Research Project: This is a free AI research project. No warranties, SLAs, or company associations. Learn more

Privacy Policy

Last updated: December 22, 2024

Your Privacy Matters

BrainstormMSP is committed to protecting your privacy and maintaining the security of your data. This policy explains how we collect, use, and safeguard your information.

1. Information We Collect

We collect information that you provide directly to us, as well as information automatically collected when you use our services.

Information You Provide

  • Account information (name, email, company name, phone number)
  • Payment and billing information
  • Client data imported from your PSA or other integrations
  • Security control configurations and custom settings
  • Communications with our support team

Automatically Collected Information

  • Usage data and analytics (features used, session duration)
  • Device information (browser type, operating system, IP address)
  • Cookies and similar tracking technologies
  • Log files and error reports

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services:

  • Provide and operate the BrainstormMSP platform
  • Process transactions and send billing notifications
  • Evaluate security controls and generate compliance reports
  • Send product updates, security alerts, and support messages
  • Respond to your requests and provide customer support
  • Improve our services and develop new features
  • Detect, prevent, and address technical issues or fraud
  • Comply with legal obligations and enforce our terms

3. Data Sharing and Disclosure

We do not sell your personal information. We share information only in the following circumstances:

Service Providers

We work with third-party service providers to operate our platform. See our Subprocessors page for a complete list.

Legal Requirements

We may disclose information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights or the safety of others.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Data encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Secure database hosting on Supabase with row-level security
  • Regular security audits and penetration testing
  • Access controls and authentication (OAuth 2.0)
  • Automated backups and disaster recovery procedures
  • Employee training on data protection best practices

5. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. When you close your account, we delete or anonymize your data within 90 days, except where we must retain information for legal or regulatory compliance.

6. Your Rights

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing of your personal information
  • Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at [email protected]

7. Cookies and Tracking

We use cookies and similar technologies to improve your experience:

  • Essential cookies: Required for the platform to function
  • Analytics cookies: Help us understand how you use our services
  • Preference cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling certain cookies may limit functionality.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

9. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the platform. Your continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

General Inquiries: [email protected]

Address: United States

Terms of Service

Review our terms and conditions

Data Use Policy

How we use your data

Subprocessors

Our third-party service providers