(ARCHIVED) Privacy Policy

Last updated September 15, 2016

INTRODUCTION

Branch Metrics, Inc. ("Branch Metrics", "us" or "we") offers a sharing and analytics platform to enable mobile application developers (our “Clients”) to promote their Apps and to derive additional insights into how people that use the Internet (“Users”) download and utilize those Apps. Branch Metrics recognizes that privacy is an important issue, so we design and operate our services with the protection of your privacy in mind. This privacy policy ("Policy") explains how information is collected and used pursuant to offering our products and services (the "Branch Metrics Services" or “Services”). This Policy also explains how information is collected and used in connection with our corporate website located at www.branch.io (the “Website”).

WHAT INFORMATION DOES BRANCH METRICS COLLECT?

The Website: What we collect from Clients

Branch Metrics collects personally identifiable information (“PII”) via the Website. PII is information that may be used to identify or contact a unique individual. For example, when Clients register to use our Services, we ask them to provide us with PII including first and last name, email address, and telephone number. To the extent that we charge a fee for the Services, we may also collect billing and payment information from Clients. We also require Clients to setup a user ID and unique password for account security purposes. Clients also have the option of uploading a profile photo and adding other team members to their account. This account information enables us to setup an account for Clients, to provide the Services, and to otherwise manage Client accounts. We may also use the information to notify Clients about updates to our Services and provide them with access to special promotions. We offer a mechanism to opt-out from marketing related emails.

The Website: What we collect from Users that visit the Website

While it is not necessary to provide PII to simply visit our Website, some Users may provide PII to Branch Metrics by sending us an email or filling out an online form on the Website. We generally use this information to answer their question and may store that information for our record keeping purposes.

We also collect non-personally identifiable information (“Non-PII”) via the Website from Users, including Clients. Non-PII is information that cannot by itself be used to identify a particular person or entity, and may include your IP host address, pages viewed, browser type, Internet browsing and usage habits, Internet Service Provider, domain name, the time/date of your visit to this Website, the referring URL and your computer’s operating system. We use the Non-PII collected via the Website to help administer the Website.

We automatically collect information using "cookies" and Web beacons on the Website. Cookies are small data files stored on your hard drive by a website and web beacons are electronic images that may be used on our Website or in our emails. Among other things, cookies help us improve your experience on the Website as well as our marketing activities. We use cookies to see which areas and features are popular and to count visits to our Website. Most web browsers are set to accept cookies by default. If you prefer, you can choose to set your browser to remove cookies and to reject cookies. Removing or rejecting cookies could negatively impact your experience on the Website. For more information about cookies and web beacons, please visit http://www.allaboutcookies.org/.

The Branch Metrics Services: Overview

Branch Metrics offers a self-serve tool that enables our Clients to create customizable and sharable “deep links” that provide Clients with additional insights into how Users download and utilize our Clients’ mobile Apps. A deep link is a hyperlink that enables the Service to track User activity beyond shares and through installs. Users encounter the Branch Service’s deep links in multiple ways, including: dynamically inside a mobile App, via SMS or email when Clients send links directly to their customers and prospects or when Users send other Users links directly, and via social networking platforms like Facebook and LinkedIn when Clients (or other Users) share our link socially. Our Service enables Clients to recognize mobile devices over time in order to ascertain whether a device that clicked one of our deep links is likely to be the same device that installed a particular mobile App. Our Service’s ability to recognize devices over time enables our Clients to help customize User App experiences, conduct analytics and better understand the effectiveness of their marketing campaigns.

Information Collected via Branch Metrics deep links

When a User clicks onto a deep link created via our Service by a Client, certain information is collected about that User’s mobile device. Most of this information is considered Non-PII, including: the mobile platform, SDK version, timestamp, API key (identifier for application), application version, device identifier, iOS Identifier for Advertising, iOS Identifier for Vendors, Android Advertiser ID, IP address, the device model, manufacturer and device O/S, session start/stop time, mobile network code, network status (WiFi, etc.). We may also use persistent cookies to help us collect or store this information. Our cookies can be deleted or rejected through the browser settings of the User’s device. Branch Metrics utilizes any combination of this data to help us identify a User's device(s) pursuant to providing the Service.

Clients may also pass custom data points to Branch pursuant to providing the Services such as the ad campaign name or information used to customize your experience with an App post install. The type of custom information shared via our Service is ultimately determined by our Clients. We strongly encourage Clients not to share sensitive information such as credit card or password information via our Service.

Information Collected post App Install

When a User installs and opens a mobile App that contains the Branch SDK, the Service collects the same information from the device described above (i.e., IP address, O/S and O/S version, Etc.) and ascertains whether it is likely that the same device that previously clicked on a deep link is the same device that installed and downloaded that particular App. If our technology has a reasonable level of confidence that it is the same device, the Service merges the information collected prior to the App being installed with the information collected post App install. This enables our Clients to better understand which deep links are effective, enables them to better understand their advertising and marketing programs and enables them to customize their User’s experience with their Apps.

Data Integrity, Purpose Limitation

We process information in a way that is compatible with and relevant for the purpose for which it was collected as described below. To the extent necessary for those purposes, we take reasonable steps to ensure that any information in our care is accurate, complete, current and reliable for its intended use.

OUR CLIENTS’ USE OF INFORMATION

Our Clients generally use the information collected via the Service to better understand their App marketing programs, to better understand how Users discover their Apps, and to customize their Users’ app experiences. For example, a retailer might want to direct some of their Users to the section of the App that offers shoes, while directing other Users to the section of the App that offers shirts. Some App developers might even want to place shoes into an App’s shopping cart for Users that indicated a strong interest in buying a particular pair of shoes prior to downloading that App. We require that our Clients utilize our Service responsibly and in accordance with our Terms and Conditions of Service. Branch Metrics is not responsible for the data practices of any of our Clients. Each Client’s practices are subject to each Client’s individual privacy policies. Users should review the privacy policy of any company prior to sharing their information.

BRANCH METRICS’ USE OF INFORMATION

Branch Metrics reserves the right to use the information in our possession for the following purposes: (1) to fulfill Clients and prospective Clients’ requests for the Services; (2) to improve our Website and Services; (3) to contact Clients and Uses to answer questions or resolve problems; (4) to send information about Branch Metrics Services including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages; (5) to communicate with you about products and services offered by Branch Metrics and our selected partners; (6) to conduct research; (7) to create analytics products and services; and (8) to make the Website easier to use by reducing the need for Clients and Users to enter information.

Branch Metrics may also utilize information collected via the Website or the Service to better understand how Users come to download certain mobile Apps, what types of Apps are popular, what characteristics Users of certain Apps may have in common, and the connections between Users’ devices.

OPT-OUT – YOUR CHOICE MECHANISMS

Mobile O/S Choice Mechanisms and Do Not Track

Branch Metrics recognizes a number of consumer choice mechanisms. This includes the mobile device settings for Android and Apple iOS devices as well as Do Not Track signals coming from Internet browsers. These choice mechanisms generally restrict Branch Metrics ability to target advertising messages, which is not currently part of our Services.

To exercise the mobile device settings opt-out, please visit the privacy settings of your Android or iOS device and select “limit ad tracking” (Apple iOS) or “opt-out of interest based ads” (Android). Where Branch Metrics is able to see that such a selection has been made, we will not use information collected from that device to target advertising on mobile applications.

To exercise the Do Not Track settings, please visit the privacy settings of your browser. Where Branch Metrics is able to see that such a selection has been made, we will not use information collected from that device to target advertising on that browser.

Opt-out from promotional emails

In addition, you can opt-out of receiving promotional emails from us by following the instructions in those emails. If you opt-out, we may still send you non-promotional emails, such as certain updates about your account and/or use of the Services.

UPDATING YOUR INFORMATION AND CONTACT PREFERENCES

We provide Clients with a mechanism to access, review and update information via the Website. If you wish to review or update your information, please visit branch.io and login using the user name and password you created. Next, please select "Account” which can be found in the lower left corner of the dashboard screen. If you would like to delete your account, please email info@branch.io.

In addition, you can opt-out of receiving promotional emails from us by following the instructions in those emails. If you opt-out, we may still send you non-promotional emails, such as emails about your account. Under California law, California residents who have an established business relationship with us may choose to opt-out of the disclosure of personal information about them to third parties for such third parties' direct marketing purposes. As detailed above, our policy is not to disclose personal information collected online to a third party for direct marketing purposes without your approval. If you choose to opt- out at any time after granting approval, email privacy@branch.io.

HOW WE SHARE INFORMATION WITH OTHERS, ONWARD TRANSFER

Except as described in this policy, Branch Metrics does not rent, sell, or share personally identifiable information collected on the Websites or through the Branch Metrics Services with other people or nonaffiliated companies unless we have your consent, or under the following circumstances:

• With third party vendors, consultants and other service providers who work for us and need access to your information to do that work. These third parties are prohibited from using the information for purposes other than performing services for us;
• With our Clients and their agents;
• To comply with laws or to respond to lawful requests and legal process including to meet national security or law enforcement requirements, and in order to investigate, prevent, or take action regarding suspected, or actual prohibited activities, including but not limited to fraud and situations involving potential threats to the physical safety of any person;
• To protect the rights and property of Branch Metrics, our agents, customers, users, and others including to enforce our agreements, policies and terms of use;
• In connection with or during negotiation of any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company.
• We may also share aggregated or anonymized information without restriction.

Please note that Branch Metrics may be subject to liability as a result of our transfer of personal data to third parties.

WE SECURE YOUR PERSONAL INFORMATION

The security of your information is important to us, including but not limited to the PII collected via the Website and Services. Branch Metrics has implemented a number of technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. No method of transmission over the Internet or method of electronic storage is 100% secure; therefore, while the company strives to use commercially acceptable means to protect your information, it cannot guarantee absolute security.

OUR DATA RETENTION POLICY

We store PII such as email address or billing details for so long as you continue to have a business relationship with Branch Metrics and for a reasonable time thereafter for record keeping purposes. You may ask us to delete that information by following the instructions above. Branch will store Non-PII collected via our Services such as a User’s pseudonymous ID (e.g., cookie ID, IDFA, IP address, collectively, a “User ID”) so long as our systems continue to encounter that User ID. We remove the User ID within two years after our last encounter with that User ID. After a User ID is removed, Branch reserves the right to store the de-identified data set for up to five years.

OUR POLICY REGARDING CHILDREN

Neither the Branch Metrics Website nor the Services are directed to children. We do not knowingly collect PII from anyone under the age of 13. If you are under 13, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. No one under the age of 13 may provide any personal information to us. In the event that we learn that we have collected PII from a child under age 13 we will take reasonable steps to delete that information as quickly as possible. If you believe that we might have any information from or about a child under the age of 13, please contact us at privacy@branch.io.

THIRD PARTY TOOLS/ANALYTICS ON THE WEBSITE

The Website utilizes third party tracking tools from third party service providers, which may enable these third parties to analyze our Website traffic for analytics purposes. The Website also includes social media tools, such as the Facebook Like button. Such tools may collect information such as your IP address and which page you are visiting on our Website, and may set a cookie to enable the feature to function properly or to tailor or personalize the services of the company providing the feature. All of these tools are hosted by the third parties who provide them, and your interactions with these features are governed by the privacy policy of the company providing it.

INTERNATIONAL DATA TRANSFERS

All information we have is stored on servers located in the United States. In the process of providing our Website or the Services, we may transfer information across borders from your country or jurisdiction into the United States. With the exception of data transfers from the EU and Switzerland, by providing Branch with your personal information, you hereby consent to the transfer of information to the U.S.

Privacy Shield

Branch complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.  Branch has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. We are subject to the investigatory and enforcement powers of the FTC with respect to our adherence to Privacy Shield. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page once it is available, please visit https://www.privacyshield.gov.

Safe Harbor Privacy Principles

Branch complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. We have certified that Branch adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. If there is any conflict between the policies in this privacy policy and the Safe Harbor Principles, the Safe Harbor Principles shall govern. To learn more about the Safe Harbor program, and to view our certification page, please visit http://2016.export.gov/safeharbor/swiss/.

QUESTIONS, CHANGES TO THIS PRIVACY POLICY

We may change this Policy at any time. We will post all changes to this Policy on this page and will indicate at the top of the page the modified policy's effective date. If you have any questions or suggestions regarding this Policy, please contact us at:

Attn: Privacy Officer
Branch Metrics, Inc.
1400 Seaport Blvd
Building B, 2nd Floor
Redwood City, CA 94063
privacy@branch.io

Privacy Complaints by European Union and Swiss Residents

In compliance with the Privacy Shield and U.S.-EU and U.S.-Swiss Safe Harbor Principles, Branch Metrics commits to resolve complaints about your privacy and our collection or use of your personal information. Persons located in the European Union and Switzerland who have inquiries or complaints regarding this privacy policy should first contact us at privacy@branch.io.

We have further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to the BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

We have further committed to refer unresolved privacy complaints under the Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU Safe Harbor, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by the privacy department at Branch Metrics, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.