Last updated 17 September 2022
This Privacy Policy for Brugu Software Solutions Private Ltd (trading as Brugu) ("Brugu", "we", "us" or "our"), describes how and why we collect, store, use and/or share ("process") your information when you use our services ("Services"), such as when you:
our website at: https://www.brugu.io/
Contact us in any other way, including sales, marketing or events.
Do you have questions or concerns?
Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our services. If you still have questions or concerns, please contact us at
[email protected].
What personal data do we process? When you visit, use or navigate through our Services, we may process Personal Data depending on how you interact with Brugu and the Services, the choices you make and the products and features you use.
Do we process any sensitive personal information?
We do not process any sensitive personal information.
Do we receive any information from third parties?
We may receive information from public databases, marketing partners, social media platforms and other external sources.
How do we process your information?
We process your information to provide, improve and manage our services, to communicate with you, to prevent security and fraud, and to comply with legal requirements. With your consent, we may also process your data for other purposes. We will only process your data if we have a valid legal reason to do so.
In what situations and with what parties do we share personal information?
We may share information in certain situations and with certain third parties.
How do we protect your data?
We have organisational and technical processes and procedures in place to protect your personal information. However, we cannot guarantee that electronic transmission over the Internet or information storage is 100% secure. Therefore, we cannot promise or guarantee that hackers, cybercriminals or other unauthorised third parties will not be able to breach our security and unlawfully collect, access, steal or modify your information.
What rights do you have?
Depending on where you are geographically located, you have certain rights under applicable data protection law with respect to your personal data
How can you exercise your rights?
The easiest way to exercise your rights is to fill out our privacy request form, which can be found here: [email protected], or by contacting us. We will review each request in accordance with applicable data protection laws and act accordingly.
Want to learn more about what Brugu does with the data we collect?
Personal information you provide to us
In short, we collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you express an interest in receiving information about us or our products and services, when you participate in activities on the Services, or when you otherwise contact us.
Personal Information Provided by You. The Personal Information we collect depends on the context of your interactions with us and the Services, your choices, and the products and features you use. The personal information we collect may include the following:
In short, some information - such as your Internet Protocol (IP) address and/or browser and device characteristics - is automatically collected when you visit our Services.
We automatically collect certain information when you visit, use, or navigate through the Services. This information does not reveal your identity (such as your name or contact information), but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language settings, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily required to maintain the security and operation of our Services and for our internal analysis and reporting purposes.
Like many other companies, we also collect information through cookies and similar technologies.
Log and Usage Data. Log and Usage Data is service-related, diagnostic, usage and performance information that our servers automatically collect when you access or use our Services and that we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings, and information about your activity on the Services (e.g., date/time stamps related to your usage, pages and files viewed, searches and other actions, such as the features you use), information about device events (e.g., system activity, error reports (sometimes referred to as "crash dumps"), and hardware settings).
Device Data: We collect Device Data, such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device you use, this Device Data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
Location Data: We collect location data, such as information about the location of your device, which may be either accurate or inaccurate. The amount of information we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can object to the collection of this data by either denying access to it or disabling the location setting on your device. However, if you choose not to do so, you may not be able to use certain aspects of the Services.
In short, we may collect limited data from public databases, marketing partners, social media platforms and other external sources.
In order to improve our ability to provide you with relevant marketing, offers, and services and to update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programmes, data providers, social media platforms, and other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behaviour data), internet protocol (IP) addresses, social media profiles, social media URLs, and custom profiles for the purpose of targeted advertising and event promotion. When you interact with us on a social media platform through your social media account (e.g., Facebook or Twitter), we receive personal information about you such as your name, email address, and gender. Any personal data we collect from your social media account will depend on the privacy settings of your social media account.
In short, we process your data to provide, improve and manage our services, to communicate with you, to prevent security and fraud, and to comply with legal requirements. With your consent, we may also process your data for other purposes.
Depending on how you interact with our Services, we may process your personal data for a variety of reasons, including: Responding to user requests/Supporting users. We may process your data to respond to your requests and resolve potential issues with the requested service. To fulfil and manage your orders. We may process your data to fulfil and manage your orders, payments, returns and exchanges made through the Services. To enable communication between users. We may process your data if you choose to use one of our offers that allows communication with another user. To safeguard or protect the vital interests of an individual. We may process your data if this is necessary to safeguard or protect the vital interests of a person, e.g. to prevent harm.
In short, we only process your personal data when we believe it is necessary and we have a valid legal reason (i.e., a legal basis) to do so under applicable law, such as with your consent, to comply with laws, to provide services to you, to enter into or perform our contractual obligations, to protect your rights, or to fulfil our legitimate business interests.
If you are a resident of the EU or the UK, this section applies to you.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the applicable legal bases we rely on to process your personal data. Therefore, we may rely on the following legal bases to process your personal data:
Consent. We may process your data if you have given us permission (i.e. your consent) to use your personal data for a specific purpose. You can withdraw your consent at any time.
Performance of a contract. We may process your personal data if we believe it is necessary to do so in order to fulfil our contractual obligations to you, including the provision of our services or at your request before we enter into a contract with you.
Legal Obligations. We may process your information if we believe it is necessary to comply with our legal obligations, such as to cooperate with a law enforcement or regulatory agency, to exercise or defend our legal rights, or to disclose your information as evidence in a legal proceeding to which we are a party.
Important Interests. We may process your data if we believe it is necessary to protect your vital interests or the vital interests of a third party, such as in situations where the safety of an individual is threatened.
If you are located in Canada, this section applies to you.
We may process your information if you have given us express permission to use your personal information for a specific purpose (i.e., express consent) or in situations where your consent can be inferred (i.e., implied consent). You may revoke your consent at any time.
In some exceptional cases, we may be legally permitted under applicable law to process your data without your consent, for example:
If the collection is clearly in the interest of an individual and consent cannot be obtained in a timely manner
For investigations and to detect and prevent fraud
For business transactions, provided certain conditions are met
When contained in a witness statement and the collection is necessary to evaluate, process or settle an insurance claim
To identify injured, ill or deceased persons and to communicate with next of kin When we have reasonable cause to believe that an individual has been, is, or may be a victim of financial abuse
When it is reasonable to expect that collection and use with consent would affect the availability or accuracy of the information and collection is appropriate for purposes related to the investigation of a breach of contract or a violation of the laws of Canada or a province
If the disclosure is necessary to comply with a subpoena, search warrant, court order or the court's rules governing the production of records.
If created by a person in the course of his or her employment, business, or profession, and the collection is consistent with the purposes for which the information was created.
If the collection is solely for journalistic, artistic or literary purposes.
If the information is publicly available and is specified in the regulations.
In short, we may share information in certain situations described in this section and/or with the following third parties.
We may need to share your personal information in the following situations: Business Transfers. We may share or transfer your information in connection with or during negotiations for a merger, sale of company assets, financing, or acquisition of all or part of our business by another company.
In short, we may use cookies and other tracking technologies to collect and store your information.
We may use cookies and similar tracking technologies (such as web beacons and pixels) to access or store information. For specific information about how we use such technologies and how you can refuse certain cookies, please see our Cookie Notice.
In short, if you register or log in to our Services through a social media account, we may have access to certain information about you.
Our Services provide you with the ability to register and log in to a third party social media provider using your account information (e.g., using your Facebook or Twitter logins). When you do so, we receive certain profile information about you from your social media provider. The profile information we receive may vary by social media provider, but often includes your name, email address, friends list, and profile picture, as well as other information you choose to post on such social media platform.
We will only use the information we receive for the purposes described in this Privacy Policy or as otherwise disclosed to you in the applicable services. Please note that we have no control over, and are not responsible for, other uses of your personal information by the third-party social media provider. We encourage you to read their privacy notices to understand how they collect, use, and share your personal information and how you can set your privacy preferences on their websites and apps.
In short, we will retain your information for as long as is necessary to fulfil the purposes stated in this Privacy Policy, unless required by law.
We will retain your personal information only for as long as is necessary to fulfil the purposes set forth in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., for tax, accounting, or other legal reasons).
If we have no further legitimate business need to process your personal data, we will either delete or anonymize that data or, if this is not possible (e.g. because your personal data has been stored in backup archives), we will keep your personal data secure and isolate it from any further processing until deletion is possible.
In short, we strive to protect your personal data through a system of organisational and technical security measures.
We have taken appropriate and reasonable technical and organisational security measures to ensure the security of the personal data we process. However, despite our security measures and efforts to protect your information, no electronic transmission over the Internet or information storage technology can be 100% secure, so we cannot promise or guarantee that hackers, cyber criminals or other unauthorised third parties will not be able to defeat our security measures and unlawfully collect, access, steal or alter your information. Although we do our best to protect your personal information, the transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
In short, in some regions, such as the European Economic Area (EEA), the United Kingdom (UK) and Canada, you have rights that give you more access to and control over your personal information. You can review, change or cancel your account at any time.
In some regions (such as the EEA, the UK, and Canada), you have certain rights under applicable data protection laws. These include, but are not limited to, the right to (i) request access to and obtain a copy of your personal data, (ii) request rectification or erasure, (iii) restrict the processing of your personal data, and (iv) request data portability, if applicable. In certain circumstances, you also have the right to object to the processing of your personal data. You may make such a request by contacting us using the contact details provided in the "HOW CAN YOU CONTACT US ABOUT THIS NOTICE" section below. We will review and process each request in accordance with applicable data protection laws.
If you are in the EEA or the United Kingdom and believe that we are unlawfully processing your personal data, you also have the right to complain to your local data protection supervisory authority.
If you are located in Switzerland, you can find the contact details of the data protection authorities here
Withdrawal of your consent: If we rely on your consent to process your personal data, which may be express and/or implied consent depending on applicable law, you have the right to withdraw your consent at any time. You may withdraw your consent at any time by contacting us. To do so, use the contact details that you will find in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE".
Please note, however, that this will not affect the lawfulness of the processing prior to the withdrawal, nor, where permitted by applicable law, the processing of your personal data carried out on the basis of lawful grounds for processing other than consent.
Unsubscribing from marketing and promotional communications: You may unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails we send you or by contacting us using the details provided in the "HOW CAN YOU CONTACT US ABOUT THIS NOTICE" section below. You will then be removed from the marketing lists. However, we may continue to communicate with you, for example, to send you service-related messages necessary to manage and use your account, to respond to service requests, or for non-marketing purposes.
Cookies and similar technologies: Most web browsers are set to accept cookies by default. If you prefer, you can usually set your browser to remove or reject cookies. If you choose to remove or reject cookies, it may affect certain features or services of our Services. To disable interest-based advertising by advertisers on our Services
If you have any questions or comments about your privacy rights, you can email us at [email protected].
Most web browsers and some mobile operating systems and applications include a "Do-Not-Track" feature or setting that you can enable to indicate that you do not want data about your online browsing activities to be monitored and collected. At this time, no uniform technology standard has been established for the detection and implementation of DNT signals. Therefore, we do not currently respond to DNT browser signals or other mechanisms that automatically communicate that you do not want to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will notify you of this practice in a revised version of this Privacy Notice.
In short, yes, if you are a California resident, you have certain rights regarding access to your personal information.
Pursuant to California Civil Code Section 1798.83, also known as the "Shine The Light" law, our users who are California residents may request and receive from us once a year, free of charge, information about the categories of personal information (if any) that we have shared with third parties for direct marketing purposes and the names and addresses of all third parties with whom we have shared personal information during the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit it to us in writing using the contact information provided below.
If you are under 18 years of age, a California resident, and have a registered account with the Services, you have the right to request the removal of any unwanted data that you publicly disclose on the Services. To request the removal of such data, please contact us using the contact information provided below and include the email address associated with your account and a statement that you are a California resident. We will ensure that the data is not publicly displayed on the Services. However, please note that the data may not be fully or comprehensively removed from all of our systems (e.g., backups, etc.).
The California Code defines a "resident" as:
All other persons are defined as "nonresidents."
If this definition of "resident" applies to you, we must comply with certain rights and obligations with respect to your personal information.
What categories of personal data do we collect?
We may also collect other personal information outside of these categories when you contact us in person, online, by phone, or by mail:
Getting help through our customer support;
Participating in customer surveys or contests; and
Facilitating the delivery of our services and responding to your inquiries.
How do we use and share your personal information?
For more information about our information collection and sharing practices, please see this Privacy Notice.
You may contact us by email at [email protected] or by using the contact information at the end of this document.
If you appoint an agent to exercise your right to object, we may reject a request if the agent does not prove that he or she is authorised to act on your behalf.
Will your information be shared with others?
We may share your personal information with our service providers pursuant to a written contract between us and each service provider. Each service provider is a for-profit company that processes data on our behalf.
We may use your personal data for our own business purposes, such as internal research for technology development and demonstration. This is not considered a "sale" of your personal data.
Brugu Software Solutions Private Ltd has not disclosed or sold any personal information to any third party for any business or commercial purpose in the previous twelve (12) months. Brugu Software Solutions Private Ltd will not sell personal information of website visitors, users and other consumers in the future.
Right to request the deletion of data - Request for deletion.
You may request the erasure of your personal data. If you ask us to erase your personal data, we will comply with your request and erase your personal data, subject to certain exceptions provided by law, such as (but not limited to) the exercise of the right to freedom of expression by another consumer, our requirements under a legal obligation, or processing necessary to protect against illegal activities.
Depending on the circumstances, you have a right to know:
Whether we collect and use your personal data;
what categories of personal data we collect;
The purposes for which the personal data we collect is used;
Whether we sell your personal data to third parties;
The categories of personal data we have sold or transferred for business purposes;
The categories of third parties to whom the personal information has been sold or disclosed for a business purpose; and
The business or commercial purpose for collecting or selling personal information.
In accordance with applicable law, we are not required to provide or delete consumer data that has been de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.
Right to non-discrimination in the exercise of a consumer's privacy rights.
We will not discriminate against you when you exercise your privacy rights.
After receiving your request, we must verify your identity to determine if you are the same person about whom we have the information in our system. This verification requires us to ask you for information so that we can match it with the information you have previously given us. For example, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with information we already have on file, or we may contact you through a method of communication (such as telephone or email) that you have already provided to us. We may also use other verification methods depending on the circumstances.
We will only use the personal information provided in your request to verify your identity or your authorization to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we are unable to verify your identity based on the information we already hold, we may ask you for additional information to verify your identity and to ensure security or prevent fraud. We will delete such additional information provided once we have completed the verification of your identity.
You may object to the processing of your personal data.
You may request that we correct your personal data if it is inaccurate or no longer relevant, or restrict the processing of such data.
You may appoint an authorised representative to make a request on your behalf under the CCPA. We may deny an agent's request if the agent does not demonstrate that he or she is authorised to act on your behalf and in compliance with the CCPA.
You may request that your personal information not be sold to third parties in the future. Upon receipt of an opt-out request, we will comply with the request as soon as possible, but no later than fifteen (15) days from the date of the request.
To exercise these rights, you may contact us by email at [email protected] or by using the contact information at the end of this document. If you have a complaint about how we handle your information, we would like to hear from you.
In short, yes, we will update this note as needed to comply with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be identified by an updated revision date, and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Notice, we may either notify you of those changes by posting a prominent notice or by sending you a notice directly. We encourage you to periodically review this Privacy Notice to be informed of how we are protecting your information.
If you have any questions or comments about this notice, you may email us at [email protected] or mail them to:
Brugu Software Solutions Private Ltd.
JSP Imperia Business Center, 5th Floor,,
SolutoHub Street, Street No 3,
Hyderabad, Telangana 500081
India
You have the right to request access to, amend or delete any personal information we have collected about you. To request review, update or deletion of your personal information, please mail us at : [email protected]