Brigade Privacy Policy

Effective date: May 6, 2024

Welcome to the Brigade Privacy. This is where we describe how we handle your “Personal Data”, which is information that is directly linked or can be linked to you. It applies to the Personal Data that Mixed Ingredients AB, processes as the “Data Controller” when you interact with websites, applications, and services that display this Policy (collectively, “Services”). This Policy does not apply to services or products that do not display this Policy, such as Previews, where relevant.

Third Party Access and Data Protection

When you use third-party extensions, integrations, or follow references and links within our Services, the privacy policies of these third parties apply to any Personal Data you provide or consent to share with them. Their privacy statements will govern how this data is processed.

Personal Data We Collect

Personal Data is collected from you directly, automatically from your device, and also from third parties. The Personal Data Brigade processes when you use the Services depends on variables like how you interact with our Services and the features you use. Below, we detail the information we collect through each of these channels:

From You

Account Data: We collect certain information when you open an account such as your name, email address, payment information and transaction information.
User Content and Files: When you use our Services, we collect Personal Data included as part of the information you provide such as inputs, text, documents, images, or feedback.
Feedback Data: This consists of information you submit through surveys, reviews, or interactive features.
Payment Information: For paid subscriptions, we collect details like name, billing address, and payment specifics.
Sales and Marketing Data: This includes information provided for promotional communications, such as name, email address, and company name.
Support Data: When you seek customer support, we collect details like text or multimedia files.

Automatically

Buttons, Tools, and Content from Other Companies: Our Services may contain links or buttons that lead to third-party services like Instagram or LinkedIn. Use of these features may result in data collection. Engaging with these buttons, tools, or content may automatically send certain browser information to these companies. Please review the privacy statements of these companies for more information.
Essential Cookies and Similar Tracking Technologies: We use cookies and similar technologies to provide essential functionality like storing settings and recognizing you while using our Services.
Non-essential Cookies: Depending on your jurisdiction, we may use online analytics products that use cookies to help us analyze how de-identified users use our Services and to enhance your experience when you use the Services. We may also employ third-party Cookies to gather data for interest-based advertising. In some jurisdictions, we only use non-essential cookies after obtaining your consent. See this section for more details and control options.
Email Marketing Interactions: Our emails may have web beacons that offer information on your device type, email client, email reception, opens, and link clicks.
Geolocation Information: Depending on the Service’s functionality, we collect regional geolocation data
Service Usage Information: We collect data about your interactions with the Services, such as IP address, device information, session details, date and time of requests, device type and ID, operating system and application version, information related to your contributions to repositories, and performance of specific features or Services.
Website Usage Data: We automatically log data about your Website interactions, including the referring site, date and time of visit, pages viewed, and links clicked.

From Third Parties

Information from Other Users of the Services: Other users may share information about you when they submit issues and comments. We may also receive information about you if you are identified as a representative or administrator on your company’s account.
Publicly Available Sources: We may acquire information about you from publicly available sources.
Services you linked to your Brigade account: When you or your administrator integrate third-party apps or services with our Services, we receive information based on your settings with those services. This can include details like your name and email from services like Google for authentication. The information we receive depends on the third-party’s settings and privacy policies. Always review these to understand what data is shared with our Services.
Vendors, Partners, and Affiliates: We may receive information about you from third parties, like vendors, resellers, partners, or affiliates for the purposes outlined in this policy.

Processing Purposes: How We Use Your Personal Data

The Personal Data we process depends on your interaction and access methods with our Services, including the interfaces and features used. This section details all the potential ways Brigade may process your Personal Data:

Business Operations: We use Personal Data for activities like billing, accounting, and compensation. This includes creating aggregated statistical data for internal reporting, financial reporting, revenue planning, capacity planning, and forecast modeling (including product strategy).
Communication: We use Personal Data to inform you about new Services, features, offers, promotions, and other pertinent information. This also includes sending confirmations, invoices, technical notices, updates, security alerts, and administrative messages.
Inference: We generate new information from other data we collect to derive likely preferences or other characteristics. For instance, we infer your general geographic location based on your IP address.
Personalization: We use Personal Data to customize the Service to your preferences, to evaluate the effectiveness of enterprise business ads and promotional communications, and to ensure a seamless and consistent user experience.
Safety and Security: To promote safety, integrity, and security across our Services, we process Personal Data, using both automated and, at times, manual techniques for abuse detection, prevention, and violations of terms of service.
Service Provision: We use Personal Data to deliver and update our Services as configured and used by You, and to make ongoing personalized experiences and recommendations.
Troubleshooting: We use Personal Data to identify and resolve technical issues.
Ongoing Service Performance: Personal Data helps us keep the Services up to date and performant, and meet user productivity, reliability, efficacy, quality, privacy, accessibility and security needs.
Complying with and resolving legal obligations: including responding to Data Subject Requests for Personal Data processed by Brigade as Controller (for example website data), tax requirements, agreements and disputes.
Delivering Professional Services: We use Personal Data to deliver training, consulting or implementation (“Professional Services”). This includes providing technical support, professional planning, advice, guidance, data migration, deployment, and solution/software development services.
Improving Professional Services: Enhancing delivery, efficacy, quality, and security of Professional Services and the underlying product(s) based on issues identified while providing Professional Services, including fixing software defects, and otherwise keeping the Professional Services up to date and performant.

When carrying out these activities, Brigade practices data minimization and uses the minimum amount of Personal Information required.

We may share Personal Data with the following recipients:

Abuse and Fraud Prevention Entities: We may disclose Personal Data based on a good faith belief it is needed to prevent fraud, abuse, or attacks on our Services, or to protect the safety of Brigade and our users.
Affiliates: Personal Data may be shared with Brigade affiliates to facilitate customer service, marketing and advertising, order fulfillment, billing, technical support, and legal and compliance obligations. Our affiliates may only use the Personal Data in a manner consistent with this Privacy Policy.
Brigade Organization Accounts: If an organization adds you to their Brigade account, we might share Personal Data with that organization to fulfill the commercial relationship. In such a case, your use of the Services is protected by a data protection agreement and terms between your organization and Brigade
Competent Authorities: We may disclose Personal Data to authorized law enforcement, regulators, courts, or other public authorities in response to lawful requests or to protect our rights and safety.
Corporate Transaction Entities: we might disclose Personal Data within the limits of the law and in accordance with this Privacy Policy for strategic business transactions such as sales or a merger.
Partners and Resellers: We cooperate with third-parties that offer sales, consulting, support, and technical services for our Services. We may share your data with these partners and resellers where allowed, and with your consent when required.
Subprocessors and Service Providers: We may use vendors to provide services on our behalf, including hosting, marketing, advertising, social, analytics, support ticketing, credit card processing, or security services. They are bound by contractual obligations to ensure the security, privacy, and confidentiality of your information. Please visit Brigade Subprocessors to see our list of Subprocessors.

Organization content

If your Brigade account is the owner of organizations, you control the access to that information. Brigade personnel does not access organization content information without your consent except as provided in this Privacy Policy and for:

security purposes
automated scanning for content known to violate our Terms of Service
to assist the organization owner with a support matter
to maintain the integrity of the Services, or
to comply with our legal obligations if we have reason to believe the contents are in violation of the law.

Brigade will provide you with notice regarding organization content access unless doing so is prohibited by law or if Brigade acted in response to a security threat or other risk to security.

Lawful Bases for Processing Personal Data

Brigade processes Personal Data in compliance with the GDPR, ensuring a lawful basis for each processing activity. The basis varies depending on the data type and the context, including how you access the services. Our processing activities typically fall under these lawful bases:

Contractual Necessity: Processing is required to fulfill our contractual duties to you, in accordance with the Brigade Terms of Service.
Legal Obligation: We process data when it’s necessary to comply with applicable laws or to protect the rights, safety, and property of Brigade, our affiliates, users, or third parties.
Legitimate Interests: We process data for purposes that are in our legitimate interests, such as securing our Services, communicating with you, and improving our Services. This is done only when these interests are not overridden by your data protection rights or your fundamental rights and freedoms.
Consent: We process data when you have explicitly consented to such processing. When we rely on consent as the legal basis, you have the right to withdraw your consent for data processing at any time. The procedures for withdrawal are detailed in this Policy and available on our website.

Your Privacy Rights

Depending on your residence location, you may have specific legal rights regarding your Personal Data:

The right to access the data collected about you
The right to request detailed information about the specific types of Personal Data we’ve collected over the past 12 months, including data disclosed for business purposes
The right to rectify or update inaccurate or incomplete Personal Data under certain circumstances
The right to erase or limit the processing of your Personal Data under specific conditions
The right to object to the processing of your Personal Data, as allowed by applicable law
The right to withdraw consent, where processing is based on your consent
The right to receive your collected Personal Data in a structured, commonly used, and machine-readable format to facilitate its transfer to another company, where technically feasible

To exercise these rights, please send an email to support@getbrigade.com and follow the instructions provided. To verify your identity for security, we may request extra information before addressing your data-related request. Depending on your region, you have the right to complain to your local Data Protection Authority. European users can find authority contacts on the European Data Protection Board website, and UK users on the Information Commissioner’s Office website.

We aim to promptly respond to requests in compliance with legal requirements. Please note that we may retain certain data as necessary for legal obligations or for establishing, exercising, or defending legal claims.

International data transfers

Brigade stores and processes Personal Data in a variety of locations, including your local region, the United States, and other countries where Brigade, its affiliates, subsidiaries, or subprocessors have operations. We transfer Personal Data from the European Union, the United Kingdom, and Switzerland to countries that the European Commission has not recognized as having an adequate level of data protection. When we engage in such transfers, we generally rely on the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Brigade processes personal data, see this article on the European Commission website.

Security and Retention

Brigade uses appropriate administrative, technical, and physical security controls to protect your Personal Data. We’ll retain your Personal Data as long as your account is active and as needed to fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. The retention duration depends on the purpose of data collection and any legal obligations.

Security

Brigade uses administrative, technical, and physical security controls where appropriate to protect your Personal Data.

Contact Us

Our address is:

Mixed Ingredients AB
c/o Jon Oskar Restaurang AB
Strandgatan 32
931 31 Skellefteå
Sweden

Information for Minors

Our Services are not intended for individuals under the age of 13. We do not intentionally gather Personal Data from such individuals. If you become aware that a minor has provided us with Personal Data, please notify us.

Changes to Our Privacy Policy

Brigde may periodically revise this Privacy Policy. If there are material changes to the policy, we will provide at least 30 days prior notice by updating our website or sending an email to your primary email address associated with your Brigade account.

Our use of cookies and tracking technologies

Cookies and tracking technologies

Brigade uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to (i) keep you logged in, (ii) remember your preferences, (iii) identify your device for security and fraud purposes, including as needed to maintain the integrity of our Service, (iv) compile statistical reports, and (v) provide information and insight for future development of Brigade. We provide more information about cookies on Brigade that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.

Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data.

What are cookies and similar technologies?

We use cookies and similar technologies, such as web beacons, local storage, and mobile analytics, to operate and provide our Services.

Cookies are small text files stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.

Web beacons are electronic images (also called “single-pixel” or “clear GIFs”) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content.

Mobile identifiers for analytics can be accessed and used by apps on mobile devices in much the same way that websites access and use cookies.

We may also use so-called “flash cookies” (also known as “Local Shared Objects” or “LSOs”) to collect and store information about your use of our Services. Flash cookies are commonly used for advertisements and videos.

How do we and our partners use cookies and similar technologies?

The Brigade Services use cookies and similar technologies for a variety of purposes, including to store your preferences and settings, enable you to sign-in, analyze how our Services perform, track your interaction with the Services, develop inferences, combat fraud, and fulfill other legitimate purposes. Some of these cookies and technologies may be provided by third parties, including service providers and advertising partners. For example, our analytics and advertising partners may use these technologies in our Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) related to your online activities over time and across Services for various purposes, including targeted advertising.

We and/or our partners also share the information we collect or infer with third parties for these purposes.

The table below provides additional information about how we use different types of cookies:

Purpose	Description
Required Cookies	Brigade uses required cookies to perform essential website functions and to provide the services. For example, cookies are used to log you in, save your language preferences, provide a shopping cart experience, improve performance, route traffic between web servers, detect the size of your screen, determine page load times, improve user experience, and for audience measurement. These cookies are necessary for our websites to work.
Analytics	We allow third parties to use analytics cookies to understand how you use our websites so we can make them better. For example, cookies are used to gather information about the pages you visit and how many clicks you need to accomplish a task. We also use some analytics cookies to provide personalized advertising.
Social Media	Brigade and third parties use social media cookies to show you ads and content based on your social media profiles and activity on Brigade’s websites. This ensures that the ads and content you see on our websites and on social media will better reflect your interests. This also enables third parties to develop and improve their products, which they may use on websites that are not owned or operated by Brigade.
Advertising	In addition, Brigade and third parties use advertising cookies to show you new ads based on ads you’ve already seen. Cookies also track which ads you click or purchases you make after clicking an ad. This is done both for payment purposes and to show you ads that are more relevant to you. For example, cookies are used to detect when you click an ad and to show you ads based on your social media interests and website browsing history.

You can control the cookies you encounter on the web using a variety of widely-available tools. For example:

If your browser sends a Do Not Track (DNT) signal, Brigade will not set non-essential cookies and will not load third party resources which set non-essential cookies.
Many browsers provide cookie controls which may limit the types of cookies you encounter online. Check out the documentation for your browser to learn more.
If you enable a browser extension designed to block tracking, such as Privacy Badger, non-essential cookies set by a website or third parties may be disabled.
If you enable a browser extension designed to block unwanted content, such as uBlock Origin, non-essential cookies will be disabled to the extent that content that sets non-essential cookies will be blocked.
Advertising controls. Our advertising partners may participate in associations that provide simple ways to opt out of ad targeting, which you can access at:
- United States: NAI and DAA
- Canada: Digital Advertising Alliance of Canada
- Europe: European Digital Advertising Alliance

These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.