providing our services in a privacy-first way. So we thought it would be helpful to lay out, in plain English, the Branch Guiding Privacy Principles that drive how we’ve chosen to design our services with privacy as a top priority. We further describe our privacy practices in the official Privacy Policy below this section, but we hope you’ll find this summary of our principles helpful.
- We limit the data we collect. We practice data minimization, which means that we take steps to avoid collecting or storing information that we don’t need to provide our services. The personal data that we collect to provide our services is limited to data like advertising identifiers, IP address, and information derived from resettable cookies (the full list is below in our privacy policy). We do not collect or store information such as names, email addresses, physical addresses, or SSNs to provide our services. Nor do we want to. In fact, our Terms & Conditions prohibit our customers from providing Branch with any kind of sensitive end-user information.
- We will only provide you with data about actual end-user activity on your apps or websites. Customers who subscribe to our linking and analytics platform can only access “earned” cookies or identifiers. This means that an end user must visit a customer’s site before our customer can see the cookie; and an end user must download a customer’s app in order for Branch to collect the end user’s advertising identifier for that customer. In short, the Branch services benefit customers who already have seen an end user across their platforms and want to understand the relationship between those web visits and app sessions.
- We do not rent or sell customer end user data. No Branch customer can access another Branch customer’s end-user data. And we are not in the business of renting or selling any customer’s end-user data to anyone else. To enable customers to control their end-user personal data, they can request deletion here of that data at any time, whether in bulk or for a specific end user. These controls are available to customers worldwide, although we designed them to comply with the CCPA and GDPR requirements.
Beyond these principles stated above, Branch will continue to find ways to design our services to respect end user privacy. We’re committed to making sure our customers understand how we use data they entrust to us and how they can control it so that they can, in turn, be transparent with their end users.
Introduction
Branch Metrics, Inc. ( "Branch", "us", "our" or "we") offers a linking and analytics platform enabling developers of applications (our "Clients")--whether those applications are websites or "apps," and across different types of devices--to improve their end users’ ("Users") cross-application experiences, and to derive additional insights into how their Users download and utilize those applications. Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.
This Privacy Policy is divided into three parts:
- Collection and Use of Information from Our Services: This section explains how Branch collects and uses information about Users in connection with our linking and analytics products and services (the "Branch Services" or the "Services").
- Collection and Use of Information from Our Website and for Marketing Purposes: This section explains how we collect and use information about our website visitors through our website located at branch.io (the “Website”), which includes the dashboard we provide to our Clients located at dashboard.branch.io. So, if you are a Client using our Branch dashboard, this section applies to the data we collect from you. It also explains how we collect information about potential Clients from vendors and other sources to enhance our marketing efforts.
- Policies Applicable to Both Our Services & Our Website: This section lays out the parts of the Branch Privacy Policy that apply to both the Services and to the Website.
Collection and Use of Information from Our Services
What Information Does Branch Collect from Our Services?
Below, we explain what information we collect on behalf of our Clients through the Services, and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
The Branch Services: Overview
Branch provides a variety of Services intended to help Clients understand the use of their digital properties by their Users across a wide array of platforms, devices and applications. Branch helps Clients by connecting User interactions across siloed applications (email, SMS, web browsers, social platforms, native applications and others), so that Clients understand the multiple steps that a User took to ultimately complete a transaction with the Client. The Client can use this information to better inform marketing and product decisions as well as to provide improved user experiences by using their knowledge of continuity.
Branch has no direct relationship with Users. Branch’s Services are provided when Branch Clients install on their platforms “Branch Mechanisms” (including links, pixels, direct platform integrations, etc.) that capture User action on behalf of the Client. Using the information collected from these Branch Mechanisms, Branch uses a variety of attribution techniques to connect User actions across different channels and platforms. Some of these attribution techniques include a direct pass-through of identifiers from platform to platform, creating and storing identifiers unique to the Branch platform to connect User actions and identifiers together, and predictive modeling algorithms using real-time and historical data parameters observed from User interactions where there are no shared identifiers available, as well as using historical connections Branch has derived over time using our technology. In some cases, these connections are made without the use of cookies. These techniques help Clients match Users with devices they use, including matching the same User across multiple devices.
The key use cases of Branch’s Services are:
- To support Clients in implementing deep linking, which uses Branch’s connection information in real time to improve the User experience.
- For example, if a User clicks on a link in an email or ad to a specific page in a Client’s app, Branch helps the User get to that page after they download the app.
- To report individualized and aggregated analytics metrics about the performance of the Client’s product and marketing initiatives to the Client directly.
- For example, Branch can tell a Client how many Users that downloaded an app or that went to a specific page in an app came from clicking on a specific link, and provide corresponding advertising or other identifiers.
- To assist the Client by presenting real time, targeted messaging to their Users depending on past behavior observed across the Client’s tracked platforms with the purpose of driving more engagement to the Client.
- For example, Branch can use Branch Mechanisms to provide a tailored message like a coupon code or special offer in your website to users who have interacted with your app and/or website in the past.
Branch requires that each Client commit to disclose to Branch only information that it has lawfully obtained (including, where necessary, by obtaining consent from Users), and that it has the right to disclose to Branch. We strongly discourage Clients from disclosing sensitive User information with us, as such information is not necessary for the provision of the Services, and we prohibit them from providing us with data relating to children under 13 (or, in certain jurisdictions, under 16).
In the charts below, we summarize the information collected automatically by the Services.
Information Collected By Branch Links and Pixels
Branch collects the following information from URLs created by the Client (i.e., Branch Links) and pixels placed on Client websites. Branch Links may be embedded into QR Codes as configured by the Client. Some of this information is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual) (“Personal Data”).
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; used for attribution and to understand general location |
Cookie | Standard web cookies, used for device identification and attribution |
Link Data | Metadata controlled by the Client, which may be used to interpret the data for reporting, or for analytics |
User Agent | Standard web browser user agent metadata; used for device identification and attribution |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Request | Standard web HTTP request |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the webpage from which such ads were displayed, and webpages on Client’s website visited by a User. Other interactions, events and actions Clients choose to measure and analyze within their website (e.g., add to cart, purchases made, clicks, engagement time etc.). |
Information Collected by Branch SDKs
SDKs are Software Development Kits that include code that allows Clients to use the Branch Services. The Branch Mobile App SDKs, Web SDKs, and Over-the-Top (OTT) SDKs collect the following information when Clients use these SDKs in their applications or websites, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
Advertising identifier (e.g., GAID, Android ID, IDFA, IDFV, RIDA) | Used for device identification and attribution |
Branch Cookie ID | Used for device identification and attribution |
IP Address | Standard web HTTP request; used for device identification, attribution, and to understand general location |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Central Processing Unit (CPU) Type | Metadata feature used for device identification and attribution |
System build version | Metadata feature used for device identification and attribution |
Internet connection type | Metadata feature used for device identification and attribution |
Application version | Metadata feature used for device identification and attribution |
Device model | Metadata feature used for device identification and attribution |
Manufacturer / Brand | Metadata feature used for device identification and attribution |
Operating system | Metadata feature used for device identification and attribution |
Operating system version | Metadata feature used for device identification and attribution |
Screen size (height, width) | Metadata feature used for device identification and attribution |
Screen resolution | Metadata feature used for device identification and attribution |
Mobile network status (Wi-Fi, etc.) | Metadata feature used for device identification and attribution |
Device locale (country and language) | Metadata feature used for device identification and attribution |
Local IP address | Metadata feature used for device identification and attribution |
Mobile platform | Metadata feature used for device identification and attribution |
Branch SDK version | Metadata feature used for device identification and attribution |
Developer ID | (optional) Client-supplied unique identifier; metadata feature Used for device identification and attribution |
Carrier ID | Metadata feature used for device identification and attribution |
Environment | Metadata feature used for device identification and attribution |
UI Mode | Metadata feature used for device identification and attribution |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the application page from which such ads were displayed, pages on Client’s application visited by a User, downloads, opt-in status for certain tracking mechanisms, and installations of applications. Other interactions, events and actions Clients choose to measure and analyze within their application (e.g., add to cart, purchases made, clicks, engagement time etc.). |
In addition to the information identified above, the Branch Desktop SDKs collect the following identifiers when Clients use these SDKs in their desktop applications, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
MAC address | Used for device identification and attribution |
Windows Advertising ID | Used for device identification and attribution |
CPU ID | Used for device identification and attribution |
Information Collected By Other Parties
As part of Branch’s Services, Branch’s Clients may direct certain of their vendors or business partners (such as an ad network or vendor) to provide certain Engagement Data to Branch on the Client’s behalf.
How Does Branch Use Information Collected by Our Services?
Data Branch collects through the Services is processed:
- to better understand how and from where Users come to download certain apps, what types of apps are popular, or to recognize browsers and devices that are likely to be operated by the same User.
- to provide, maintain, optimize, research and improve the Branch Services we provide our Clients, including to support other Branch products and services, develop new products and services, and market products or services; to support the products and services of our Clients; and as permitted or required by applicable law.
- to fulfill Clients’ and prospective Clients’ requests for the Services including processing data at the Client’s direction and transferring User data to them. Branch does not control how Clients use information Branch discloses to Clients, and Users should read Clients’ Privacy Policies to understand how they use information they receive from Branch.
- to aggregate data across various sources, including data from various Clients or other parties.
- to create reports based on aggregated information, which is information that cannot reasonably be linked back to any individual person or Client and disclose these reports to the public.
- for anti-fraud protection and analysis relating to the Services to ensure more accurate attribution measurement, general fraud prevention, or where otherwise required by law.
We may aggregate and/or de-identify the data we collect through the Services. After data has been aggregated and/or de-identified, Branch cannot use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any other parties, including business partners, Clients, and/or others.
Our Clients’ Use of Information
Our Clients may use the information collected via the Services to improve their Users’ app experiences, customize their apps to Users, and to better understand their app marketing programs and how Users discover their apps. For example, a User may want to disclose information about a hotel that she found in a travel app to a friend. When that User sends her friend a Branch link to that hotel, after clicking the link the friend is brought directly to the content relating to that hotel within the app, rather than landing on the app’s homepage and having to search for the hotel. The travel app would also gain insights and analytics as to how the content is being disclosed from its app.
We require that our Clients utilize our Services responsibly and in accordance with our Terms & Conditions. Branch is not responsible for the data practices of any of our Clients through the Services or otherwise. Each Client’s practices are subject to each Client’s individual privacy policy. Users should review the privacy policy of each Client to understand how that Client uses User information collected through the Services.
User Choices
Branch recognizes a number of consumer choice mechanisms. Due to the nature of the Services, some functionality may be degraded or no longer work as a result if you exercise certain of the opt-outs below.
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer read or set cookies (beyond the opt-out cookie itself). Cookie-based opt outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”) and adheres to its Code of Conduct. NAI provides you with the opportunity to opt out (on a browser-by-browser basis) from interest-based advertising by participating NAI members, including Branch. That opt-out is available here.
Device-Based Opt-Out: You can submit a request to opt out of the Branch Services on a particular device by submitting a request here.
Device Identifiers: To use your device’s privacy settings controls, please visit the privacy settings menu of your device to review and access the privacy controls made available on the device. Branch will only be able to collect information from the device as permitted by these settings.
Client App Opt-out Controls: Branch‘s SDK Privacy Controls allow Clients to respect granular controls regarding User data. Clients can flag in the Branch SDK that a particular User’s data should not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Engagement Builder: Branch's Engagement Builder feature may be used to help Clients conduct re-engagement and re-targeting campaigns. We require that Clients using Branch’s Engagement Builder feature for such purposes respect User opt-out preferences passed to them by Branch.
Collection and Use of Information from Our Website and for Marketing Purposes
What Information Does Branch Collect about Website Visitors and Potential Customers?
Branch collects information from Website visitors (“you” or “Website Users”) located at www.branch.io ( the “Website”), which includes the dashboard provided to our Clients located at dashboard.branch.io. The types of information we may collect and our privacy practices depend on the nature of the relationship you have with us and the requirements of applicable law. Below are the legal bases and some of the ways we collect information and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
What We Collect from Clients that Use the Website
Branch collects Personal Data and non-personal data via the Website. For example, when Clients register to use our Services, we ask them to provide us with Personal Data, including first and last name and email address.
Dashboard Information: Information we collect from visitors who register for an account on our dashboard includes the following, some of which is considered Personal Data under applicable law:
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; may be used for limited security login controls |
Cookie (ours) | Standard web cookie used for dashboard session management |
Cookie (other-party) | Other-party web tracking tools used for business intelligence |
First, Last Name | Used for team user identification |
Work Email | Used as the primary login identifier |
Password | Account registration, secure our Services and prevent fraud |
Account Holder Primary Role | Account registration, tell Clients about products and services offered by Branch and Branch’s selected partners |
User Agent | Standard web browser user agent metadata; may be used for limited security login controls |
Referer | Standard web browser HTTP referer; may be used for general internal business analytics |
Request | Standard web HTTP request; may be used for general internal business analytics |
Github ID | (optional) Can be used as a login method |
Billing information | Payment account registration |
Log Data | Provide the Services, tell Clients about products and services offered by Branch and Branch’s selected partners, personalize our experience, secure our Services and prevent fraud, and defend our legal rights and comply with the law |
Account holder feedback | Help us improve your experience on the account dashboard |
When a Client creates an account and uses the Services, Branch may collect certain log data, such as IP address from which a Client is connecting to the Services, information related to the device being used to connect to the Services (e.g., browser type and version, device type, OS version) and the features and functions of the Services used by the Client (“Log Data”).
We also require Clients to set up a user ID and unique password for account security purposes. Clients must not disclose their passwords to anyone. Clients also have the option of adding other team members to their account. This account information enables us to set up an account for Clients, to provide the Services, and to otherwise manage Client accounts. We may also use this information to notify Clients about updates to our Services and provide them with promotional emails. We offer a mechanism to opt out from promotional emails as described in the “Opt-Out from Promotional Emails” section below.
Account and Billing Information: To the extent that we charge a fee for the Services, we may also collect limited billing, payment, and contract information from Clients through our payment and contract vendors.
Connection Information with Other Parties: Some features of the dashboard Services allow you to disclose your information through your accounts to other companies such as Facebook and Google. If you choose to connect Branch to such services provided by other parties, we may collect information related to your use of those services provided by other parties, such as authentication tokens that allow us to connect to your accounts with those other parties. We will ask you for permission before you authorize our collection of this information. We may also collect information about how you are using the Services to interact with those connected services.
Information from Other Sources: In addition to the information collected through our Website, we or our vendors may obtain and disclose additional information, such as job title or contact information, from other public and non-public sources such as business websites, social networking platforms, or databases maintained by other parties. We use this information to better enable Branch to identify and contact businesses that might be interested in engaging our Services, and to gain a better understanding of a potential Client’s business needs.
Communications with Branch: Some Website Users may provide Personal Data to Branch by sending us an email or filling out an online form on the Website. We use this information to answer their question(s), and may store that information for our record keeping, marketing, and advertising purposes.
Research/Survey Solicitations: From time to time, we may perform research (online and offline) via surveys. We may engage vendors to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve individuals by learning more about their needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Website, various types of communications, advertising campaigns and/or promotional activities.
Cookies, Pixels and Web Beacons: We also collect other data via the Website from Website Users, including Website Users employed by or affiliated with Clients, through cookies and/or web beacons. Such information, some of which may be considered Personal Data under applicable law, may include IP address, pages viewed, browser type, Internet browsing and usage habits, how you browse and navigate the Website, Internet Service Provider, domain name, the time/date of your visit to the Website, the referring URL, and your computer’s operating system. For example, we may collect on a real-time basis information on how you use and navigate the Website.
If you permit the use of cookies and web beacons when you visit and continue to use the Website, we will collect information through those tools. Cookies are small data files stored on your hard drive by a website and web beacons are electronic images that may be used on our Website or in our emails. Cookies help us improve your experience on the Website as well as our marketing activities. We use cookies to see which areas and features are popular and to count visits to our Website. For more information about cookies and web beacons, please visit https://www.cookiepro.com/knowledgebase/knowledge_categories/cookies-101/. For more information about how to opt-out of cookies and web beacons after you have consented to their use, see the “Opt-out from Website Cookies/Web Beacons” section below.
How Does Branch Use the Information Collected?
Branch processes the data described in the section above for the following purposes:
- to provide, maintain, optimize, research and improve the Website;
- to fulfill your and prospective Clients’ requests for the Services;
- to send information about the Services including confirmations, invoices, payment processing, technical notices, updates, security alerts, and support and administrative messages;
- to communicate about products and services offered by Branch and Branch's selected partners. We receive opt-in consent to send promotional and marketing messages to Website Users where required by applicable law. You can opt-out of receiving these messages at any time as described below in the section titled: “Opt-out from Promotional Emails”;
- to conduct research;
- to manage your information and account, to improve and administer our Website, to contact Website Users to answer questions or resolve problems, or to verify your identity;
- to conduct research to help us to optimally deliver our existing Services or develop new products, processes and services;
- for ad delivery and reporting purposes and to create data and analytics products and services;
- to make the Website easier to use by reducing the need for Clients and Website Users to enter information;
- for other purposes disclosed to you at the time you provide data to us;
- with your consent; or
- where Branch otherwise has a legitimate interest in collecting the data, such as direct marketing, individual or market research, product improvement, anti-fraud protection, protecting the safety of us, our Website Users, or other parties, or where required by law.
Opt-Out & Do Not Track - Your Choice Mechanisms
In some cases, we rely on your consent to process Personal Data about you. In those cases, and where you have consented to Branch's processing of your Personal Data in connection with your use of the Website, you may withdraw that consent at any time by following the instructions below. Additionally, before we use Personal Data collected with your consent for any new purpose not originally authorized by you, we will provide information regarding the new purpose and ask for your consent for the new purpose. Where your consent for the processing of Personal Data is otherwise required by law or contract, we will comply with the law or contract. In other cases, we do not rely on your consent to process Personal Data about you (for example, if we have a different legal basis to process that data).
Opt Out from Promotional Emails
You can opt-out of receiving promotional emails from us by following the instructions in those emails, or by filling out this form. You can also opt-out of certain categories of emails using this form. If you opt-out using any of these tools, we may still send you non-promotional emails, such as certain updates about your account or updates to our Terms & Conditions and this Privacy Policy and/or use of the Services.
Opt Out from Website Cookies/Web Beacons
We will only use cookies consistent with your cookie settings and permissions granted on our Website. If you permit us to use cookies/web beacons as discussed above (“What Information Does Branch Collect from our Website”), but would like to opt-out:
- For dashboard users, visit https://dashboard.branch.io/account-settings/user, and toggle off “Cookie Consent”.
- For all other users, click on “Cookie Consent” at the bottom right-hand corner of our homepage (https://branch.io/), and click on the opt-out link.
Also, you can choose to set your browser to remove cookies and to reject cookies. To exercise the "Do Not Track" settings available on certain web browsers, please visit the privacy settings of your browser. Where Branch is able to see that such a selection has been made, we will not use information collected from that device to target advertising on that browser. Dashboard users must use the “Cookie Consent” feature to revoke permission to place cookies. Please note that "Do Not Track" is a different privacy mechanism than the Global Privacy Control browser choice referenced below.
Note that, even if you opt out, we may still collect and use non-personal data regarding your activities on our Website. This also does not opt you out of being served advertising altogether; you will continue to receive generic advertisements.
Vendor Tools/Analytics on the Website
The Website utilizes tracking tools from vendors, which may enable these vendors to analyze our Website traffic for analytics purposes. Some of these vendors may collect information from this Website for retargeting and interest-based advertising purposes. For more information about these forms of ad targeting and to understand your right to opt-out from these practices, please visit http://www.aboutads.info/choices/. All of these tools are hosted by the parties who provide them, and your interactions with these features are governed by the privacy policies of the parties providing them. These tools include, but are not limited to, those below.
Google. We may use Google Analytics and Google Analytics Demographics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on our Website, and to develop website content. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt-out of Google’s collection and processing of data generated by your use of the Website by going to http://tools.google.com/dlpage/gaoptout.
Mixpanel. We use a service provided by Mixpanel, Inc. (“Mixpanel”) to provide us with analytics data regarding Website Users’ interactions with our Website and Services. You may opt-out of Mixpanel’s automatic retention of data that is collected while using the Services by visiting https://mixpanel.com/optout/. To track opt-outs, Mixpanel uses a persistent opt-out cookie placed on your device. Please note that if you get a new computer, install a new browser, erase or otherwise alter the browser’s cookie file (including upgrading certain browsers), you may delete the Mixpanel opt-out cookie.
Facebook. We may use certain tools offered by Facebook, Inc. (“Facebook”) that enable it to collect or receive information about actions Website Users take on our Website through use of cookies, web beacons and other storage technologies or in order to provide measurement services, targeted ads and other services. For more information regarding the collection and use of such information by Facebook, please see the Facebook Data Policy, available at: https://www.facebook.com/policy.php.
Drift. We use certain tools offered by Drift to power our Website’s live-chat experience. If you provide information about yourself through that live-chat experience, then we may store that information for marketing purposes. Drift may also infer information about the company that you work for you based on your IP address.
Policies Applicable to Both Our Services & Our Website
When does Branch Disclose Information?
In addition to the ways described in our Terms & Conditions and this Privacy Policy, Branch may also disclose information to others under the following circumstances:
- With vendors, consultants and other parties who work for us and need access to information we collect to do that work.
- With our Clients and their agents, as described in this Policy.
- To other parties (such as advertising networks or vendors used by our Clients), as directed by our Clients.
- To comply with laws or to respond to lawful requests and legal process including to meet national security or law enforcement requirements, and in order to investigate, prevent, or take action regarding suspected, or actual, prohibited activities, including but not limited to fraud and situations involving potential threats to the physical safety of any person.
- To protect the rights and property of Branch, our agents, Clients, Users, Website Users, and others including to enforce our agreements, policies, and Terms & Conditions.
- To Branch’s subsidiaries and affiliates as necessary to help us provide, support, and maintain the Services.
- In connection with or during negotiation of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Updating Your Information and Contact Preferences
We provide Clients with a mechanism to access, review and update information via the dashboard. If you wish to review or update your information, please visit branch.io and login using the username and password you created. Next, please select “Account Settings” which can be found in the lower left corner of the dashboard screen, then select the “User” tab near the top. If you would like to delete your account, please email support@branch.io.
We Secure the Information We Collect
Securing the information provided by our Clients and collected through our Website is important to us. Branch has implemented industry-standard technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. You are responsible for maintaining the secrecy of your own passwords. If you have reason to believe that your passwords or Personal Data are no longer secure, please promptly notify us at privacy@branch.io.
Our Data Retention Policy
For our Services: Branch stores the information collected by our Services (see the “What Information Does Branch Collect from our Services?” section above) so long as our systems continue to encounter that User. After that User has been inactive for 30 days (or 90 days for specific attribution products), identifiers collected from that User will be deleted unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Usage activity logs, which are used for the purpose of reporting and analytics, are stored in an identifiable form for no more than 7 days (or up to 60 days as determined by the Client or for specific fields), after which these logs are removed or pseudonymized. Any and all pseudonymized logs are deleted after 12 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Aggregated reporting metrics disclosed to Clients are retained (in aggregate and anonymized form) for up to 24 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Branch may retain information collected by our Services beyond these periods for fraud prevention, analysis, or response, or to protect the safety of Branch, its Clients, Users or the public.
For the Website: We store Personal Data such as email address or billing details for so long as you continue to have a business relationship with Branch and for a reasonable time thereafter for record-keeping purposes. If applicable to you, you may ask us to delete that information as described in the “Data Subject Rights” section below or pursuant to your right of erasure as described in the “Data Subject Rights” section below.
Links to Other Websites
The Website and/or Services may contain links to other websites and other websites may reference or link to our Website and/or Services. These other domains and websites are not controlled by Branch, and we do not endorse or make any representations about websites or social media platforms operated by other parties. We encourage you to read the privacy policies of each and every website and application that you interact with. We do not endorse, screen, or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
International Data Transfers
All information collected via the Website and Services is stored on servers located in the United States. In the process of providing the Services, we may transfer information across borders from other countries or jurisdictions into the United States. Data protection laws in the United States may differ from your country, and the data Branch processes may be accessible to law enforcement and national security authorities under certain circumstances. By using the Services, each Client and Website User consents to the transfer and processing of information to the U.S. in accordance with this Privacy Policy. Data transfers from the European Union, United Kingdom, and Switzerland are transferred on the basis of legal mechanisms approved by the European Commission and other relevant authorities for cross-border data transfers, such as Standard Contractual Clauses or the Privacy Shield mechanism discussed in the “Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States” section below.
Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States
Branch complies with the E.U.-U.S. Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries (including European Economic Area member countries), the United Kingdom, and Switzerland transferred to the United States pursuant to Privacy Shield. Branch recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export personal data to jurisdictions outside the European Economic Area, and that the Swiss Data Protection Authority similarly held the Swiss-US Privacy Shield inadequate. Branch will continue to honor its obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
Branch no longer relies on the EU-U.S. Privacy Shield to transfer data that originated in the EEA or the United Kingdom to the U.S.
Branch is subject to the investigatory and enforcement authority of the US Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks we are obliged to inform EU, UK, and Swiss individuals whose data is being transferred into the United States that we may be required to release Personal Data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
Branch remains liable for the onward transfer of EU, UK, and Swiss personal data to other parties pursuant to the Privacy Shield unless we can prove we were not a party to the actions giving rise to the damages.
We acknowledge the right of EU, UK, and Swiss individuals to access their Personal Data pursuant to the Privacy Shield. EU, UK, and Swiss individuals wishing to exercise this right may do so by contacting privacy@branch.io.
In compliance with the Privacy Shield Principles, Branch commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Branch at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
Branch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Data Subject Rights
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to natural persons who are residents of California. Our CCPA privacy notice is available here.
Rights of Residents of the European Economic Area and United Kingdom
The European General Data Protection Regulation of 2018 (“GDPR”) and equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation (“UK Data Protection Law”) provides certain rights to residents of Europe. Information on how you can exercise rights under the GDPR and UK Data Protection Law are set forth here.
Lei Geral de Proteção de Dados
Lei Geral de Proteção de Dados (“LGPD”) provides certain rights to residents of Brazil. Information on how you can exercise rights under the LGPD are set forth here.
Our Policy Regarding Children
Services: The Branch Services are not directed to children. We require that Clients agree to not send to us data relating to any children under 13 (or, in certain jurisdictions, under 16). If you are a Client and want to learn more about Branch SDK Privacy Controls that you can use in your compliance with the U.S. Children’s Online Privacy Protection Act (COPPA), GDPR, or any other applicable law, please contact privacy@branch.io.
If you believe that we might have any information from or about a child under 13 (and in certain jurisdictions under 16) in violation of applicable law, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any information that it may have been provided inappropriately as required by law.
Website: The Branch Website is not directed to children. We do not knowingly collect through the Website Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. No one under 16 may provide any Personal Data to us. In the event that we learn that we have collected any such data from a child under 16 through our Website, we will take reasonable steps to delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any inappropriately obtained information as required by law.
Contact Us, Questions, Changes to This Privacy Policy
We may change this Privacy Policy at any time in our sole discretion. We will post all changes to this Privacy Policy on this page and will indicate at the top of the page the modified Privacy Policy’s effective date. If you have any questions or suggestions regarding this Privacy Policy, please contact us at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at info@branch.io
Compliance
This Privacy Policy shall be implemented by Branch and all its operating divisions, subsidiaries and affiliates. Branch has put in place mechanisms to verify ongoing compliance with this Privacy Policy.
Effective April 7, 2023 to May 8, 2023
DownloadTable of Contents
Privacy Policy
The Branch Guiding Privacy Principles
We are a linking and analytics platform for app and website developers. And we are proud of our commitment to providing our services in a privacy-first way. So we thought it would be helpful to lay out, in plain English, the Branch Guiding Privacy Principles that drive how we’ve chosen to design our services with privacy as a top priority. We further describe our privacy practices in the official Privacy Policy below this section, but we hope you’ll find this summary of our principles helpful.
- We limit the data we collect. We practice data minimization, which means that we take steps to avoid collecting or storing information that we don’t need to provide our services. The personal data that we collect to provide our services is limited to data like advertising identifiers, IP address, and information derived from resettable cookies (the full list is below in our privacy policy). We do not collect or store information such as names, email addresses, physical addresses, or SSNs to provide our services. Nor do we want to. In fact, our Terms & Conditions prohibit our customers from providing Branch with any kind of sensitive end-user information.
- We will only provide you with data about actual end-user activity on your apps or websites. Customers who subscribe to our linking and analytics platform can only access “earned” cookies or identifiers. This means that an end user must visit a customer’s site before our customer can see the cookie; and an end user must download a customer’s app in order for Branch to collect the end user’s advertising identifier for that customer. In short, the Branch services benefit customers who already have seen an end user across their platforms and want to understand the relationship between those web visits and app sessions.
- We do not rent or sell customer end user data. No Branch customer can access another Branch customer’s end-user data. And we are not in the business of renting or selling any customer’s end-user data to anyone else. To enable customers to control their end-user personal data, they can request deletion here of that data at any time, whether in bulk or for a specific end user. These controls are available to customers worldwide, although we designed them to comply with the CCPA and GDPR requirements.
Beyond these principles stated above, Branch will continue to find ways to design our services to respect end user privacy. We’re committed to making sure our customers understand how we use data they entrust to us and how they can control it so that they can, in turn, be transparent with their end users.
Introduction
Branch Metrics, Inc. ( "Branch", "us", "our" or "we") offers a linking and analytics platform enabling developers of applications (our "Clients")--whether those applications are websites or "apps," and across different types of devices--to improve their end users’ ("Users") cross-application experiences, and to derive additional insights into how their Users download and utilize those applications. Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.
This Privacy Policy is divided into three parts:
- Collection and Use of Information from Our Services: This section explains how Branch collects and uses information about Users in connection with our linking and analytics products and services (the "Branch Services" or the "Services").
- Collection and Use of Information from Our Website and for Marketing Purposes: This section explains how we collect and use information about our website visitors through our website located at branch.io (the “Website”), which includes the dashboard we provide to our Clients located at dashboard.branch.io. So, if you are a Client using our Branch dashboard, this section applies to the data we collect from you. It also explains how we collect information about potential Clients from vendors and other sources to enhance our marketing efforts.
- Policies Applicable to Both Our Services & Our Website: This section lays out the parts of the Branch Privacy Policy that apply to both the Services and to the Website.
Collection and Use of Information from Our Services
What Information Does Branch Collect from Our Services?
Below, we explain what information we collect on behalf of our Clients through the Services, and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
The Branch Services: Overview
Branch provides a variety of Services intended to help Clients understand the use of their digital properties by their Users across a wide array of platforms, devices and applications. Branch helps Clients by connecting User interactions across siloed applications (email, SMS, web browsers, social platforms, native applications and others), so that Clients understand the multiple steps that a User took to ultimately complete a transaction with the Client. The Client can use this information to better inform marketing and product decisions as well as to provide improved user experiences by using their knowledge of continuity.
Branch has no direct relationship with Users. Branch’s Services are provided when Branch Clients install on their platforms “Branch Mechanisms” (including links, pixels, direct platform integrations, etc.) that capture User action on behalf of the Client. Using the information collected from these Branch Mechanisms, Branch uses a variety of attribution techniques to connect User actions across different channels and platforms. Some of these attribution techniques include a direct pass-through of identifiers from platform to platform, creating and storing identifiers unique to the Branch platform to connect User actions and identifiers together, and predictive modeling algorithms using real-time and historical data parameters observed from User interactions where there are no shared identifiers available, as well as using historical connections Branch has derived over time using our technology. In some cases, these connections are made without the use of cookies. These techniques help Clients match Users with devices they use, including matching the same User across multiple devices.
The key use cases of Branch’s Services are:
- To support Clients in implementing deep linking, which uses Branch’s connection information in real time to improve the User experience.
- For example, if a User clicks on a link in an email or ad to a specific page in a Client’s app, Branch helps the User get to that page after they download the app.
- To report individualized and aggregated analytics metrics about the performance of the Client’s product and marketing initiatives to the Client directly.
- For example, Branch can tell a Client how many Users that downloaded an app or that went to a specific page in an app came from clicking on a specific link, and provide corresponding advertising or other identifiers.
- To assist the Client by presenting real time, targeted messaging to their Users depending on past behavior observed across the Client’s tracked platforms with the purpose of driving more engagement to the Client.
- For example, Branch can use Branch Mechanisms to provide a tailored message like a coupon code or special offer in your website to users who have interacted with your app and/or website in the past.
Branch requires that each Client commit to disclose to Branch only information that it has lawfully obtained (including, where necessary, by obtaining consent from Users), and that it has the right to disclose to Branch. We strongly discourage Clients from disclosing sensitive User information with us, as such information is not necessary for the provision of the Services, and we prohibit them from providing us with data relating to children under 13 (or, in certain jurisdictions, under 16).
In the charts below, we summarize the information collected automatically by the Services.
Information Collected By Branch Links and Pixels
Branch collects the following information from URLs created by the Client (i.e., Branch Links) and pixels placed on Client websites. Branch Links may be embedded into QR Codes as configured by the Client. Some of this information is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual) (“Personal Data”).
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; used for attribution and to understand general location |
Cookie | Standard web cookies, used for device identification and attribution |
Link Data | Metadata controlled by the Client, which may be used to interpret the data for reporting, or for analytics |
User Agent | Standard web browser user agent metadata; used for device identification and attribution |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Request | Standard web HTTP request |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the webpage from which such ads were displayed, and webpages on Client’s website visited by a User. Other interactions, events and actions Clients choose to measure and analyze within their website (e.g., add to cart, purchases made, clicks, engagement time etc.). |
Information Collected by Branch SDKs
SDKs are Software Development Kits that include code that allows Clients to use the Branch Services. The Branch Mobile App SDKs, Web SDKs, and Over-the-Top (OTT) SDKs collect the following information when Clients use these SDKs in their applications or websites, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
Advertising identifier (e.g., GAID, Android ID, IDFA, IDFV, RIDA) | Used for device identification and attribution |
Branch Cookie ID | Used for device identification and attribution |
IP Address | Standard web HTTP request; used for device identification, attribution, and to understand general location |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Central Processing Unit (CPU) Type | Metadata feature used for device identification and attribution |
System build version | Metadata feature used for device identification and attribution |
Internet connection type | Metadata feature used for device identification and attribution |
Application version | Metadata feature used for device identification and attribution |
Device model | Metadata feature used for device identification and attribution |
Manufacturer / Brand | Metadata feature used for device identification and attribution |
Operating system | Metadata feature used for device identification and attribution |
Operating system version | Metadata feature used for device identification and attribution |
Screen size (height, width) | Metadata feature used for device identification and attribution |
Screen resolution | Metadata feature used for device identification and attribution |
Mobile network status (Wi-Fi, etc.) | Metadata feature used for device identification and attribution |
Device locale (country and language) | Metadata feature used for device identification and attribution |
Local IP address | Metadata feature used for device identification and attribution |
Mobile platform | Metadata feature used for device identification and attribution |
Branch SDK version | Metadata feature used for device identification and attribution |
Developer ID | (optional) Client-supplied unique identifier; metadata feature Used for device identification and attribution |
Carrier ID | Metadata feature used for device identification and attribution |
Environment | Metadata feature used for device identification and attribution |
UI Mode | Metadata feature used for device identification and attribution |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the application page from which such ads were displayed, pages on Client’s application visited by a User, downloads, opt-in status for certain tracking mechanisms, and installations of applications. Other interactions, events and actions Clients choose to measure and analyze within their application (e.g., add to cart, purchases made, clicks, engagement time etc.). |
In addition to the information identified above, the Branch Desktop SDKs collect the following identifiers when Clients use these SDKs in their desktop applications, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
MAC address | Used for device identification and attribution |
Windows Advertising ID | Used for device identification and attribution |
CPU ID | Used for device identification and attribution |
Information Collected By Other Parties
As part of Branch’s Services, Branch’s Clients may direct certain of their vendors or business partners (such as an ad network or vendor) to provide certain Engagement Data to Branch on the Client’s behalf.
How Does Branch Use Information Collected by Our Services?
Data Branch collects through the Services is processed:
- to better understand how and from where Users come to download certain apps, what types of apps are popular, or to recognize browsers and devices that are likely to be operated by the same User.
- to provide, maintain, optimize, research and improve the Branch Services we provide our Clients, including to support other Branch products and services, develop new products and services, and market products or services; to support the products and services of our Clients; and as permitted or required by applicable law.
- to fulfill Clients’ and prospective Clients’ requests for the Services including processing data at the Client’s direction and transferring User data to them. Branch does not control how Clients use information Branch discloses to Clients, and Users should read Clients’ Privacy Policies to understand how they use information they receive from Branch.
- to aggregate data across various sources, including data from various Clients or other parties.
- to create reports based on aggregated information, which is information that cannot reasonably be linked back to any individual person or Client and disclose these reports to the public.
- for anti-fraud protection and analysis relating to the Services to ensure more accurate attribution measurement, general fraud prevention, or where otherwise required by law.
We may aggregate and/or de-identify the data we collect through the Services. After data has been aggregated and/or de-identified, Branch cannot use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any other parties, including business partners, Clients, and/or others.
Our Clients’ Use of Information
Our Clients may use the information collected via the Services to improve their Users’ app experiences, customize their apps to Users, and to better understand their app marketing programs and how Users discover their apps. For example, a User may want to disclose information about a hotel that she found in a travel app to a friend. When that User sends her friend a Branch link to that hotel, after clicking the link the friend is brought directly to the content relating to that hotel within the app, rather than landing on the app’s homepage and having to search for the hotel. The travel app would also gain insights and analytics as to how the content is being disclosed from its app.
We require that our Clients utilize our Services responsibly and in accordance with our Terms & Conditions. Branch is not responsible for the data practices of any of our Clients through the Services or otherwise. Each Client’s practices are subject to each Client’s individual privacy policy. Users should review the privacy policy of each Client to understand how that Client uses User information collected through the Services.
User Choices
Branch recognizes a number of consumer choice mechanisms. Due to the nature of the Services, some functionality may be degraded or no longer work as a result if you exercise certain of the opt-outs below.
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer read or set cookies (beyond the opt-out cookie itself). Cookie-based opt outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”) and adheres to its Code of Conduct. NAI provides you with the opportunity to opt out (on a browser-by-browser basis) from interest-based advertising by participating NAI members, including Branch. That opt-out is available here.
Device-Based Opt-Out: You can submit a request to opt out of the Branch Services on a particular device by submitting a request here.
Device Identifiers: To use your device’s privacy settings controls, please visit the privacy settings menu of your device to review and access the privacy controls made available on the device. Branch will only be able to collect information from the device as permitted by these settings.
Client App Opt-out Controls: Branch‘s SDK Privacy Controls allow Clients to respect granular controls regarding User data. Clients can flag in the Branch SDK that a particular User’s data should not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Engagement Builder: Branch's Engagement Builder feature may be used to help Clients conduct re-engagement and re-targeting campaigns. We require that Clients using Branch’s Engagement Builder feature for such purposes respect User opt-out preferences passed to them by Branch.
Collection and Use of Information from Our Website and for Marketing Purposes
What Information Does Branch Collect about Website Visitors and Potential Customers?
Branch collects information from Website visitors (“you” or “Website Users”) located at www.branch.io ( the “Website”), which includes the dashboard provided to our Clients located at dashboard.branch.io. The types of information we may collect and our privacy practices depend on the nature of the relationship you have with us and the requirements of applicable law. Below are the legal bases and some of the ways we collect information and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
What We Collect from Clients that Use the Website
Branch collects Personal Data and non-personal data via the Website. For example, when Clients register to use our Services, we ask them to provide us with Personal Data, including first and last name and email address.
Dashboard Information: Information we collect from visitors who register for an account on our dashboard includes the following, some of which is considered Personal Data under applicable law:
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; may be used for limited security login controls |
Cookie (ours) | Standard web cookie used for dashboard session management |
Cookie (other-party) | Other-party web tracking tools used for business intelligence |
First, Last Name | Used for team user identification |
Work Email | Used as the primary login identifier |
Password | Account registration, secure our Services and prevent fraud |
Account Holder Primary Role | Account registration, tell Clients about products and services offered by Branch and Branch’s selected partners |
User Agent | Standard web browser user agent metadata; may be used for limited security login controls |
Referer | Standard web browser HTTP referer; may be used for general internal business analytics |
Request | Standard web HTTP request; may be used for general internal business analytics |
Github ID | (optional) Can be used as a login method |
Billing information | Payment account registration |
Log Data | Provide the Services, tell Clients about products and services offered by Branch and Branch’s selected partners, personalize our experience, secure our Services and prevent fraud, and defend our legal rights and comply with the law |
Account holder feedback | Help us improve your experience on the account dashboard |
When a Client creates an account and uses the Services, Branch may collect certain log data, such as IP address from which a Client is connecting to the Services, information related to the device being used to connect to the Services (e.g., browser type and version, device type, OS version) and the features and functions of the Services used by the Client (“Log Data”).
We also require Clients to set up a user ID and unique password for account security purposes. Clients must not disclose their passwords to anyone. Clients also have the option of adding other team members to their account. This account information enables us to set up an account for Clients, to provide the Services, and to otherwise manage Client accounts. We may also use this information to notify Clients about updates to our Services and provide them with promotional emails. We offer a mechanism to opt out from promotional emails as described in the “Opt-Out from Promotional Emails” section below.
Account and Billing Information: To the extent that we charge a fee for the Services, we may also collect limited billing, payment, and contract information from Clients through our payment and contract vendors.
Connection Information with Other Parties: Some features of the dashboard Services allow you to disclose your information through your accounts to other companies such as Facebook and Google. If you choose to connect Branch to such services provided by other parties, we may collect information related to your use of those services provided by other parties, such as authentication tokens that allow us to connect to your accounts with those other parties. We will ask you for permission before you authorize our collection of this information. We may also collect information about how you are using the Services to interact with those connected services.
Information from Other Sources: In addition to the information collected through our Website, we or our vendors may obtain and disclose additional information, such as job title or contact information, from other public and non-public sources such as business websites, social networking platforms, or databases maintained by other parties. We use this information to better enable Branch to identify and contact businesses that might be interested in engaging our Services, and to gain a better understanding of a potential Client’s business needs.
Communications with Branch: Some Website Users may provide Personal Data to Branch by sending us an email or filling out an online form on the Website. We use this information to answer their question(s), and may store that information for our record keeping, marketing, and advertising purposes.
Research/Survey Solicitations: From time to time, we may perform research (online and offline) via surveys. We may engage vendors to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve individuals by learning more about their needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Website, various types of communications, advertising campaigns and/or promotional activities.
Cookies, Pixels and Web Beacons: We also collect other data via the Website from Website Users, including Website Users employed by or affiliated with Clients, through cookies and/or web beacons. Such information, some of which may be considered Personal Data under applicable law, may include IP address, pages viewed, browser type, Internet browsing and usage habits, how you browse and navigate the Website, Internet Service Provider, domain name, the time/date of your visit to the Website, the referring URL, and your computer’s operating system. For example, we may collect on a real-time basis information on how you use and navigate the Website.
If you permit the use of cookies and web beacons when you visit and continue to use the Website, we will collect information through those tools. Cookies are small data files stored on your hard drive by a website and web beacons are electronic images that may be used on our Website or in our emails. Cookies help us improve your experience on the Website as well as our marketing activities. We use cookies to see which areas and features are popular and to count visits to our Website. For more information about cookies and web beacons, please visit http://www.allaboutcookies.org/. For more information about how to opt-out of cookies and web beacons after you have consented to their use, see the “Opt-out from Website Cookies/Web Beacons” section below.
How Does Branch Use the Information Collected?
Branch processes the data described in the section above for the following purposes:
- to provide, maintain, optimize, research and improve the Website;
- to fulfill your and prospective Clients’ requests for the Services;
- to send information about the Services including confirmations, invoices, payment processing, technical notices, updates, security alerts, and support and administrative messages;
- to communicate about products and services offered by Branch and Branch's selected partners. We receive opt-in consent to send promotional and marketing messages to Website Users where required by applicable law. You can opt-out of receiving these messages at any time as described below in the section titled: “Opt-out from Promotional Emails”;
- to conduct research;
- to manage your information and account, to improve and administer our Website, to contact Website Users to answer questions or resolve problems, or to verify your identity;
- to conduct research to help us to optimally deliver our existing Services or develop new products, processes and services;
- for ad delivery and reporting purposes and to create data and analytics products and services;
- to make the Website easier to use by reducing the need for Clients and Website Users to enter information;
- for other purposes disclosed to you at the time you provide data to us;
- with your consent; or
- where Branch otherwise has a legitimate interest in collecting the data, such as direct marketing, individual or market research, product improvement, anti-fraud protection, protecting the safety of us, our Website Users, or other parties, or where required by law.
Opt-Out & Do Not Track - Your Choice Mechanisms
In some cases, we rely on your consent to process Personal Data about you. In those cases, and where you have consented to Branch's processing of your Personal Data in connection with your use of the Website, you may withdraw that consent at any time by following the instructions below. Additionally, before we use Personal Data collected with your consent for any new purpose not originally authorized by you, we will provide information regarding the new purpose and ask for your consent for the new purpose. Where your consent for the processing of Personal Data is otherwise required by law or contract, we will comply with the law or contract. In other cases, we do not rely on your consent to process Personal Data about you (for example, if we have a different legal basis to process that data).
Opt Out from Promotional Emails
You can opt-out of receiving promotional emails from us by following the instructions in those emails, or by filling out this form. You can also opt-out of certain categories of emails using this form. If you opt-out using any of these tools, we may still send you non-promotional emails, such as certain updates about your account or updates to our Terms & Conditions and this Privacy Policy and/or use of the Services.
Opt Out from Website Cookies/Web Beacons
We will only use cookies consistent with your cookie settings and permissions granted on our Website. If you permit us to use cookies/web beacons as discussed above (“What Information Does Branch Collect from our Website”), but would like to opt-out:
- For dashboard users, visit https://dashboard.branch.io/account-settings/user, and toggle off “Cookie Consent”.
- For all other users, click on “Cookie Consent” at the bottom right-hand corner of our homepage (https://branch.io/), and click on the opt-out link.
Also, you can choose to set your browser to remove cookies and to reject cookies. To exercise the "Do Not Track" settings available on certain web browsers, please visit the privacy settings of your browser. Where Branch is able to see that such a selection has been made, we will not use information collected from that device to target advertising on that browser. Dashboard users must use the “Cookie Consent” feature to revoke permission to place cookies. Please note that "Do Not Track" is a different privacy mechanism than the Global Privacy Control browser choice referenced below.
Note that, even if you opt out, we may still collect and use non-personal data regarding your activities on our Website. This also does not opt you out of being served advertising altogether; you will continue to receive generic advertisements.
Vendor Tools/Analytics on the Website
The Website utilizes tracking tools from vendors, which may enable these vendors to analyze our Website traffic for analytics purposes. Some of these vendors may collect information from this Website for retargeting and interest-based advertising purposes. For more information about these forms of ad targeting and to understand your right to opt-out from these practices, please visit http://www.aboutads.info/choices/. All of these tools are hosted by the parties who provide them, and your interactions with these features are governed by the privacy policies of the parties providing them. These tools include, but are not limited to, those below.
Google. We may use Google Analytics and Google Analytics Demographics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on our Website, and to develop website content. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt-out of Google’s collection and processing of data generated by your use of the Website by going to http://tools.google.com/dlpage/gaoptout.
Mixpanel. We use a service provided by Mixpanel, Inc. (“Mixpanel”) to provide us with analytics data regarding Website Users’ interactions with our Website and Services. You may opt-out of Mixpanel’s automatic retention of data that is collected while using the Services by visiting https://mixpanel.com/optout/. To track opt-outs, Mixpanel uses a persistent opt-out cookie placed on your device. Please note that if you get a new computer, install a new browser, erase or otherwise alter the browser’s cookie file (including upgrading certain browsers), you may delete the Mixpanel opt-out cookie.
Facebook. We may use certain tools offered by Facebook, Inc. (“Facebook”) that enable it to collect or receive information about actions Website Users take on our Website through use of cookies, web beacons and other storage technologies or in order to provide measurement services, targeted ads and other services. For more information regarding the collection and use of such information by Facebook, please see the Facebook Data Policy, available at: https://www.facebook.com/policy.php.
Drift. We use certain tools offered by Drift to power our Website’s live-chat experience. If you provide information about yourself through that live-chat experience, then we may store that information for marketing purposes. Drift may also infer information about the company that you work for you based on your IP address.
Policies Applicable to Both Our Services & Our Website
When does Branch Disclose Information?
In addition to the ways described in our Terms & Conditions and this Privacy Policy, Branch may also disclose information to others under the following circumstances:
- With vendors, consultants and other parties who work for us and need access to information we collect to do that work.
- With our Clients and their agents, as described in this Policy.
- To other parties (such as advertising networks or vendors used by our Clients), as directed by our Clients.
- To comply with laws or to respond to lawful requests and legal process including to meet national security or law enforcement requirements, and in order to investigate, prevent, or take action regarding suspected, or actual, prohibited activities, including but not limited to fraud and situations involving potential threats to the physical safety of any person.
- To protect the rights and property of Branch, our agents, Clients, Users, Website Users, and others including to enforce our agreements, policies, and Terms & Conditions.
- To Branch’s subsidiaries and affiliates as necessary to help us provide, support, and maintain the Services.
- In connection with or during negotiation of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Updating Your Information and Contact Preferences
We provide Clients with a mechanism to access, review and update information via the dashboard. If you wish to review or update your information, please visit branch.io and login using the username and password you created. Next, please select “Account Settings” which can be found in the lower left corner of the dashboard screen, then select the “User” tab near the top. If you would like to delete your account, please email support@branch.io.
We Secure the Information We Collect
Securing the information provided by our Clients and collected through our Website is important to us. Branch has implemented industry-standard technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. You are responsible for maintaining the secrecy of your own passwords. If you have reason to believe that your passwords or Personal Data are no longer secure, please promptly notify us at privacy@branch.io.
Our Data Retention Policy
For our Services: Branch stores the information collected by our Services (see the “What Information Does Branch Collect from our Services?” section above) so long as our systems continue to encounter that User. After that User has been inactive for 30 days (or 90 days for specific attribution products), identifiers collected from that User will be deleted unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Usage activity logs, which are used for the purpose of reporting and analytics, are stored in an identifiable form for no more than 7 days (or up to 60 days as determined by the Client or for specific fields), after which these logs are removed or pseudonymized. Any and all pseudonymized logs are deleted after 12 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Aggregated reporting metrics disclosed to Clients are retained (in aggregate and anonymized form) for up to 24 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Branch may retain information collected by our Services beyond these periods for fraud prevention, analysis, or response, or to protect the safety of Branch, its Clients, Users or the public.
For the Website: We store Personal Data such as email address or billing details for so long as you continue to have a business relationship with Branch and for a reasonable time thereafter for record-keeping purposes. If applicable to you, you may ask us to delete that information as described in the “Data Subject Rights” section below or pursuant to your right of erasure as described in the “Data Subject Rights” section below.
Links to Other Websites
The Website and/or Services may contain links to other websites and other websites may reference or link to our Website and/or Services. These other domains and websites are not controlled by Branch, and we do not endorse or make any representations about websites or social media platforms operated by other parties. We encourage you to read the privacy policies of each and every website and application that you interact with. We do not endorse, screen, or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
International Data Transfers
All information collected via the Website and Services is stored on servers located in the United States. In the process of providing the Services, we may transfer information across borders from other countries or jurisdictions into the United States. Data protection laws in the United States may differ from your country, and the data Branch processes may be accessible to law enforcement and national security authorities under certain circumstances. By using the Services, each Client and Website User consents to the transfer and processing of information to the U.S. in accordance with this Privacy Policy. Data transfers from the European Union, United Kingdom, and Switzerland are transferred on the basis of legal mechanisms approved by the European Commission and other relevant authorities for cross-border data transfers, such as Standard Contractual Clauses or the Privacy Shield mechanism discussed in the “Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States” section below.
Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States
Branch complies with the E.U.-U.S. Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries (including European Economic Area member countries), the United Kingdom, and Switzerland transferred to the United States pursuant to Privacy Shield. Branch recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export personal data to jurisdictions outside the European Economic Area, and that the Swiss Data Protection Authority similarly held the Swiss-US Privacy Shield inadequate. Branch will continue to honor its obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
Branch no longer relies on the EU-U.S. Privacy Shield to transfer data that originated in the EEA or the United Kingdom to the U.S.
Branch is subject to the investigatory and enforcement authority of the US Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks we are obliged to inform EU, UK, and Swiss individuals whose data is being transferred into the United States that we may be required to release Personal Data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
Branch remains liable for the onward transfer of EU, UK, and Swiss personal data to other parties pursuant to the Privacy Shield unless we can prove we were not a party to the actions giving rise to the damages.
We acknowledge the right of EU, UK, and Swiss individuals to access their Personal Data pursuant to the Privacy Shield. EU, UK, and Swiss individuals wishing to exercise this right may do so by contacting privacy@branch.io.
In compliance with the Privacy Shield Principles, Branch commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Branch at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
Branch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Data Subject Rights
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to natural persons who are residents of California. Our CCPA privacy notice is available here.
Rights of Residents of the European Economic Area and United Kingdom
The European General Data Protection Regulation of 2018 (“GDPR”) and equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation (“UK Data Protection Law”) provides certain rights to residents of Europe. Information on how you can exercise rights under the GDPR and UK Data Protection Law are set forth here.
Lei Geral de Proteção de Dados
Lei Geral de Proteção de Dados (“LGPD”) provides certain rights to residents of Brazil. Information on how you can exercise rights under the LGPD are set forth here.
Our Policy Regarding Children
Services: The Branch Services are not directed to children. We require that Clients agree to not send to us data relating to any children under 13 (or, in certain jurisdictions, under 16). If you are a Client and want to learn more about Branch SDK Privacy Controls that you can use in your compliance with the U.S. Children’s Online Privacy Protection Act (COPPA), GDPR, or any other applicable law, please contact privacy@branch.io.
If you believe that we might have any information from or about a child under 13 (and in certain jurisdictions under 16) in violation of applicable law, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any information that it may have been provided inappropriately as required by law.
Website: The Branch Website is not directed to children. We do not knowingly collect through the Website Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. No one under 16 may provide any Personal Data to us. In the event that we learn that we have collected any such data from a child under 16 through our Website, we will take reasonable steps to delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any inappropriately obtained information as required by law.
Contact Us, Questions, Changes to This Privacy Policy
We may change this Privacy Policy at any time in our sole discretion. We will post all changes to this Privacy Policy on this page and will indicate at the top of the page the modified Privacy Policy’s effective date. If you have any questions or suggestions regarding this Privacy Policy, please contact us at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at info@branch.io
Compliance
This Privacy Policy shall be implemented by Branch and all its operating divisions, subsidiaries and affiliates. Branch has put in place mechanisms to verify ongoing compliance with this Privacy Policy.
Effective February 24, 2023 to April 7, 2023
DownloadTable of Contents
Privacy Policy
The Branch Guiding Privacy Principles
We are a linking and analytics platform for app and website developers. And we are proud of our commitment to providing our services in a privacy-first way. So we thought it would be helpful to lay out, in plain English, the Branch Guiding Privacy Principles that drive how we’ve chosen to design our services with privacy as a top priority. We further describe our privacy practices in the official Privacy Policy below this section, but we hope you’ll find this summary of our principles helpful.
- We limit the data we collect. We practice data minimization, which means that we take steps to avoid collecting or storing information that we don’t need to provide our services. The personal data that we collect to provide our services is limited to data like advertising identifiers, IP address, and information derived from resettable cookies (the full list is below in our privacy policy). We do not collect or store information such as names, email addresses, physical addresses, or SSNs to provide our services. Nor do we want to. In fact, our Terms & Conditions prohibit our customers from providing Branch with any kind of sensitive end-user information.
- We will only provide you with data about actual end-user activity on your apps or websites. Customers who subscribe to our linking and analytics platform can only access “earned” cookies or identifiers. This means that an end user must visit a customer’s site before our customer can see the cookie; and an end user must download a customer’s app in order for Branch to collect the end user’s advertising identifier for that customer. In short, the Branch services benefit customers who already have seen an end user across their platforms and want to understand the relationship between those web visits and app sessions.
- We do not rent or sell customer end user data. No Branch customer can access another Branch customer’s end-user data. And we are not in the business of renting or selling any customer’s end-user data to anyone else. To enable customers to control their end-user personal data, they can request deletion here of that data at any time, whether in bulk or for a specific end user. These controls are available to customers worldwide, although we designed them to comply with the CCPA and GDPR requirements.
Beyond these principles stated above, Branch will continue to find ways to design our services to respect end user privacy. We’re committed to making sure our customers understand how we use data they entrust to us and how they can control it so that they can, in turn, be transparent with their end users.
Introduction
Branch Metrics, Inc. ( "Branch", "us", "our" or "we") offers a linking and analytics platform enabling developers of applications (our "Clients")--whether those applications are websites or "apps," and across different types of devices--to improve their end users’ ("Users") cross-application experiences, and to derive additional insights into how their Users download and utilize those applications. Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.
This Privacy Policy is divided into three parts:
- Collection and Use of Information from Our Services: This section explains how Branch collects and uses information about Users in connection with our linking and analytics products and services (the "Branch Services" or the "Services").
- Collection and Use of Information from Our Website and for Marketing Purposes: This section explains how we collect and use information about our website visitors through our website located at branch.io (the “Website”), which includes the dashboard we provide to our Clients located at dashboard.branch.io. So, if you are a Client using our Branch dashboard, this section applies to the data we collect from you. It also explains how we collect information about potential Clients from vendors and other sources to enhance our marketing efforts.
- Policies Applicable to Both Our Services & Our Website: This section lays out the parts of the Branch Privacy Policy that apply to both the Services and to the Website.
Collection and Use of Information from Our Services
What Information Does Branch Collect from Our Services?
Below, we explain what information we collect on behalf of our Clients through the Services, and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
The Branch Services: Overview
Branch provides a variety of Services intended to help Clients understand the use of their digital properties by their Users across a wide array of platforms, devices and applications. Branch helps Clients by connecting User interactions across siloed applications (email, SMS, web browsers, social platforms, native applications and others), so that Clients understand the multiple steps that a User took to ultimately complete a transaction with the Client. The Client can use this information to better inform marketing and product decisions as well as to provide improved user experiences by using their knowledge of continuity.
Branch has no direct relationship with Users. Branch’s Services are provided when Branch Clients install on their platforms “Branch Mechanisms” (including links, pixels, direct platform integrations, etc.) that capture User action on behalf of the Client. Using the information collected from these Branch Mechanisms, Branch uses a variety of attribution techniques to connect User actions across different channels and platforms. Some of these attribution techniques include a direct pass-through of identifiers from platform to platform, creating and storing identifiers unique to the Branch platform to connect User actions and identifiers together, and predictive modeling algorithms using real-time and historical data parameters observed from User interactions where there are no shared identifiers available, as well as using historical connections Branch has derived over time using our technology. In some cases, these connections are made without the use of cookies. These techniques help Clients match Users with devices they use, including matching the same User across multiple devices.
The key use cases of Branch’s Services are:
- To support Clients in implementing deep linking, which uses Branch’s connection information in real time to improve the User experience.
- For example, if a User clicks on a link in an email or ad to a specific page in a Client’s app, Branch helps the User get to that page after they download the app.
- To report individualized and aggregated analytics metrics about the performance of the Client’s product and marketing initiatives to the Client directly.
- For example, Branch can tell a Client how many Users that downloaded an app or that went to a specific page in an app came from clicking on a specific link, and provide corresponding advertising or other identifiers.
- To assist the Client by presenting real time, targeted messaging to their Users depending on past behavior observed across the Client’s tracked platforms with the purpose of driving more engagement to the Client.
- For example, Branch can use Branch Mechanisms to provide a tailored message like a coupon code or special offer in your website to users who have interacted with your app and/or website in the past.
Branch requires that each Client commit to disclose to Branch only information that it has lawfully obtained (including, where necessary, by obtaining consent from Users), and that it has the right to disclose to Branch. We strongly discourage Clients from disclosing sensitive User information with us, as such information is not necessary for the provision of the Services, and we prohibit them from providing us with data relating to children under 13 (or, in certain jurisdictions, under 16).
In the charts below, we summarize the information collected automatically by the Services.
Information Collected By Branch Links and Pixels
Branch collects the following information from URLs created by the Client (i.e., Branch Links) and pixels placed on Client websites. Branch Links may be embedded into QR Codes as configured by the Client. Some of this information is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual) (“Personal Data”).
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; used for attribution and to understand general location |
Cookie | Standard web cookies, used for device identification and attribution |
Link Data | Metadata controlled by the Client, which may be used to interpret the data for reporting, or for analytics |
User Agent | Standard web browser user agent metadata; used for device identification and attribution |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Request | Standard web HTTP request |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the webpage from which such ads were displayed, and webpages on Client’s website visited by a User. Other interactions, events and actions Clients choose to measure and analyze within their website (e.g., add to cart, purchases made, clicks, engagement time etc.). |
Information Collected by Branch SDKs
SDKs are Software Development Kits that include code that allows Clients to use the Branch Services. The Branch Mobile App SDKs, Web SDKs, and Over-the-Top (OTT) SDKs collect the following information when Clients use these SDKs in their applications or websites, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
Advertising identifier (e.g., GAID, Android ID, IDFA, IDFV, RIDA) | Used for device identification and attribution |
Branch Cookie ID | Used for device identification and attribution |
IP Address | Standard web HTTP request; used for device identification, attribution, and to understand general location |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Central Processing Unit (CPU) Type | Metadata feature used for device identification and attribution |
System build version | Metadata feature used for device identification and attribution |
Internet connection type | Metadata feature used for device identification and attribution |
Application version | Metadata feature used for device identification and attribution |
Device model | Metadata feature used for device identification and attribution |
Manufacturer / Brand | Metadata feature used for device identification and attribution |
Operating system | Metadata feature used for device identification and attribution |
Operating system version | Metadata feature used for device identification and attribution |
Screen size (height, width) | Metadata feature used for device identification and attribution |
Screen resolution | Metadata feature used for device identification and attribution |
Mobile network status (Wi-Fi, etc.) | Metadata feature used for device identification and attribution |
Device locale (country and language) | Metadata feature used for device identification and attribution |
Local IP address | Metadata feature used for device identification and attribution |
Mobile platform | Metadata feature used for device identification and attribution |
Branch SDK version | Metadata feature used for device identification and attribution |
Developer ID | (optional) Client-supplied unique identifier; metadata feature Used for device identification and attribution |
Carrier ID | Metadata feature used for device identification and attribution |
Environment | Metadata feature used for device identification and attribution |
UI Mode | Metadata feature used for device identification and attribution |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the application page from which such ads were displayed, pages on Client’s application visited by a User, downloads, opt-in status for certain tracking mechanisms, and installations of applications. Other interactions, events and actions Clients choose to measure and analyze within their application (e.g., add to cart, purchases made, clicks, engagement time etc.). |
In addition to the information identified above, the Branch Desktop SDKs collect the following identifiers when Clients use these SDKs in their desktop applications, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
MAC address | Used for device identification and attribution |
Windows Advertising ID | Used for device identification and attribution |
CPU ID | Used for device identification and attribution |
Information Collected By Other Parties
As part of Branch’s Services, Branch’s Clients may direct certain of their vendors or business partners (such as an ad network or vendor) to provide certain Engagement Data to Branch on the Client’s behalf.
How Does Branch Use Information Collected by Our Services?
Data Branch collects through the Services is processed:
- to better understand how and from where Users come to download certain apps, what types of apps are popular, or to recognize browsers and devices that are likely to be operated by the same User.
- to provide, maintain, optimize, research and improve the Branch Services we provide our Clients, including to support other Branch products and services, develop new products and services, and market products or services; to support the products and services of our Clients; and as permitted or required by applicable law.
- to fulfill Clients’ and prospective Clients’ requests for the Services including processing data at the Client’s direction and transferring User data to them. Branch does not control how Clients use information Branch discloses to Clients, and Users should read Clients’ Privacy Policies to understand how they use information they receive from Branch.
- to aggregate data across various sources, including data from various Clients or other parties.
- to create reports based on aggregated information, which is information that cannot reasonably be linked back to any individual person or Client and disclose these reports to the public.
- for anti-fraud protection and analysis relating to the Services to ensure more accurate attribution measurement, general fraud prevention, or where otherwise required by law.
We may aggregate and/or de-identify the data we collect through the Services. After data has been aggregated and/or de-identified, Branch cannot use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any other parties, including business partners, Clients, and/or others.
Our Clients’ Use of Information
Our Clients may use the information collected via the Services to improve their Users’ app experiences, customize their apps to Users, and to better understand their app marketing programs and how Users discover their apps. For example, a User may want to disclose information about a hotel that she found in a travel app to a friend. When that User sends her friend a Branch link to that hotel, after clicking the link the friend is brought directly to the content relating to that hotel within the app, rather than landing on the app’s homepage and having to search for the hotel. The travel app would also gain insights and analytics as to how the content is being disclosed from its app.
We require that our Clients utilize our Services responsibly and in accordance with our Terms & Conditions. Branch is not responsible for the data practices of any of our Clients through the Services or otherwise. Each Client’s practices are subject to each Client’s individual privacy policy. Users should review the privacy policy of each Client to understand how that Client uses User information collected through the Services.
User Choices
Branch recognizes a number of consumer choice mechanisms. Due to the nature of the Services, some functionality may be degraded or no longer work as a result if you exercise certain of the opt-outs below.
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer read or set cookies (beyond the opt-out cookie itself). Cookie-based opt outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”) and adheres to its Code of Conduct. NAI provides you with the opportunity to opt out (on a browser-by-browser basis) from interest-based advertising by participating NAI members, including Branch. That opt-out is available here.
Device-Based Opt-Out: You can submit a request to opt out of the Branch Services on a particular device by submitting a request here.
Device Identifiers: To use your device’s privacy settings controls, please visit the privacy settings menu of your device to review and access the privacy controls made available on the device. Branch will only be able to collect information from the device as permitted by these settings.
Client App Opt-out Controls: Branch‘s SDK Privacy Controls allow Clients to respect granular controls regarding User data. Clients can flag in the Branch SDK that a particular User’s data should not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Engagement Builder: Branch's Engagement Builder feature may be used to help Clients conduct re-engagement and re-targeting campaigns. We require that Clients using Branch’s Engagement Builder feature for such purposes respect User opt-out preferences passed to them by Branch.
Collection and Use of Information from Our Website and for Marketing Purposes
What Information Does Branch Collect about Website Visitors and Potential Customers?
Branch collects information from Website visitors (“you” or “Website Users”) located at www.branch.io ( the “Website”), which includes the dashboard provided to our Clients located at dashboard.branch.io. The types of information we may collect and our privacy practices depend on the nature of the relationship you have with us and the requirements of applicable law. Below are the legal bases and some of the ways we collect information and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
What We Collect from Clients that Use the Website
Branch collects Personal Data and non-personal data via the Website. For example, when Clients register to use our Services, we ask them to provide us with Personal Data, including first and last name and email address.
Dashboard Information: Information we collect from visitors who register for an account on our dashboard includes the following, some of which is considered Personal Data under applicable law:
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; may be used for limited security login controls |
Cookie (ours) | Standard web cookie used for dashboard session management |
Cookie (other-party) | Other-party web tracking tools used for business intelligence |
First, Last Name | Used for team user identification |
Work Email | Used as the primary login identifier |
Password | Account registration, secure our Services and prevent fraud |
Account Holder Primary Role | Account registration, tell Clients about products and services offered by Branch and Branch’s selected partners |
User Agent | Standard web browser user agent metadata; may be used for limited security login controls |
Referer | Standard web browser HTTP referer; may be used for general internal business analytics |
Request | Standard web HTTP request; may be used for general internal business analytics |
Github ID | (optional) Can be used as a login method |
Billing information | Payment account registration |
Log Data | Provide the Services, tell Clients about products and services offered by Branch and Branch’s selected partners, personalize our experience, secure our Services and prevent fraud, and defend our legal rights and comply with the law |
Account holder feedback | Help us improve your experience on the account dashboard |
When a Client creates an account and uses the Services, Branch may collect certain log data, such as IP address from which a Client is connecting to the Services, information related to the device being used to connect to the Services (e.g., browser type and version, device type, OS version) and the features and functions of the Services used by the Client (“Log Data”).
We also require Clients to set up a user ID and unique password for account security purposes. Clients must not disclose their passwords to anyone. Clients also have the option of adding other team members to their account. This account information enables us to set up an account for Clients, to provide the Services, and to otherwise manage Client accounts. We may also use this information to notify Clients about updates to our Services and provide them with promotional emails. We offer a mechanism to opt out from promotional emails as described in the “Opt-Out from Promotional Emails” section below.
Account and Billing Information: To the extent that we charge a fee for the Services, we may also collect limited billing, payment, and contract information from Clients through our payment and contract vendors.
Connection Information with Other Parties: Some features of the dashboard Services allow you to disclose your information through your accounts to other companies such as Facebook and Google. If you choose to connect Branch to such services provided by other parties, we may collect information related to your use of those services provided by other parties, such as authentication tokens that allow us to connect to your accounts with those other parties. We will ask you for permission before you authorize our collection of this information. We may also collect information about how you are using the Services to interact with those connected services.
Information from Other Sources: In addition to the information collected through our Website, we or our vendors may obtain and disclose additional information, such as job title or contact information, from other public and non-public sources such as business websites, social networking platforms, or databases maintained by other parties. We use this information to better enable Branch to identify and contact businesses that might be interested in engaging our Services, and to gain a better understanding of a potential Client’s business needs.
Communications with Branch: Some Website Users may provide Personal Data to Branch by sending us an email or filling out an online form on the Website. We use this information to answer their question(s), and may store that information for our record keeping, marketing, and advertising purposes.
Research/Survey Solicitations: From time to time, we may perform research (online and offline) via surveys. We may engage vendors to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve individuals by learning more about their needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Website, various types of communications, advertising campaigns and/or promotional activities.
Cookies, Pixels and Web Beacons: We also collect other data via the Website from Website Users, including Website Users employed by or affiliated with Clients, through cookies and/or web beacons. Such information, some of which may be considered Personal Data under applicable law, may include IP address, pages viewed, browser type, Internet browsing and usage habits, how you browse and navigate the Website, Internet Service Provider, domain name, the time/date of your visit to the Website, the referring URL, and your computer’s operating system. For example, we may collect on a real-time basis information on how you use and navigate the Website.
If you permit the use of cookies and web beacons when you visit and continue to use the Website, we will collect information through those tools. Cookies are small data files stored on your hard drive by a website and web beacons are electronic images that may be used on our Website or in our emails. Cookies help us improve your experience on the Website as well as our marketing activities. We use cookies to see which areas and features are popular and to count visits to our Website. For more information about cookies and web beacons, please visit http://www.allaboutcookies.org/. For more information about how to opt-out of cookies and web beacons after you have consented to their use, see the “Opt-out from Website Cookies/Web Beacons” section below.
How Does Branch Use the Information Collected?
Branch processes the data described in the section above for the following purposes:
- to provide, maintain, optimize, research and improve the Website;
- to fulfill your and prospective Clients’ requests for the Services;
- to send information about the Services including confirmations, invoices, payment processing, technical notices, updates, security alerts, and support and administrative messages;
- to communicate about products and services offered by Branch and Branch's selected partners. We receive opt-in consent to send promotional and marketing messages to Website Users where required by applicable law. You can opt-out of receiving these messages at any time as described below in the section titled: “Opt-out from Promotional Emails”;
- to conduct research;
- to manage your information and account, to improve and administer our Website, to contact Website Users to answer questions or resolve problems, or to verify your identity;
- to conduct research to help us to optimally deliver our existing Services or develop new products, processes and services;
- for ad delivery and reporting purposes and to create data and analytics products and services;
- to make the Website easier to use by reducing the need for Clients and Website Users to enter information;
- for other purposes disclosed to you at the time you provide data to us;
- with your consent; or
- where Branch otherwise has a legitimate interest in collecting the data, such as direct marketing, individual or market research, product improvement, anti-fraud protection, protecting the safety of us, our Website Users, or other parties, or where required by law.
Opt-Out & Do Not Track - Your Choice Mechanisms
In some cases, we rely on your consent to process Personal Data about you. In those cases, and where you have consented to Branch's processing of your Personal Data in connection with your use of the Website, you may withdraw that consent at any time by following the instructions below. Additionally, before we use Personal Data collected with your consent for any new purpose not originally authorized by you, we will provide information regarding the new purpose and ask for your consent for the new purpose. Where your consent for the processing of Personal Data is otherwise required by law or contract, we will comply with the law or contract. In other cases, we do not rely on your consent to process Personal Data about you (for example, if we have a different legal basis to process that data).
Opt Out from Promotional Emails
You can opt-out of receiving promotional emails from us by following the instructions in those emails, or by filling out this form. You can also opt-out of certain categories of emails using this form. If you opt-out using any of these tools, we may still send you non-promotional emails, such as certain updates about your account or updates to our Terms & Conditions and this Privacy Policy and/or use of the Services.
Opt Out from Website Cookies/Web Beacons
We will only use cookies consistent with your cookie settings and permissions granted on our Website. If you permit us to use cookies/web beacons as discussed above (“What Information Does Branch Collect from our Website”), but would like to opt-out:
- For dashboard users, visit https://dashboard.branch.io/account-settings/user, and toggle off “Cookie Consent”.
- For all other users, click on “Cookie Consent” at the bottom right-hand corner of our homepage (https://branch.io/), and click on the opt-out link.
Also, you can choose to set your browser to remove cookies and to reject cookies. To exercise the "Do Not Track" settings available on certain web browsers, please visit the privacy settings of your browser. Where Branch is able to see that such a selection has been made, we will not use information collected from that device to target advertising on that browser. Dashboard users must use the “Cookie Consent” feature to revoke permission to place cookies. Please note that "Do Not Track" is a different privacy mechanism than the Global Privacy Control browser choice referenced below.
Note that, even if you opt out, we may still collect and use non-personal data regarding your activities on our Website. This also does not opt you out of being served advertising altogether; you will continue to receive generic advertisements.
Vendor Tools/Analytics on the Website
The Website utilizes tracking tools from vendors, which may enable these vendors to analyze our Website traffic for analytics purposes. Some of these vendors may collect information from this Website for retargeting and interest-based advertising purposes. For more information about these forms of ad targeting and to understand your right to opt-out from these practices, please visit http://www.aboutads.info/choices/. All of these tools are hosted by the parties who provide them, and your interactions with these features are governed by the privacy policies of the parties providing them. These tools include, but are not limited to, those below.
Google. We may use Google Analytics and Google Analytics Demographics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on our Website, and to develop website content. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt-out of Google’s collection and processing of data generated by your use of the Website by going to http://tools.google.com/dlpage/gaoptout.
Mixpanel. We use a service provided by Mixpanel, Inc. (“Mixpanel”) to provide us with analytics data regarding Website Users’ interactions with our Website and Services. You may opt-out of Mixpanel’s automatic retention of data that is collected while using the Services by visiting https://mixpanel.com/optout/. To track opt-outs, Mixpanel uses a persistent opt-out cookie placed on your device. Please note that if you get a new computer, install a new browser, erase or otherwise alter the browser’s cookie file (including upgrading certain browsers), you may delete the Mixpanel opt-out cookie.
Facebook. We may use certain tools offered by Facebook, Inc. (“Facebook”) that enable it to collect or receive information about actions Website Users take on our Website through use of cookies, web beacons and other storage technologies or in order to provide measurement services, targeted ads and other services. For more information regarding the collection and use of such information by Facebook, please see the Facebook Data Policy, available at: https://www.facebook.com/policy.php.
Drift. We use certain tools offered by Drift to power our Website’s live-chat experience. If you provide information about yourself through that live-chat experience, then we may store that information for marketing purposes. Drift may also infer information about the company that you work for you based on your IP address.
Policies Applicable to Both Our Services & Our Website
When does Branch Disclose Information?
In addition to the ways described in our Terms & Conditions and this Privacy Policy, Branch may also disclose information to others under the following circumstances:
- With vendors, consultants and other parties who work for us and need access to information we collect to do that work.
- With our Clients and their agents, as described in this Policy.
- To other parties (such as advertising networks or vendors used by our Clients), as directed by our Clients.
- To comply with laws or to respond to lawful requests and legal process including to meet national security or law enforcement requirements, and in order to investigate, prevent, or take action regarding suspected, or actual, prohibited activities, including but not limited to fraud and situations involving potential threats to the physical safety of any person.
- To protect the rights and property of Branch, our agents, Clients, Users, Website Users, and others including to enforce our agreements, policies, and Terms & Conditions.
- To Branch’s subsidiaries and affiliates as necessary to help us provide, support, and maintain the Services.
- In connection with or during negotiation of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Updating Your Information and Contact Preferences
We provide Clients with a mechanism to access, review and update information via the dashboard. If you wish to review or update your information, please visit branch.io and login using the username and password you created. Next, please select “Account Settings” which can be found in the lower left corner of the dashboard screen, then select the “User” tab near the top. If you would like to delete your account, please email support@branch.io.
We Secure the Information We Collect
Securing the information provided by our Clients and collected through our Website is important to us. Branch has implemented industry-standard technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. You are responsible for maintaining the secrecy of your own passwords. If you have reason to believe that your passwords or Personal Data are no longer secure, please promptly notify us at privacy@branch.io.
Our Data Retention Policy
For our Services: Branch stores the information collected by our Services (see the “What Information Does Branch Collect from our Services?” section above) so long as our systems continue to encounter that User. After that User has been inactive for 30 days (or 90 days for specific attribution products), identifiers collected from that User will be deleted unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Usage activity logs, which are used for the purpose of reporting and analytics, are stored in an identifiable form for no more than 7 days (or up to 60 days as determined by the Client or for specific fields), after which these logs are removed or pseudonymized. Any and all pseudonymized logs are deleted after 12 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Aggregated reporting metrics disclosed to Clients are retained (in aggregate and anonymized form) for up to 24 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Branch may retain information collected by our Services beyond these periods for fraud prevention, analysis, or response, or to protect the safety of Branch, its Clients, Users or the public.
For the Website: We store Personal Data such as email address or billing details for so long as you continue to have a business relationship with Branch and for a reasonable time thereafter for record-keeping purposes. If applicable to you, you may ask us to delete that information as described in the “Data Subject Rights” section below or pursuant to your right of erasure as described in the “Data Subject Rights” section below.
Links to Other Websites
The Website and/or Services may contain links to other websites and other websites may reference or link to our Website and/or Services. These other domains and websites are not controlled by Branch, and we do not endorse or make any representations about websites or social media platforms operated by other parties. We encourage you to read the privacy policies of each and every website and application that you interact with. We do not endorse, screen, or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
International Data Transfers
All information collected via the Website and Services is stored on servers located in the United States. In the process of providing the Services, we may transfer information across borders from other countries or jurisdictions into the United States. Data protection laws in the United States may differ from your country, and the data Branch processes may be accessible to law enforcement and national security authorities under certain circumstances. By using the Services, each Client and Website User consents to the transfer and processing of information to the U.S. in accordance with this Privacy Policy. Data transfers from the European Union, United Kingdom, and Switzerland are transferred on the basis of legal mechanisms approved by the European Commission and other relevant authorities for cross-border data transfers, such as Standard Contractual Clauses or the Privacy Shield mechanism discussed in the “Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States” section below.
Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States
Branch complies with the E.U.-U.S. Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries (including European Economic Area member countries), the United Kingdom, and Switzerland transferred to the United States pursuant to Privacy Shield. Branch recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export personal data to jurisdictions outside the European Economic Area, and that the Swiss Data Protection Authority similarly held the Swiss-US Privacy Shield inadequate. Branch will continue to honor its obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
Branch no longer relies on the EU-U.S. Privacy Shield to transfer data that originated in the EEA or the United Kingdom to the U.S.
Branch is subject to the investigatory and enforcement authority of the US Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks we are obliged to inform EU, UK, and Swiss individuals whose data is being transferred into the United States that we may be required to release Personal Data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
Branch remains liable for the onward transfer of EU, UK, and Swiss personal data to other parties pursuant to the Privacy Shield unless we can prove we were not a party to the actions giving rise to the damages.
We acknowledge the right of EU, UK, and Swiss individuals to access their Personal Data pursuant to the Privacy Shield. EU, UK, and Swiss individuals wishing to exercise this right may do so by contacting privacy@branch.io.
In compliance with the Privacy Shield Principles, Branch commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Branch at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
Branch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Data Subject Rights
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to natural persons who are residents of California. Our CCPA privacy notice is available here.
Rights of Residents of the European Economic Area and United Kingdom
The European General Data Protection Regulation of 2018 (“GDPR”) and equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation (“UK Data Protection Law”) provides certain rights to residents of Europe. Information on how you can exercise rights under the GDPR and UK Data Protection Law are set forth here.
Lei Geral de Proteção de Dados
Lei Geral de Proteção de Dados (“LGPD”) provides certain rights to residents of Brazil. Information on how you can exercise rights under the LGPD are set forth here.
Our Policy Regarding Children
Services: The Branch Services are not directed to children. We require that Clients agree to not send to us data relating to any children under 13 (or, in certain jurisdictions, under 16). If you are a Client and want to learn more about Branch SDK Privacy Controls that you can use in your compliance with the U.S. Children’s Online Privacy Protection Act (COPPA), GDPR, or any other applicable law, please contact privacy@branch.io.
If you believe that we might have any information from or about a child under 13 (and in certain jurisdictions under 16) in violation of applicable law, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any information that it may have been provided inappropriately as required by law.
Website: The Branch Website is not directed to children. We do not knowingly collect through the Website Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. No one under 16 may provide any Personal Data to us. In the event that we learn that we have collected any such data from a child under 16 through our Website, we will take reasonable steps to delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any inappropriately obtained information as required by law.
Contact Us, Questions, Changes to This Privacy Policy
We may change this Privacy Policy at any time in our sole discretion. We will post all changes to this Privacy Policy on this page and will indicate at the top of the page the modified Privacy Policy’s effective date. If you have any questions or suggestions regarding this Privacy Policy, please contact us at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at info@branch.io
Compliance
This Privacy Policy shall be implemented by Branch and all its operating divisions, subsidiaries and affiliates. Branch has put in place mechanisms to verify ongoing compliance with this Privacy Policy.
Effective January 1, 2023 to February 24, 2023
DownloadTable of Contents
Privacy Policy
The Branch Guiding Privacy Principles
We are a linking and analytics platform for app and website developers. And we are proud of our commitment to providing our services in a privacy-first way. So we thought it would be helpful to lay out, in plain English, the Branch Guiding Privacy Principles that drive how we’ve chosen to design our services with privacy as a top priority. We further describe our privacy practices in the official Privacy Policy below this section, but we hope you’ll find this summary of our principles helpful.
- We limit the data we collect. We practice data minimization, which means that we take steps to avoid collecting or storing information that we don’t need to provide our services. The personal data that we collect to provide our services is limited to data like advertising identifiers, IP address, and information derived from resettable cookies (the full list is below in our privacy policy). We do not collect or store information such as names, email addresses, physical addresses, or SSNs to provide our services. Nor do we want to. In fact, our Terms & Conditions prohibit our customers from providing Branch with any kind of sensitive end-user information.
- We will only provide you with data about actual end-user activity on your apps or websites. Customers who subscribe to our linking and analytics platform can only access “earned” cookies or identifiers. This means that an end user must visit a customer’s site before our customer can see the cookie; and an end user must download a customer’s app in order for Branch to collect the end user’s advertising identifier for that customer. In short, the Branch services benefit customers who already have seen an end user across their platforms and want to understand the relationship between those web visits and app sessions.
- We do not rent or sell customer end user data. No Branch customer can access another Branch customer’s end-user data. And we are not in the business of renting or selling any customer’s end-user data to anyone else. To enable customers to control their end-user personal data, they can request deletion here of that data at any time, whether in bulk or for a specific end user. These controls are available to customers worldwide, although we designed them to comply with the CCPA and GDPR requirements.
Beyond these principles stated above, Branch will continue to find ways to design our services to respect end user privacy. We’re committed to making sure our customers understand how we use data they entrust to us and how they can control it so that they can, in turn, be transparent with their end users.
Introduction
Branch Metrics, Inc. ( "Branch", "us", "our" or "we") offers a linking and analytics platform enabling developers of applications (our "Clients")--whether those applications are websites or "apps," and across different types of devices--to improve their end users’ ("Users") cross-application experiences, and to derive additional insights into how their Users download and utilize those applications. Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.
This Privacy Policy is divided into three parts:
- Collection and Use of Information from Our Services: This section explains how Branch collects and uses information about Users in connection with our linking and analytics products and services (the "Branch Services" or the "Services").
- Collection and Use of Information from Our Website and for Marketing Purposes: This section explains how we collect and use information about our website visitors through our website located at branch.io (the “Website”), which includes the dashboard we provide to our Clients located at dashboard.branch.io. So, if you are a Client using our Branch dashboard, this section applies to the data we collect from you. It also explains how we collect information about potential Clients from vendors and other sources to enhance our marketing efforts.
- Policies Applicable to Both Our Services & Our Website: This section lays out the parts of the Branch Privacy Policy that apply to both the Services and to the Website.
Collection and Use of Information from Our Services
What Information Does Branch Collect from Our Services?
Below, we explain what information we collect on behalf of our Clients through the Services, and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
The Branch Services: Overview
Branch provides a variety of Services intended to help Clients understand the use of their digital properties by their Users across a wide array of platforms, devices and applications. Branch helps Clients by connecting User interactions across siloed applications (email, SMS, web browsers, social platforms, native applications and others), so that Clients understand the multiple steps that a User took to ultimately complete a transaction with the Client. The Client can use this information to better inform marketing and product decisions as well as to provide improved user experiences by using their knowledge of continuity.
Branch has no direct relationship with Users. Branch’s Services are provided when Branch Clients install on their platforms “Branch Mechanisms” (including links, pixels, direct platform integrations, etc.) that capture User action on behalf of the Client. Using the information collected from these Branch Mechanisms, Branch uses a variety of attribution techniques to connect User actions across different channels and platforms. Some of these attribution techniques include a direct pass-through of identifiers from platform to platform, creating and storing identifiers unique to the Branch platform to connect User actions and identifiers together, and predictive modeling algorithms using real-time and historical data parameters observed from User interactions where there are no shared identifiers available, as well as using historical connections Branch has derived over time using our technology. In some cases, these connections are made without the use of cookies. These techniques help Clients match Users with devices they use, including matching the same User across multiple devices.
The key use cases of Branch’s Services are:
- To support Clients in implementing deep linking, which uses Branch’s connection information in real time to improve the User experience.
- For example, if a User clicks on a link in an email or ad to a specific page in a Client’s app, Branch helps the User get to that page after they download the app.
- To report individualized and aggregated analytics metrics about the performance of the Client’s product and marketing initiatives to the Client directly.
- For example, Branch can tell a Client how many Users that downloaded an app or that went to a specific page in an app came from clicking on a specific link, and provide corresponding advertising or other identifiers.
- To assist the Client by presenting real time, targeted messaging to their Users depending on past behavior observed across the Client’s tracked platforms with the purpose of driving more engagement to the Client.
- For example, Branch can use Branch Mechanisms to provide a tailored message like a coupon code or special offer in your website to users who have interacted with your app and/or website in the past.
Branch requires that each Client commit to disclose to Branch only information that it has lawfully obtained (including, where necessary, by obtaining consent from Users), and that it has the right to disclose to Branch. We strongly discourage Clients from disclosing sensitive User information with us, as such information is not necessary for the provision of the Services, and we prohibit them from providing us with data relating to children under 13 (or, in certain jurisdictions, under 16).
In the charts below, we summarize the information collected automatically by the Services.
Information Collected By Branch Links and Pixels
Branch collects the following information from URLs created by the Client (i.e., Branch Links) and pixels placed on Client websites. Branch Links may be embedded into QR Codes as configured by the Client. Some of this information is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual) (“Personal Data”).
| Type of Information Collected | Purpose |
|---|---|
| IP Address | Standard web HTTP request; used for attribution and to understand general location |
| Cookie | Standard web cookies, used for device identification and attribution |
| Link Data | Metadata controlled by the Client, which may be used to interpret the data for reporting, or for analytics |
| User Agent | Standard web browser user agent metadata; used for device identification and attribution |
| Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
| Request | Standard web HTTP request |
| Phone Number | (Optional) used only to facilitate the “Text me the app” feature if used |
| Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the webpage from which such ads were displayed, and webpages on Client’s website visited by a User. Other interactions, events and actions Clients choose to measure and analyze within their website (e.g., add to cart, purchases made, clicks, engagement time etc.). |
Information Collected by Branch SDKs
SDKs are Software Development Kits that include code that allows Clients to use the Branch Services. The Branch Mobile App SDKs, Web SDKs, and Over-the-Top (OTT) SDKs collect the following information when Clients use these SDKs in their applications or websites, some of which may be considered Personal Data under applicable law:
| Type of Information Collected | Purpose |
|---|---|
| Advertising identifier (e.g., GAID, Android ID, IDFA, IDFV, RIDA) | Used for device identification and attribution |
| Branch Cookie ID | Used for device identification and attribution |
| IP Address | Standard web HTTP request; used for device identification, attribution, and to understand general location |
| Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
| Central Processing Unit (CPU) Type | Metadata feature used for device identification and attribution |
| System build version | Metadata feature used for device identification and attribution |
| Internet connection type | Metadata feature used for device identification and attribution |
| Application version | Metadata feature used for device identification and attribution |
| Device model | Metadata feature used for device identification and attribution |
| Manufacturer | Metadata feature used for device identification and attribution |
| Operating system | Metadata feature used for device identification and attribution |
| Operating system version | Metadata feature used for device identification and attribution |
| Screen size (height, width) | Metadata feature used for device identification and attribution |
| Screen resolution | Metadata feature used for device identification and attribution |
| Mobile network status (Wi-Fi, etc.) | Metadata feature used for device identification and attribution |
| Device locale (country and language) | Metadata feature used for device identification and attribution |
| Local IP address | Metadata feature used for device identification and attribution |
| Mobile platform | Metadata feature used for device identification and attribution |
| Branch SDK version | Metadata feature used for device identification and attribution |
| Developer ID | (optional) Client-supplied unique identifier; metadata feature Used for device identification and attribution |
| Carrier ID | Metadata feature used for device identification and attribution |
| Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the application page from which such ads were displayed, pages on Client’s application visited by a User, downloads, opt-in status for certain tracking mechanisms, and installations of applications. Other interactions, events and actions Clients choose to measure and analyze within their application (e.g., add to cart, purchases made, clicks, engagement time etc.). |
In addition to the information identified above, the Branch Desktop SDKs collect the following identifiers when Clients use these SDKs in their desktop applications, some of which may be considered Personal Data under applicable law:
| Type of Information Collected | Purpose |
|---|---|
| MAC address | Used for device identification and attribution |
| Windows Advertising ID | Used for device identification and attribution |
| CPU ID | Used for device identification and attribution |
Information Collected By Other Parties
As part of Branch’s Services, Branch’s Clients may direct certain of their vendors or business partners (such as an ad network or vendor) to provide certain Engagement Data to Branch on the Client’s behalf.
How Does Branch Use Information Collected by Our Services?
Data Branch collects through the Services is processed:
- to better understand how and from where Users come to download certain apps, what types of apps are popular, or to recognize browsers and devices that are likely to be operated by the same User.
- to provide, maintain, optimize, research and improve the Branch Services we provide our Clients, including to support other Branch products and services, develop new products and services, and market products or services; to support the products and services of our Clients; and as permitted or required by applicable law.
- to fulfill Clients’ and prospective Clients’ requests for the Services including processing data at the Client’s direction and transferring User data to them. Branch does not control how Clients use information Branch discloses to Clients, and Users should read Clients’ Privacy Policies to understand how they use information they receive from Branch.
- to aggregate data across various sources, including data from various Clients or other parties.
- to create reports based on aggregated information, which is information that cannot reasonably be linked back to any individual person or Client and disclose these reports to the public.
- for anti-fraud protection and analysis relating to the Services to ensure more accurate attribution measurement, general fraud prevention, or where otherwise required by law.
We may aggregate and/or de-identify the data we collect through the Services. After data has been aggregated and/or de-identified, Branch cannot use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any other parties, including business partners, Clients, and/or others.
Our Clients’ Use of Information
Our Clients may use the information collected via the Services to improve their Users’ app experiences, customize their apps to Users, and to better understand their app marketing programs and how Users discover their apps. For example, a User may want to disclose information about a hotel that she found in a travel app to a friend. When that User sends her friend a Branch link to that hotel, after clicking the link the friend is brought directly to the content relating to that hotel within the app, rather than landing on the app’s homepage and having to search for the hotel. The travel app would also gain insights and analytics as to how the content is being disclosed from its app.
We require that our Clients utilize our Services responsibly and in accordance with our Terms & Conditions. Branch is not responsible for the data practices of any of our Clients through the Services or otherwise. Each Client’s practices are subject to each Client’s individual privacy policy. Users should review the privacy policy of each Client to understand how that Client uses User information collected through the Services.
User Choices
Branch recognizes a number of consumer choice mechanisms. Due to the nature of the Services, some functionality may be degraded or no longer work as a result if you exercise certain of the opt-outs below.
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer read or set cookies (beyond the opt-out cookie itself). Cookie-based opt outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”) and adheres to its Code of Conduct. NAI provides you with the opportunity to opt out (on a browser-by-browser basis) from interest-based advertising by participating NAI members, including Branch. That opt-out is available here.
Device-Based Opt-Out: You can submit a request to opt out of the Branch Services on a particular device by submitting a request here.
Device Identifiers: To use your device’s privacy settings controls, please visit the privacy settings menu of your device to review and access the privacy controls made available on the device. Branch will only be able to collect information from the device as permitted by these settings.
Client App Opt-out Controls: Branch‘s SDK Privacy Controls allow Clients to respect granular controls regarding User data. Clients can flag in the Branch SDK that a particular User’s data should not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Engagement Builder: Branch's Engagement Builder feature may be used to help Clients conduct re-engagement and re-targeting campaigns. We require that Clients using Branch’s Engagement Builder feature for such purposes respect User opt-out preferences passed to them by Branch.
Collection and Use of Information from Our Website and for Marketing Purposes
What Information Does Branch Collect about Website Visitors and Potential Customers?
Branch collects information from Website visitors (“you” or “Website Users”) located at www.branch.io ( the “Website”), which includes the dashboard provided to our Clients located at dashboard.branch.io. The types of information we may collect and our privacy practices depend on the nature of the relationship you have with us and the requirements of applicable law. Below are the legal bases and some of the ways we collect information and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
What We Collect from Clients that Use the Website
Branch collects Personal Data and non-personal data via the Website. For example, when Clients register to use our Services, we ask them to provide us with Personal Data, including first and last name and email address.
Dashboard Information: Information we collect from visitors who register for an account on our dashboard includes the following, some of which is considered Personal Data under applicable law:
| Type of Information Collected | Purpose |
|---|---|
| IP Address | Standard web HTTP request; may be used for limited security login controls |
| Cookie (ours) | Standard web cookie used for dashboard session management |
| Cookie (third-party) | Third-party web tracking tools used for business intelligence |
| First, Last Name | Used for team user identification |
| Work Email | Used as the primary login identifier |
| Password | Account registration, secure our Services and prevent fraud |
| Account Holder Primary Role | Account registration, tell Clients about products and services offered by Branch and Branch’s selected partners |
| User Agent | Standard web browser user agent metadata; may be used for limited security login controls |
| Referer | Standard web browser HTTP referer; may be used for general internal business analytics |
| Request | Standard web HTTP request; may be used for general internal business analytics |
| Github ID | (optional) Can be used as a login method |
| Billing information | Payment account registration |
| Log Data | Provide the Services, tell Clients about products and services offered by Branch and Branch’s selected partners, personalize our experience, secure our Services and prevent fraud, and defend our legal rights and comply with the law |
| Account holder feedback | Help us improve your experience on the account dashboard |
When a Client creates an account and uses the Services, Branch may collect certain log data, such as IP address from which a Client is connecting to the Services, information related to the device being used to connect to the Services (e.g., browser type and version, device type, OS version) and the features and functions of the Services used by the Client (“Log Data”).
We also require Clients to set up a user ID and unique password for account security purposes. Clients must not disclose their passwords to anyone. Clients also have the option of adding other team members to their account. This account information enables us to set up an account for Clients, to provide the Services, and to otherwise manage Client accounts. We may also use this information to notify Clients about updates to our Services and provide them with promotional emails. We offer a mechanism to opt out from promotional emails as described in the “Opt-Out from Promotional Emails” section below.
Account and Billing Information: To the extent that we charge a fee for the Services, we may also collect limited billing, payment, and contract information from Clients through our payment and contract vendors.
Connection Information with Other Parties: Some features of the dashboard Services allow you to disclose your information through your accounts to other companies such as Facebook and Google. If you choose to connect Branch to such services provided by other parties, we may collect information related to your use of those services provided by other parties, such as authentication tokens that allow us to connect to your accounts with those other parties. We will ask you for permission before you authorize our collection of this information. We may also collect information about how you are using the Services to interact with those connected services.
Information from Other Sources: In addition to the information collected through our Website, we or our vendors may obtain and disclose additional information, such as job title or contact information, from other public and non-public sources such as business websites, social networking platforms, or databases maintained by other parties. We use this information to better enable Branch to identify and contact businesses that might be interested in engaging our Services, and to gain a better understanding of a potential Client’s business needs.
Communications with Branch: Some Website Users may provide Personal Data to Branch by sending us an email or filling out an online form on the Website. We use this information to answer their question(s), and may store that information for our record keeping, marketing, and advertising purposes.
Research/Survey Solicitations: From time to time, we may perform research (online and offline) via surveys. We may engage vendors to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve individuals by learning more about their needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Website, various types of communications, advertising campaigns and/or promotional activities.
Cookies, Pixels and Web Beacons: We also collect other data via the Website from Website Users, including Website Users employed by or affiliated with Clients, through cookies and/or web beacons. Such information, some of which may be considered Personal Data under applicable law, may include IP address, pages viewed, browser type, Internet browsing and usage habits, how you browse and navigate the Website, Internet Service Provider, domain name, the time/date of your visit to the Website, the referring URL, and your computer’s operating system. For example, we may collect on a real-time basis information on how you use and navigate the Website.
If you permit the use of cookies and web beacons when you visit and continue to use the Website, we will collect information through those tools. Cookies are small data files stored on your hard drive by a website and web beacons are electronic images that may be used on our Website or in our emails. Cookies help us improve your experience on the Website as well as our marketing activities. We use cookies to see which areas and features are popular and to count visits to our Website. For more information about cookies and web beacons, please visit http://www.allaboutcookies.org/. For more information about how to opt-out of cookies and web beacons after you have consented to their use, see the “Opt-out from Website Cookies/Web Beacons” section below.
How Does Branch Use the Information Collected?
Branch processes the data described in the section above for the following purposes:
- to provide, maintain, optimize, research and improve the Website;
- to fulfill your and prospective Clients’ requests for the Services;
- to send information about the Services including confirmations, invoices, payment processing, technical notices, updates, security alerts, and support and administrative messages;
- to communicate about products and services offered by Branch and Branch's selected partners. We receive opt-in consent to send promotional and marketing messages to Website Users where required by applicable law. You can opt-out of receiving these messages at any time as described below in the section titled: “Opt-out from Promotional Emails”;
- to conduct research;
- to manage your information and account, to improve and administer our Website, to contact Website Users to answer questions or resolve problems, or to verify your identity;
- to conduct research to help us to optimally deliver our existing Services or develop new products, processes and services;
- for ad delivery and reporting purposes and to create data and analytics products and services;
- to make the Website easier to use by reducing the need for Clients and Website Users to enter information;
- for other purposes disclosed to you at the time you provide data to us;
- with your consent; or
- where Branch otherwise has a legitimate interest in collecting the data, such as direct marketing, individual or market research, product improvement, anti-fraud protection, protecting the safety of us, our Website Users, or other parties, or where required by law.
Opt-Out & Do Not Track - Your Choice Mechanisms
In some cases, we rely on your consent to process Personal Data about you. In those cases, and where you have consented to Branch's processing of your Personal Data in connection with your use of the Website, you may withdraw that consent at any time by following the instructions below. Additionally, before we use Personal Data collected with your consent for any new purpose not originally authorized by you, we will provide information regarding the new purpose and ask for your consent for the new purpose. Where your consent for the processing of Personal Data is otherwise required by law or contract, we will comply with the law or contract. In other cases, we do not rely on your consent to process Personal Data about you (for example, if we have a different legal basis to process that data).
Opt Out from Promotional Emails
You can opt-out of receiving promotional emails from us by following the instructions in those emails, or by filling out this form. You can also opt-out of certain categories of emails using this form. If you opt-out using any of these tools, we may still send you non-promotional emails, such as certain updates about your account or updates to our Terms & Conditions and this Privacy Policy and/or use of the Services.
Opt Out from Website Cookies/Web Beacons
We will only use cookies consistent with your cookie settings and permissions granted on our Website. If you permit us to use cookies/web beacons as discussed above (“What Information Does Branch Collect from our Website”), but would like to opt-out:
- For dashboard users, visit https://dashboard.branch.io/account-settings/user, and toggle off “Cookie Consent”.
- For all other users, click on “Cookie Consent” at the bottom right-hand corner of our homepage (https://branch.io/), and click on the opt-out link.
Also, you can choose to set your browser to remove cookies and to reject cookies. To exercise the "Do Not Track" settings available on certain web browsers, please visit the privacy settings of your browser. Where Branch is able to see that such a selection has been made, we will not use information collected from that device to target advertising on that browser. Dashboard users must use the “Cookie Consent” feature to revoke permission to place cookies. Please note that "Do Not Track" is a different privacy mechanism than the Global Privacy Control browser choice referenced below.
Note that, even if you opt out, we may still collect and use non-personal data regarding your activities on our Website. This also does not opt you out of being served advertising altogether; you will continue to receive generic advertisements.
Vendor Tools/Analytics on the Website
The Website utilizes tracking tools from vendors, which may enable these vendors to analyze our Website traffic for analytics purposes. Some of these vendors may collect information from this Website for retargeting and interest-based advertising purposes. For more information about these forms of ad targeting and to understand your right to opt-out from these practices, please visit http://www.aboutads.info/choices/. All of these tools are hosted by the parties who provide them, and your interactions with these features are governed by the privacy policies of the parties providing them. These tools include, but are not limited to, those below.
Google. We may use Google Analytics and Google Analytics Demographics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on our Website, and to develop website content. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt-out of Google’s collection and processing of data generated by your use of the Website by going to http://tools.google.com/dlpage/gaoptout.
Mixpanel . We use a service provided by Mixpanel, Inc. (“Mixpanel”) to provide us with analytics data regarding Website Users’ interactions with our Website and Services. You may opt-out of Mixpanel’s automatic retention of data that is collected while using the Services by visiting https://mixpanel.com/optout/. To track opt-outs, Mixpanel uses a persistent opt-out cookie placed on your device. Please note that if you get a new computer, install a new browser, erase or otherwise alter the browser’s cookie file (including upgrading certain browsers), you may delete the Mixpanel opt-out cookie.
Facebook . We may use certain tools offered by Facebook, Inc. (“Facebook”) that enable it to collect or receive information about actions Website Users take on our Website through use of cookies, web beacons and other storage technologies or in order to provide measurement services, targeted ads and other services. For more information regarding the collection and use of such information by Facebook, please see the Facebook Data Policy, available at: https://www.facebook.com/policy.php .
Drift . We use certain tools offered by Drift to power our Website’s live-chat experience. If you provide information about yourself through that live-chat experience, then we may store that information for marketing purposes. Drift may also infer information about the company that you work for you based on your IP address.
Policies Applicable to Both Our Services & Our Website
When does Branch Disclose Information?
In addition to the ways described in our Terms & Conditions and this Privacy Policy, Branch may also disclose information to others under the following circumstances:
- With vendors, consultants and other parties who work for us and need access to information we collect to do that work.
- With our Clients and their agents, as described in this Policy.
- To other parties (such as advertising networks or vendors used by our Clients), as directed by our Clients.
- To comply with laws or to respond to lawful requests and legal process including to meet national security or law enforcement requirements, and in order to investigate, prevent, or take action regarding suspected, or actual, prohibited activities, including but not limited to fraud and situations involving potential threats to the physical safety of any person.
- To protect the rights and property of Branch, our agents, Clients, Users, Website Users, and others including to enforce our agreements, policies, and Terms & Conditions.
- To Branch’s subsidiaries and affiliates as necessary to help us provide, support, and maintain the Services.
- In connection with or during negotiation of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Updating Your Information and Contact Preferences
We provide Clients with a mechanism to access, review and update information via the dashboard. If you wish to review or update your information, please visit branch.io and login using the username and password you created. Next, please select “Account Settings” which can be found in the lower left corner of the dashboard screen, then select the “User” tab near the top. If you would like to delete your account, please email support@branch.io.
We Secure the Information We Collect
Securing the information provided by our Clients and collected through our Website is important to us. Branch has implemented industry-standard technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. You are responsible for maintaining the secrecy of your own passwords. If you have reason to believe that your passwords or Personal Data are no longer secure, please promptly notify us at privacy@branch.io.
Our Data Retention Policy
For our Services: Branch stores the information collected by our Services (see the “What Information Does Branch Collect from our Services?” section above) so long as our systems continue to encounter that User. After that User has been inactive for 30 days (or 90 days for specific attribution products), identifiers collected from that User will be deleted unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Usage activity logs, which are used for the purpose of reporting and analytics, are stored in an identifiable form for no more than 7 days (or up to 60 days as determined by the Client or for specific fields), after which these logs are removed or pseudonymized. Any and all pseudonymized logs are deleted after 12 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Aggregated reporting metrics disclosed to Clients are retained (in aggregate and anonymized form) for up to 24 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Client.
Branch may retain information collected by our Services beyond these periods for fraud prevention, analysis, or response, or to protect the safety of Branch, its Clients, Users or the public.
For the Website: We store Personal Data such as email address or billing details for so long as you continue to have a business relationship with Branch and for a reasonable time thereafter for record-keeping purposes. If applicable to you, you may ask us to delete that information as described in the “Data Subject Rights” section below or pursuant to your right of erasure as described in the “Data Subject Rights” section below.
Links to Other Websites
The Website and/or Services may contain links to other websites and other websites may reference or link to our Website and/or Services. These other domains and websites are not controlled by Branch, and we do not endorse or make any representations about websites or social media platforms operated by other parties. We encourage you to read the privacy policies of each and every website and application that you interact with. We do not endorse, screen, or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
International Data Transfers
All information collected via the Website and Services is stored on servers located in the United States. In the process of providing the Services, we may transfer information across borders from other countries or jurisdictions into the United States. Data protection laws in the United States may differ from your country, and the data Branch processes may be accessible to law enforcement and national security authorities under certain circumstances. By using the Services, each Client and Website User consents to the transfer and processing of information to the U.S. in accordance with this Privacy Policy. Data transfers from the European Union, United Kingdom, and Switzerland are transferred on the basis of legal mechanisms approved by the European Commission and other relevant authorities for cross-border data transfers, such as Standard Contractual Clauses or the Privacy Shield mechanism discussed in the “Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States” section below.
Privacy Shield For EU, UK, and Swiss Personal Data Transferred into the United States
Branch complies with the E.U.-U.S. Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries (including European Economic Area member countries), the United Kingdom, and Switzerland transferred to the United States pursuant to Privacy Shield. Branch recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export personal data to jurisdictions outside the European Economic Area, and that the Swiss Data Protection Authority similarly held the Swiss-US Privacy Shield inadequate. Branch will continue to honor its obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
Branch no longer relies on the EU-U.S. Privacy Shield to transfer data that originated in the EEA or the United Kingdom to the U.S.
Branch is subject to the investigatory and enforcement authority of the US Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks we are obliged to inform EU, UK, and Swiss individuals whose data is being transferred into the United States that we may be required to release Personal Data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
Branch remains liable for the onward transfer of EU, UK, and Swiss personal data to other parties pursuant to the Privacy Shield unless we can prove we were not a party to the actions giving rise to the damages.
We acknowledge the right of EU, UK, and Swiss individuals to access their Personal Data pursuant to the Privacy Shield. EU, UK, and Swiss individuals wishing to exercise this right may do so by contacting privacy@branch.io.
In compliance with the Privacy Shield Principles, Branch commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Branch at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at privacy@branch.io
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at privacy@branch.io
Branch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Data Subject Rights
California Consumer Privacy Act
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to natural persons who are residents of California. Our CCPA privacy notice is available here.
Rights of Residents of the European Economic Area and United Kingdom
The European General Data Protection Regulation of 2018 (“GDPR”) and equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation (“UK Data Protection Law”) provides certain rights to residents of Europe. Information on how you can exercise rights under the GDPR and UK Data Protection Law are set forth here.
Lei Geral de Proteção de Dados
Lei Geral de Proteção de Dados (“LGPD”) provides certain rights to residents of Brazil. Information on how you can exercise rights under the LGPD are set forth here.
Our Policy Regarding Children
Services: The Branch Services are not directed to children. We require that Clients agree to not send to us data relating to any children under 13 (or, in certain jurisdictions, under 16). If you are a Client and want to learn more about Branch SDK Privacy Controls that you can use in your compliance with the U.S. Children’s Online Privacy Protection Act (COPPA), GDPR, or any other applicable law, please contact privacy@branch.io.
If you believe that we might have any information from or about a child under 13 (and in certain jurisdictions under 16) in violation of applicable law, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any information that it may have been provided inappropriately as required by law.
Website: The Branch Website is not directed to children. We do not knowingly collect through the Website Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. No one under 16 may provide any Personal Data to us. In the event that we learn that we have collected any such data from a child under 16 through our Website, we will take reasonable steps to delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at privacy@branch.io, so that Branch can promptly investigate and delete any inappropriately obtained information as required by law.
Contact Us, Questions, Changes to This Privacy Policy
We may change this Privacy Policy at any time in our sole discretion. We will post all changes to this Privacy Policy on this page and will indicate at the top of the page the modified Privacy Policy’s effective date. If you have any questions or suggestions regarding this Privacy Policy, please contact us at:
Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at info@branch.io
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at info@branch.io
Compliance
This Privacy Policy shall be implemented by Branch and all its operating divisions, subsidiaries and affiliates. Branch has put in place mechanisms to verify ongoing compliance with this Privacy Policy.
Effective December 29, 2022 to January 1, 2023
DownloadTable of Contents
Privacy Policy
The Branch Guiding Privacy Principles
We are a linking and analytics platform for app and website developers. And we are proud of our commitment to providing our services in a privacy-first way. So we thought it would be helpful to lay out, in plain English, the Branch Guiding Privacy Principles that drive how we’ve chosen to design our services with privacy as a top priority. We further describe our privacy practices in the official Privacy Policy below this section, but we hope you’ll find this summary of our principles helpful.
- We limit the data we collect. We practice data minimization, which means that we take steps to avoid collecting or storing information that we don’t need to provide our services. The personal data that we collect to provide our services is limited to data like advertising identifiers, IP address, and information derived from resettable cookies (the full list is below in our privacy policy). We do not collect or store information such as names, email addresses, physical addresses, or SSNs to provide our services. Nor do we want to. In fact, our Terms & Conditions prohibit our customers from providing Branch with any kind of sensitive end-user information.
- We will only provide you with data about actual end-user activity on your apps or websites. Customers who subscribe to our linking and analytics platform can only access “earned” cookies or identifiers. This means that an end user must visit a customer’s site before our customer can see the cookie; and an end user must download a customer’s app in order for Branch to collect the end user’s advertising identifier for that customer. In short, the Branch services benefit customers who already have seen an end user across their platforms and want to understand the relationship between those web visits and app sessions.
- We do not rent or sell customer end user data. No Branch customer can access another Branch customer’s end-user data. And we are not in the business of renting or selling any customer’s end-user data to anyone else. To enable customers to control their end-user personal data, they can request deletion here of that data at any time, whether in bulk or for a specific end user. These controls are available to customers worldwide, although we designed them to comply with the CCPA and GDPR requirements.
Beyond these principles stated above, Branch will continue to find ways to design our services to respect end user privacy. We’re committed to making sure our customers understand how we use data they entrust to us and how they can control it so that they can, in turn, be transparent with their end users.
Introduction
Branch Metrics, Inc. ("Branch", "us", "our" or "we") offers a linking and analytics platform enabling developers of applications (our "Clients")--whether those applications are websites or "apps," and across different types of devices--to improve their end users’ ("Users") cross-application experiences, and to derive additional insights into how their Users download and utilize those applications. Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.
This Privacy Policy is divided into three parts:
- Collection and Use of Information from Our Services: This section explains how Branch collects and uses information about Users in connection with our linking and analytics products and services (the "Branch Services" or the "Services").
- Collection and Use of Information from Our Website and for Marketing Purposes: This section explains how we collect and use information about our website visitors through our website located at branch.io (the “Website”), which includes the dashboard we provide to our Clients located at dashboard.branch.io. So, if you are a Client using our Branch dashboard, this section applies to the data we collect from you. It also explains how we collect information about potential Clients from vendors and other sources to enhance our marketing efforts.
- Policies Applicable to Both Our Services & Our Website: This section lays out the parts of the Branch Privacy Policy that apply to both the Services and to the Website.
Collection and Use of Information from Our Services
What Information Does Branch Collect from Our Services?
Below, we explain what information we collect on behalf of our Clients through the Services, and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
The Branch Services: Overview
Branch provides a variety of Services intended to help Clients understand the use of their digital properties by their Users across a wide array of platforms, devices and applications. Branch helps Clients by connecting User interactions across siloed applications (email, SMS, web browsers, social platforms, native applications and others), so that Clients understand the multiple steps that a User took to ultimately complete a transaction with the Client. The Client can use this information to better inform marketing and product decisions as well as to provide improved user experiences by using their knowledge of continuity.
Branch has no direct relationship with Users. Branch’s Services are provided when Branch Clients install on their platforms “Branch Mechanisms” (including links, pixels, direct platform integrations, etc.) that capture User action on behalf of the Client. Using the information collected from these Branch Mechanisms, Branch uses a variety of attribution techniques to connect User actions across different channels and platforms. Some of these attribution techniques include a direct pass-through of identifiers from platform to platform, creating and storing identifiers unique to the Branch platform to connect User actions and identifiers together, and predictive modeling algorithms using real-time and historical data parameters observed from User interactions where there are no shared identifiers available, as well as using historical connections Branch has derived over time using our technology. In some cases, these connections are made without the use of cookies. These techniques help Clients match Users with devices they use, including matching the same User across multiple devices.
The key use cases of Branch’s Services are:
- To support Clients in implementing deep linking, which uses Branch’s connection information in real time to improve the User experience.
- For example, if a User clicks on a link in an email or ad to a specific page in a Client’s app, Branch helps the User get to that page after they download the app.
- To report individualized and aggregated analytics metrics about the performance of the Client’s product and marketing initiatives to the Client directly.
- For example, Branch can tell a Client how many Users that downloaded an app or that went to a specific page in an app came from clicking on a specific link, and provide corresponding advertising or other identifiers.
- To assist the Client by presenting real time, targeted messaging to their Users depending on past behavior observed across the Client’s tracked platforms with the purpose of driving more engagement to the Client.
- For example, Branch can use Branch Mechanisms to provide a tailored message like a coupon code or special offer in your website to users who have interacted with your app and/or website in the past.
Branch requires that each Client commit to disclose to Branch only information that it has lawfully obtained (including, where necessary, by obtaining consent from Users), and that it has the right to disclose to Branch. We strongly discourage Clients from disclosing sensitive User information with us, as such information is not necessary for the provision of the Services, and we prohibit them from providing us with data relating to children under 13 (or, in certain jurisdictions, under 16).
In the charts below, we summarize the information collected automatically by the Services.
Information Collected By Branch Links and Pixels
Branch collects the following information from URLs created by the Client (i.e., Branch Links) and pixels placed on Client websites. Branch Links may be embedded into QR Codes as configured by the Client. Some of this information is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual) (“Personal Data”).
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; used for attribution and to understand general location |
Cookie | Standard web cookies, used for device identification and attribution |
Link Data | Metadata controlled by the Client, which may be used to interpret the data for reporting, or for analytics |
User Agent | Standard web browser user agent metadata; used for device identification and attribution |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Request | Standard web HTTP request |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the webpage from which such ads were displayed, and webpages on Client’s website visited by a User. Other interactions, events and actions Clients choose to measure and analyze within their website (e.g., add to cart, purchases made, clicks, engagement time etc.). |
Information Collected by Branch SDKs
SDKs are Software Development Kits that include code that allows Clients to use the Branch Services. The Branch Mobile App SDKs, Web SDKs, and Over-the-Top (OTT) SDKs collect the following information when Clients use these SDKs in their applications or websites, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
Advertising identifier (e.g., GAID, Android ID, IDFA, IDFV, RIDA) | Used for device identification and attribution |
Branch Cookie ID | Used for device identification and attribution |
IP Address | Standard web HTTP request; used for device identification, attribution, and to understand general location |
Referer | Standard web browser HTTP referer; may be used for reporting and analytics |
Central Processing Unit (CPU) Type | Metadata feature used for device identification and attribution |
System build version | Metadata feature used for device identification and attribution |
Internet connection type | Metadata feature used for device identification and attribution |
Application version | Metadata feature used for device identification and attribution |
Device model | Metadata feature used for device identification and attribution |
Manufacturer | Metadata feature used for device identification and attribution |
Operating system | Metadata feature used for device identification and attribution |
Operating system version | Metadata feature used for device identification and attribution |
Screen size (height, width) | Metadata feature used for device identification and attribution |
Screen resolution | Metadata feature used for device identification and attribution |
Mobile network status (Wi-Fi, etc.) | Metadata feature used for device identification and attribution |
Device locale (country and language) | Metadata feature used for device identification and attribution |
Local IP address | Metadata feature used for device identification and attribution |
Mobile platform | Metadata feature used for device identification and attribution |
Branch SDK version | Metadata feature used for device identification and attribution |
Developer ID | (optional) Client-supplied unique identifier; metadata feature Used for device identification and attribution |
Carrier ID | Metadata feature used for device identification and attribution |
Engagement Data | Information relating to the Client’s ad campaigns and User interactions, such as clicks on Client ads, Client ad impressions viewed, audiences or segments to which an ad campaign is attributed, type of ads and the application page from which such ads were displayed, pages on Client’s application visited by a User, downloads, opt-in status for certain tracking mechanisms, and installations of applications. Other interactions, events and actions Clients choose to measure and analyze within their application (e.g., add to cart, purchases made, clicks, engagement time etc.). |
In addition to the information identified above, the Branch Desktop SDKs collect the following identifiers when Clients use these SDKs in their desktop applications, some of which may be considered Personal Data under applicable law:
Type of Information Collected | Purpose |
MAC address | Used for device identification and attribution |
Windows Advertising ID | Used for device identification and attribution |
CPU ID | Used for device identification and attribution |
Information Collected By Other Parties
As part of Branch’s Services, Branch’s Clients may direct certain of their vendors or business partners (such as an ad network or vendor) to provide certain Engagement Data to Branch on the Client’s behalf.
How Does Branch Use Information Collected by Our Services?
Data Branch collects through the Services is processed:
- to better understand how and from where Users come to download certain apps, what types of apps are popular, or to recognize browsers and devices that are likely to be operated by the same User.
- to provide, maintain, optimize, research and improve the Branch Services we provide our Clients, including to support other Branch products and services, develop new products and services, and market products or services; to support the products and services of our Clients; and as permitted or required by applicable law.
- to fulfill Clients’ and prospective Clients’ requests for the Services including processing data at the Client’s direction and transferring User data to them. Branch does not control how Clients use information Branch discloses to Clients, and Users should read Clients’ Privacy Policies to understand how they use information they receive from Branch.
- to aggregate data across various sources, including data from various Clients or other parties.
- to create reports based on aggregated information, which is information that cannot reasonably be linked back to any individual person or Client and disclose these reports to the public.
- for anti-fraud protection and analysis relating to the Services to ensure more accurate attribution measurement, general fraud prevention, or where otherwise required by law.
We may aggregate and/or de-identify the data we collect through the Services. After data has been aggregated and/or de-identified, Branch cannot use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any other parties, including business partners, Clients, and/or others.
Our Clients’ Use of Information
Our Clients may use the information collected via the Services to improve their Users’ app experiences, customize their apps to Users, and to better understand their app marketing programs and how Users discover their apps. For example, a User may want to disclose information about a hotel that she found in a travel app to a friend. When that User sends her friend a Branch link to that hotel, after clicking the link the friend is brought directly to the content relating to that hotel within the app, rather than landing on the app’s homepage and having to search for the hotel. The travel app would also gain insights and analytics as to how the content is being disclosed from its app.
We require that our Clients utilize our Services responsibly and in accordance with our Terms & Conditions. Branch is not responsible for the data practices of any of our Clients through the Services or otherwise. Each Client’s practices are subject to each Client’s individual privacy policy. Users should review the privacy policy of each Client to understand how that Client uses User information collected through the Services.
User Choices
Branch recognizes a number of consumer choice mechanisms. Due to the nature of the Services, some functionality may be degraded or no longer work as a result if you exercise certain of the opt-outs below.
Branch’s Browser Cookie Opt-Out: Our cookie-based opt-out can be accessed by clicking here. This will place a Branch opt-out cookie on your browser. Where Branch detects the presence of that opt-out cookie, we will no longer read or set cookies (beyond the opt-out cookie itself). Cookie-based opt outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted-out on your computer browser, that opt out will not be effective on your mobile device.
NAI Browser-Based Opt-Out: Branch is a member of the Network Advertising Initiative (“NAI”) and adheres to its Code of Conduct. NAI provides you with the opportunity to opt out (on a browser-by-browser basis) from interest-based advertising by participating NAI members, including Branch. That opt-out is available here.
Device-Based Opt-Out: You can submit a request to opt out of the Branch Services on a particular device by submitting a request here.
Device Identifiers: To use your device’s privacy settings controls, please visit the privacy settings menu of your device to review and access the privacy controls made available on the device. Branch will only be able to collect information from the device as permitted by these settings.
Client App Opt-out Controls: Branch‘s SDK Privacy Controls allow Clients to respect granular controls regarding User data. Clients can flag in the Branch SDK that a particular User’s data should not be processed by Branch, in which case Branch will no longer process engagement data on behalf of the Client for that User.
Engagement Builder: Branch's Engagement Builder feature may be used to help Clients conduct re-engagement and re-targeting campaigns. We require that Clients using Branch’s Engagement Builder feature for such purposes respect User opt-out preferences passed to them by Branch.
Collection and Use of Information from Our Website and for Marketing Purposes
What Information Does Branch Collect about Website Visitors and Potential Customers?
Branch collects information from Website visitors (“you” or “Website Users”) located at www.branch.io (the “Website”), which includes the dashboard provided to our Clients located at dashboard.branch.io. The types of information we may collect and our privacy practices depend on the nature of the relationship you have with us and the requirements of applicable law. Below are the legal bases and some of the ways we collect information and how we use it. We process information in a way that is relevant for the purpose for which it was collected as described below.
What We Collect from Clients that Use the Website
Branch collects Personal Data and non-personal data via the Website. For example, when Clients register to use our Services, we ask them to provide us with Personal Data, including first and last name and email address.
Dashboard Information: Information we collect from visitors who register for an account on our dashboard includes the following, some of which is considered Personal Data under applicable law:
Type of Information Collected | Purpose |
IP Address | Standard web HTTP request; may be used for limited security login controls |
Cookie (ours) | Standard web cookie used for dashboard session management |
Cookie (other-party) | Other-party web tracking tools used for business intelligence |
First, Last Name | Used for team user identification |
Work Email | Used as the primary login identifier |
Password | Account registration, secure our Services and prevent fraud |
Account Holder Primary Role | Account registration, tell Clients about products and services offered by Branch and Branch’s selected partners |
User Agent | Standard web browser user agent metadata; may be used for limited security login controls |
Referer | Standard web browser HTTP referer; may be used for general internal business analytics |
Request | Standard web HTTP request; may be used for general internal business analytics |
Github ID | (optional) Can be used as a login method |
Billing information | Payment account registration |
Log Data | Provide the Services, tell Clients about products and services offered by Branch and Branch’s selected partners, personalize our experience, secure our Services and prevent fraud, and defend our legal rights and comply with the law |