We value privacy and are committed to providing our services in a privacy-first way, including by practicing data minimization, limiting the information we disclose, and implementing measures to safeguard our data. At a high level, our Discovery Services help our Customers’ Users discover mobile apps and allow our Customers to provide their Users with more relevant results to mobile app content in response to search queries. To provide these services, we collect certain device level data (e.g., advertising identifier, IP address, and geolocation information) and query data (e.g., “best restaurant in San Francisco”) about Users. We use this information to provide and improve the Discovery Services, as well as to provide other Branch products and services, and generally to serve or communicate with our Customers. We may also de-identify or aggregate data we collect through the Discovery Services and use it for any purpose. We disclose information to our service providers and Customers and also to comply with laws, to protect ourselves and others, or as part of a business transaction. Users may opt out of certain data collection by following the instructions in the User Choices section below. Because we provide technology that powers the Discovery Services to our Customers, they may use a different name to describe their use of Branch’s Discovery Services (for example, “Place Search”). Users should review the privacy policies of the mobile devices and mobile applications they use, which may give You additional options or rights regarding how our Customers use Your data.
Branch Metrics, Inc. ("Branch", "us" or "we") offers a discovery service (the “Discovery Services”), that enables developers of mobile applications and device features using the Discovery Services (our "Customers") to provide contextual results and intent-based links in their apps, which gives their end users ("Users") simplified access to completing an action (for example, to identify nearby restaurants). Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.
Branch provides technology so Customers can provide their Users with content results in response to queries. We do this in two main ways. First, Branch leverages data from Users through the Discovery Services and through other Branch services to enhance and tailor results in response to queries. Second, Branch provides Customers with mobile deep linking technology to return deep links to queries. “Deep linking” means providing links to a specific, generally searchable or indexed, piece of content in an app or on a website (e.g. “https://branch.io/security/”), rather than the app’s landing page or website’s home page (e.g., “https://branch.io”). Deep links thus enable Users to be directed to specific content within an app. Branch has no direct relationship with Users. When Customers install the Branch technology on their apps (via an application programming interface and/or software development kit), the technology enables Customers to respond to Users’ queries with contextual results and intent-based deep links, which in turn helps Users by giving them results and deep links to simplify access to completing an action (for example, to identify nearby restaurants, order food for delivery, travel to a location, or find a contact on their device).
Below, we explain what information we collect from Users through the Discovery Services. We process information in a way that is relevant for the purpose for which it was collected as described below.
In addition to the information summarized in the charts below, through the Discovery Services, we collect your queries and, when you have enabled geolocation tracking, your geolocation information. We require that each Customer commit to share with Branch only information that it has lawfully obtained and that it has the right to share information with Branch. We strongly discourage Customers from sharing sensitive User information with us, as such information is not necessary for the provision of the Discovery Services.
Software development kits (“SDKs”) and application programming interfaces (“APIs”) include code that allows Customers to integrate and use the Discovery Services. The Branch Discovery Services SDKs and APIs collect the following information when Customers use the SDKs and/or APIs in their mobile apps, some of which is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual). The chart below summarizes the information collected automatically by the Discovery Services and for what purposes this information is being collected.
|Advertising identifier (e.g., Google Ad ID or IDFA)||Used for device identification and serving personalized results and advertising.|
|IP Address||Used to understand general location.|
|Country Code||This is the ISO country code equivalent for the SIM provider’s country code, and is used to understand country-level location.|
|Device Locale (country, language)||Used for customizing results and advertising to the device’s country and language settings.|
|Geolocation information (e.g., latitude & longitude)||If available, used to provide more accurate, location-relevant results. Please see the User Choices section below for more information about opting out of geolocation tracking.|
Any query submitted by a User for purposes of responding to the User’s queries.
Queries may include information that identifies an individual (for example, if a User searches for a friend “John Smith” or for news about a particular celebrity) as well as information that does not identify anyone (for example, “pizza nearby” or “phone cases”).
Queries may be Internet-based or device-based (for example, to search for a contact or an app on a User’s phone). For Internet-based queries, we collect the information described in this table. For device-based queries, our SDK will collect and store information locally on a User’s device (for example, a User’s contacts or the apps stored on a User’s device), but Branch does not receive this data.
|Device Model||Used to serve relevant results and advertising, and for reporting.|
|Device Manufacturer||Used to serve relevant results and advertising, and for reporting.|
|Operating System||Used to serve relevant results and advertising, and for reporting.|
|Operating System Version||Used to serve relevant results and advertising, and for reporting.|
|Mobile Network Status (Carrier)||Used to serve relevant results and advertising, and for reporting.|
|Screen Resolution||Used to serve relevant results and advertising, and for reporting.|
|Screen Size||Used for identification and matching, and to understand general location to serve more relevant results and advertising.|
|Engagement Data||Information relating to a user’s interactions with results and/or advertisements, such as clicks and/or impressions; used to improve the Discovery Services and for reporting.|
Customers may provide information to us to help better direct advertising to their desired audiences delivered through the Discovery Services (“Customer Data”). Branch processes Customer Data as a service provider on behalf of its customers for the Discovery Services and will not use this Customer Data for other purposes.
Data Branch collects through the Discovery Services is processed:
We may aggregate and/or de-identify the data we collect. After data has been aggregated and/or de-identified, Branch does not use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including business partners, Customers, and/or others.
Our Customers use the information collected via the Discovery Services for the purposes set forth in their respective privacy policies, including to improve their Users’ app experiences, customize their apps and in-app content results to Users, and better understand their app marketing programs and how Users use their apps.
Users have the following choices regarding Branch’s collection of their data through the Discovery Services.
Mobile Device Identifier: To exercise the mobile device privacy settings controls, please visit the privacy settings of your Android or iOS device and select “opt-out of interest based ads” (Android) or “limit ad tracking” (Apple iOS). Branch will only be able to collect information as permitted by these settings.
Geolocation information: If You have agreed to permit a Customer’s app to collect Your location, You can change Your location tracking settings in Your device settings by following the instructions here (Android).
Application Deletion: You may be able to delete the Customer app through which You use the Discovery Services, where available.
The Discovery Services are designed for mobile applications and therefore do not respond to web browser “do not track” signals.
In addition to the ways described above, Branch may also share information with others under the following circumstances:
Securing the information provided by our Customers and collected through the Discovery Services is important to us. Branch has implemented industry-standard technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. You are responsible for maintaining the security of Your devices and online accounts, such as not sharing passwords to Your devices.
The Discovery Services link to other websites and apps. These other domains are not controlled by Branch, and we do not endorse or make any representations about third-party websites, apps, or social media platforms. We encourage You to read the privacy policies of each and every website and application that You interact with. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at Your own risk.
Branch is subject to the investigatory and enforcement authority of the US Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks we are obliged to inform EU, UK, and Swiss individuals whose data is being transferred into the United States that we may be required to release personal data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
Branch remains liable for the onward transfer of EU, UK, and Swiss personal data to agent third parties pursuant to the Privacy Shield unless we can prove we were not a party to the actions giving rise to the damages.
In compliance with the Privacy Shield Principles, Branch commits to resolve complaints about Your privacy and our collection or use of Your personal data transferred to the United States pursuant to Privacy Shield. European Union, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Branch at:
Branch Metrics, Inc.
1400 Seaport Blvd
Building B, 2nd Floor
Redwood City, CA 94063
or by email at firstname.lastname@example.org
Branch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If You do not receive timely acknowledgment of Your complaint, or if Your complaint is not satisfactorily addressed, please click here for more information and to file a complaint. This service is provided free of charge to You.
If Your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, You may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1, available here.
Personal data collected via the Discovery Services are stored in an identifiable form for no more than 7 days, after which they are removed or pseudonymized. Any and all pseudonymized logs are deleted after 12 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Customer.
Branch may retain information collected by the Discovery Services beyond these periods for fraud prevention, analysis, or response, or to protect the safety of Branch, its Customers, Users or the public.
The Discovery Services are not directed to children. We require that Customers agree to not knowingly send to us data relating to any children under 13 (or, in certain jurisdictions, under 16). If You believe that we might have any information from or about a child under 13 (and in certain jurisdictions under 16) in violation of this policy, please contact us at email@example.com, so that Branch can promptly investigate and delete any inappropriately obtained information.
Under applicable law, You have the right to access, rectify, erase and restrict the processing of Your personal data. You also have the right to object to Branch’s processing of Your data, all in accordance with applicable law. Because Branch cannot associate the personal data collected via the Discovery Services with a particular individual, it is not reasonably possible for Branch to verify the identity of any particular data subject. To comply with the security requirements of certain applicable laws, in such circumstances we therefore may refuse to process the data subject request and will inform You accordingly. Branch does, however, provide mechanisms for objecting to certain types of processing of Your personal data as set forth in the User Choices section above.
You have the right to lodge complaints about our data processing activities by filing a complaint with our Data Protection Officer who can be reached by the “Contact Us” section below or with a supervisory authority.
The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to natural persons who are residents of California. Our CCPA privacy notice is available here.
Branch Metrics, Inc.
1400 Seaport Blvd
Building B, 2nd Floor
Redwood City, CA 94063
or by email at firstname.lastname@example.org