LAST UPDATED: April 8, 2024

This Brain Fit Life Privacy Policy (or “Privacy Policy”) applies to www.brainfitlife.com, our applications “Apps”,  which is owned and operated by Mindworks Innovations, Inc. (d/b/a Brain Fit Life) (“Brain Fit Life,” “Brain Fit Life 5.0”, “Company,” “we,” or “us”).  When you visit our website and use our Services, you trust us with your personal information. We take your privacy very seriously. In this Privacy Policy, we explain to you what information we collect, how we use it, and what rights you have in relation to your privacy.

This Privacy Policy applies to all information collected through our website, and/or any related services, sales, marketing, or events (we refer to them collectively in this Privacy Policy as the “Services”).

Please read this Privacy Policy carefully. If there are any terms in this Privacy Policy that you do not agree with, please discontinue the use of our sites and services.

1. What Information Do We Collect?

We only collect the minimum information needed to do business with you, to provide better security, and to collect feedback to improve our products and services. There are two buckets of information we collect:

• Information Submitted to the Services. We collect information that you submit to the Services, such as your name, email address, records you share, information required for your purchases, comments, suggestions, feedback, opinions, and media.
• Information Automatically Collected. We automatically collect certain information when you visit, use or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

2. How Do We Use Your Information?

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below. We use the information we collect or receive:

• To Provide the Services. We may use your information to provide, operate and maintain our Services, and to improve, personalize and expand out Services.
• To Process Transactions. We may use your information to process your transactions in connection with the Services.
• To Communicate with You. We may use your information to communicate with you, either directly or through one of our partners (e.g., via push notifications or text messages), including for customer service, to send you marketing and promotional e-mails, and to provide you with updates and other information relating to our products and Services.
• To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
• To respond to legal requests and prevent harm. If we receive a subpoena or other legal request from a judicial process or governmental agency, we may need to inspect the data we hold to determine how to respond.
• To enforce our terms, conditions and policies for Business Purposes, Legal Reasons and Contractual. We may use your information to protect our legal rights and to enforce our terms, including this Privacy Policy and our Terms of Service, and to protect the rights of our users and the public. We may also use your information as may be required by applicable laws and regulations.
• For other Business Purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Services, products, and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not include personal information. We will not use identifiable personal information without your consent.

3. How Will We Share Your Information?

We may process or share data based on the following legal bases:

• Consent: if you have given us specific consent to use your personal information in a specific purpose.
• Legitimate Interests: when it is reasonably necessary to achieve our legitimate business interests.
• Legal Obligations: where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
• Vital Interests: where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

• Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Services, which will enable them to collect data about how you interact with the Services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
• Aggregated Information. When legally permissible, we may use and share information about users with our partners in aggregated or de-identified form that cannot be reasonably used to identify you or any individual.
• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• Third-Party Advertisers. We may use third-party advertising companies for analytics when you visit the Services. These companies may use information about your visits to our website(s) and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you.
• Business Partners. We may share your information with our business partners to offer you certain products, services or promotions.
• As Required by Law and Similar Disclosures. We may also share information to (i) satisfy any applicable law, regulation, legal process, or governmental request; and (ii) enforce this Privacy Policy and our Terms of Service, including investigation of potential violations hereof.
• Other Users. When you share personal information (for example, by posting comments, contributions or other content to the Services) or otherwise interact with public areas of the Services, such personal information may be viewed by all users and may be publicly distributed outside the Services in perpetuity. Similarly, other users will be able to view descriptions of your activity, communicate with you within our Services, and view your profile.

4. Is Your Information Transferred Internationally?

Our servers are located in the United States. If you are accessing our Services from outside United States, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information, in the United States, and other countries.

If you are a resident in the European Economic Area, then these countries may not have data protection or other laws as comprehensive as those in your country. We will however take all necessary measures to protect your personal information in accordance with this Privacy Policy and applicable law.

• International Data Transfers
  With respect to Personal Data of Data Subjects located in the EEA, Switzerland, or the United Kingdom that Customer transfers to us or permits us to access, the parties agree that by executing the DPA they also execute the Standard Contractual Clauses, which will be incorporated by reference and form an integral part of the DPA. The parties agree that, with respect to the elements of the Standard Contractual Clauses that require the parties’ input, Schedules 1-3 contain all the relevant information.
• EU-U.S. and Swiss-U.S. Privacy Shield.
  For personal data we receive from the EEA and Switzerland, we have certified its compliance to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from such countries. To access the Privacy Shield List and to find details of our certification, please visit: https://www.privacyshield.gov/.

We currently utilize Standard Contractual Clauses in connection with transfers of data from the EEA to the US insofar as the EU-US Privacy Shield is deemed invalidated and other means are not yet in place. Please also refer to our GDPR FAQ and Data Processing Agreement for more information about data transfers.

5. What Are Cookies, Beacons and Analytics?

When you interact with the Services, we strive to make your experience easy and meaningful. Our Services use technology, or those of third-party service providers, such as cookies, web beacons (clear GIFs, web bugs) and similar technologies to track user activity and collect site data. We may combine this data with the personal information we have collected from you.

• Cookies. We (including our chosen third-party service providers) use cookies to track visitor activity on the Services. A cookie is a text file that a website transfers to your computer’s hard drive for record-keeping purposes. Our cookies assign a random, unique number to each visitor’s computer. They do not contain information that would personally identify the visitor, although we can associate a cookie with any identifying information that is or has been provided to us while visiting the Services. We use cookies that remain on your computer for a specified period of time or until they are deleted (persistent cookies). We may also use cookies that exist only temporarily during an online session (session cookies) – these cookies allow us to identify you temporarily as you move through the Services. Most browsers allow users to refuse cookies but doing so may impede the functionality of some portions of our Services. 
• Web Beacons. Web beacons are tiny graphics with a unique identifier, similar in function to cookies, that are used to track the online movements of Web users. In contrast to cookies, which are stored on your computer’s hard drive, Web beacons are embedded invisibly on webpages and may not be disabled or controlled through your browser.
• Third Party Analytics. We may also engage third parties to track and analyze Services activity on our behalf. TO do so, these third parties may place cookies or web beacons to track user activity on our Services. We use the data collected by such third parties to administer and improve the quality of the Services, analyze usage of the Services, and provide a more enhanced user experience on the Services, such as personalizing and delivering relevant offers and content based on user activity on the Services. We do not provide these third parties with your Personal Information. We may use analytics services such as Google Analytics to collect and process certain analytics data. These services may also collect information about your use of other websites, apps, and online resources. You can learn about Google’s practices by going to https://www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

6. How Long Do We Keep Your Information?

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). If your personal information is retained by a third party in connection with our Services, the retention of your personal information is subject to the privacy policy of such third party.

We retain personal information we collect from you where we have an ongoing legitimate business need to do so.  When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

7. How Do We Keep Your Information Safe?

We are committed to protecting your information. To do so, we employ a variety of technical and organizational security measures designed to protect the security of any personal information we process, and to protect such information from unauthorized access, use, or disclosure. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk, and we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur. You should only access the services within a secure environment.

8. Do We Collect Information from Minors?

We do not knowingly solicit data from or market to children under 13 years of age, and minors under the age of 13 are prohibited from using our Services. If we learn that personal information from users less than 13 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under the age 13, please contact us at support@brainfitlife.com.

9. What Are Your Privacy Rights?

If you are a resident of the EEA, you have the following data protection rights:

• If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing support@brainfitlife.com.
• To exercise your rights to deletion of your personal data under the GDPR, you can deactivate and purge your account by emailing support@brainfitlife.com. All account data will be deleted within 90 days of the request.
• In addition, you can object to the processing of your personal data, ask us to restrict the processing of your personal data, or request portability of your personal data. Again, you can exercise these rights by emailing support@brainfitlife.com.
• You have the right to opt out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt out of other forms of marketing, please contact us by emailing support@brainfitlife.com.
• Similarly, if we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html.

10. What Are the Controls for Do-Not-Track Features?

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

11. Do California Residents Have Specific Privacy Rights?

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

If you are under 18 years of age, reside in California, and have a registered account with the Services, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, but please be aware that the data may not be completely or comprehensively removed from our systems.

12. Do We Make Updates to This Policy?

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

13. What About Third Party Links?

The Services may contain links to other, third-party websites. Any access to and use of such linked websites is not governed by this Privacy Policy, but instead, is governed by the privacy policies of those third party websites. We are not responsible for the information practices of such third-party websites.

14. How Can You Contact Us About This Policy?

If you have questions or comments about this policy, you may email us at support@brainfitlife.com or by mail to:  

Brain Fit Life
959 S Coast Dr #100
Costa Mesa, CA 92626

15. How Can You Review, Update, Or Delete the Data We Collect From You?

Based on the laws of some countries, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please submit a request by clicking here. We will respond to your request within 30 days.