Effective Date: 15 June 2025
Last Updated: 15 June 2025
1. INTRODUCTION
Brainiacs OÜ ("Brainiacs," "we," "us," or "our") respects your privacy and is committed to protecting personal data in accordance with applicable data protection laws. This Privacy Policy explains how we collect, use, and safeguard information in connection with our B2B lead generation services (the "Services").
This Privacy Policy applies to:
Our business customers ("Customers")
Individuals whose business contact information is processed through our Services ("Data Subjects")
Visitors to our website
2. DATA CONTROLLER INFORMATION
Brainiacs OÜ
Registry Code: 16905766
Registered Address: Ahtri tn 12, 15551 Harju maakond, Tallinn (Estonia)
Email: privacy@brainiacsai.com
Data Protection Contact: Espen Selland
3. TYPES OF DATA WE PROCESS
3.1 Customer Account Data
Company information
Account administrator contact details
Billing and payment is handled by Stripe
Service usage data
Communications with our support team
3.2 Business Contact Data
In providing our Services, we process publicly available business information including:
Professional contact information (name, business email, business phone)
Company affiliation and job title
Professional website URLs
Other publicly available professional information
3.3 Website Data
IP addresses ARE NOT TRACKED
Browser information
Cookies and similar technologies (see our Cookie Policy)
4. HOW WE COLLECT DATA
4.1 Direct Collection
We collect data directly from Customers when they:
Register for our Services
Contact our support team
Use our Services
4.2 Automated Collection
We collect business contact data through automated means from publicly accessible sources, including:
Public websites and directories
Professional networking platforms
Business registries
Other lawfully accessible public sources
4.3 Customer-Provided Data
Customers may provide data for matching and enrichment purposes through our Services.
5. LEGAL BASIS FOR PROCESSING
We process personal data based on the following legal grounds:
5.1 Contract Performance
Processing necessary to provide Services to our Customers.
5.2 Legitimate Interests
We process publicly available business contact data based on our legitimate interests in:
Providing B2B lead generation services
Supporting legitimate business development activities
Maintaining and improving our Services
We have conducted assessments to ensure these interests are balanced against the rights and interests of Data Subjects.
5.3 Legal Obligations
Processing necessary to comply with legal requirements.
5.4 Consent
Where required by law, we obtain consent for specific processing activities.
6. HOW WE USE DATA
6.1 Service Provision
Identifying potential business opportunities for our Customers
Enriching and contextualizing business data
Providing analytics and reporting
Customer support and service improvement
6.2 Business Operations
Billing and account management
Legal compliance
Service security and fraud prevention
Business analytics and improvement
6.3 Marketing
Marketing our Services to businesses (B2B only)
Sending service updates to Customers
7. DATA SHARING AND DISCLOSURE
7.1 With Customers
We share business contact data with our Customers as part of our Services. Customers are independent data controllers responsible for their use of such data.
7.2 Service Providers
We may share data with trusted service providers who assist us in operating our Services, subject to appropriate confidentiality and security obligations.
7.3 Legal Requirements
We may disclose data when required by law, court order, or governmental authority.
7.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, data may be transferred to the successor entity.
7.5 No Sale of Data
We do not sell personal data to third parties.
8. DATA LOCATION AND TRANSFERS
8.1 Data Processing Location
We process data within the European Economic Area (EEA). Our primary data processing occurs in Germany, with additional services provided within the EEA.
8.2 International Transfers
If data transfers outside the EEA become necessary, we will implement appropriate safeguards in accordance with applicable data protection laws.
9. DATA SECURITY
We implement appropriate technical and organizational measures to protect personal data, including:
Encryption of data at rest
Access controls and authentication
Regular security assessments
Employee training on data protection
While we strive to protect personal data, no method of transmission or storage is 100% secure.
10. DATA RETENTION
10.1 Retention Periods
We retain personal data for as long as necessary to:
Provide our Services
Comply with legal obligations
Resolve disputes and enforce agreements
10.2 Data Deletion
We periodically review and update our databases. Outdated or unnecessary data is removed in accordance with our retention policies.
11. YOUR RIGHTS
11.1 Data Subject Rights
If you are an individual whose data we process, you have the right to:
Access: Request information about what personal data we hold
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your data (subject to legal requirements)
Restriction: Request limitation of processing
Objection: Object to processing based on legitimate interests
Portability: Receive your data in a structured format (where applicable)
11.2 Exercising Your Rights
To exercise your rights, contact us at privacy@brainiacsai.com. We will respond within one month, subject to identity verification.
11.3 Opt-Out
Individuals may request to be excluded from our Services by contacting us at the above email address.
12. COOKIES AND TRACKING
We use cookies and similar technologies on our website. For detailed information, please see our Cookie Policy.
13. CHILDREN'S PRIVACY
Our Services are not directed to individuals under 18. We do not knowingly collect personal data from children.
14. CHANGES TO THIS POLICY
We may update this Privacy Policy periodically. We will notify Customers of material changes via email or through our Services. The "Last Updated" date reflects the most recent revision.
15. COMPLAINTS
If you have concerns about our data processing, you have the right to lodge a complaint with:
Our data protection contact (see Section 2)
The Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)
Your local supervisory authority