BranchUp offers a suite of social media content and marketing services to eligible account holders (available in Enterprise, and other plans) that are accessible via our websites www.branchup.com and www.branchup.travel (the “Websites”). The Service include placing Social Media posts (“Posts”) on your behalf to individual recipients. These tools allow you to bring together all of your marketing tools for easy access and management through a single online portal. Through this portal, you can manage your social media and marketing campaigns; engage with your audiences; schedule and publish messages; and analyze the results of these activities. Collectively, we refer to these tools as our “Services”.
Any collection, use, and management of personal information by the social networks, including Facebook, Instagram, Twitter, and LinkedIn (collectively, the “Social Networks”) are governed by their respective privacy policies and terms. When using Social Networks, you are required to comply with their privacy policies and terms. We recommend you carefully review their privacy policies and terms, as BranchUp is not responsible for the Social Networks.
Our Services also enable you to customize and connect your BranchUp account to third-party services (“Third-Party Services”), which may be available to you via our portal/dashboard. The collection of your information by these third parties is governed by the Third-Party Services’ privacy policies and terms. We recommend you carefully review their privacy policies and terms, as BranchUp is not responsible for Third-Party Services.
Our Services are not intended for use by children and should only be accessed by individuals who are at least 18 years old and are using the Services for business purposes.
We collect information about you as reasonably necessary for the following activities:
We collect the following information when you use our Services:
If you choose to participate in our surveys, contests, events (such as webinars and in-person events), or those in which we are affiliated, or request information from us about our Services, we may collect information about you related to the survey, contest, or event; your contact information, such as your name, email address, telephone number, organization name and address; and general information about your organization that you choose to provide, such as annual company revenue, number of employees, and industry.
We may also use service providers to obtain additional business related information about your company such as the organization’s legal name, size, and publicly available revenue, to assist us in offering services that are appropriate to your organization’s needs.
In addition, we may collect information on email open and click rates, including whether individuals clicked on links, and which web pages are visited after opening the email.
Our careers site collects information you choose to provide to us when applying for employment, which may include contact information, education and employment history, credentials, and LinkedIn profile information.
When you browse our websites, we collect information about you as described below, some of which is collected automatically:
We use your information for the purposes described below:
We use your contact information where appropriate to send you information about our Services, events, marketing communications (consistent with your preferences—see “Marketing emails, advertising and website browsing” below), and job opportunities. We also use email statistics, such as open rates, to assess the effectiveness of, and to make improvements to our communications.
We use information about you to help us understand usage patterns and other activities on our websites and applications so that we can diagnose problems and make improvements, including enhancing usability and security.
When using our Services, you may access, update, or correct most of your Account information by logging in to your account to edit your profile or organization record.
If you have requests that cannot be carried out by logging in to your account, such as accessing additional information or deleting information about you, please email our privacy team. Please note that we may need to retain certain information about you for as long as you maintain an account for our Services, to provide you with our Services, for record keeping purposes, for payment processing, to comply with our legal and regulatory obligations, to resolve disputes, or to enforce the applicable terms of service or other agreement in place between you (or your organization) and BranchUp (the “Terms of Service”).
Requests to access, correct, or delete your information will be handled within thirty (30) days unless they are unusually extensive or complex, in which case we will advise you of the expected timeline for handling your request.
You can contact our Support team for other general requests about your account by your preferred method listed here.
For marketing communications, you may opt out of marketing communications sent by BranchUp by clicking on the unsubscribe link in the marketing email you receive.
BranchUp participates in interest-based advertising (where you may have visited our websites or another website which allows us to display advertising relating to our Services). The Network Advertising Initiative has developed a tool that may help you understand which third parties have currently enabled cookies for your browser and how to opt out of those cookies. For more information and to opt out of interest-based advertising, you can visit this page.
BranchUp does not rent or sell your information. We restrict access to your information to authorized employees and we do not share your information with third parties except in the circumstances explained below.
Our employees and authorized contractors may need to access information about you when they require this to perform their job. For example, a customer support representative would need access to your account to validate your identity and respond to your question or request; our email communications team would need access to your contact information to ensure this information is sent correctly and any unsubscribe requests are properly managed; and our security staff would need to review information to investigate attempted denial of service attacks, fraudulent account activity, or other attempts to compromise the Services.
All our employees and contractors are required to agree to maintain the confidentiality and protect the privacy of your information.
We will share limited information about you to authorized service providers we use for marketing services, communicating with you, managing our customer database, the provision of professional services, and providing and managing the Services (including hosting data centers, securing our Services, and payment processing).
We limit the number of service providers who are permitted to process your Content for the purpose of assisting us in delivering the Services. We refer to these service providers as “sub-processors” and they are listed on this page.
Where you have purchased a service from a partner, we may provide information about you to (and may receive information about you from) the partner as necessary to support your use of the service you purchased.
Where you are using our Services and have chosen to connect your Social Networks to the Services, or if you authorize a Third-Party Service to access your account, you are agreeing to provide information about you to the Social Networks and the Third-Party Services under their respective terms and privacy policies.
Where your employer or an entity has purchased Services on your behalf, we may disclose information about you such as your name and email address, and some usage information including whether a user has logged in to the Service, frequency of login, time spent using the Services to assist your employer or the entity in managing its use and maximizing the value of the Services.
We may need to disclose information about you where we believe that it is reasonably necessary to comply with a law or regulation, or if we are otherwise legally required to do so, such as in response to a court order or legal process, or to establish, protect, or exercise our legal rights or to defend against legal claims or demands.
In addition, we may be required to disclose information about you if we believe it is necessary to investigate, prevent, or take action: (a) against illegal activities, fraud, situations involving potential threats to our rights or property (or to the rights or property of those who use our Services), or to protect the personal safety of any person; or (b) regarding situations that involve the security of our Services, abuse of the Services infrastructure, or the Internet in general (such as voluminous spamming, or denial of service attacks).
Under the General Data Protection Regulation (GDPR) and other data protection laws, information about you may only be transferred from your region to other regions if certain requirements are met. For instance, under the GDPR, information about you may be transferred from the European Economic Area (EEA) to outside the EEA if adequate data protections are in place. Our Services are managed by BranchUp’s headquarters in Canada. As the European Commission considers Canada to be a country which provides adequate data protection, information about you may be transferred from the EEA to Canada.
BranchUp also uses third-party service providers, such as managed hosting providers, credit card processors, and technology partners to provide the software, networking, infrastructure and other services required to operate the Services. These third-party providers may process or store personal data on servers outside of the EEA and Switzerland, including in Canada or the US. We rely on adequacy (if sent to Canada), the service provider’s registration in the EU-US Privacy Shield and Swiss-US Privacy Shield (if sent to the US), and/or standard contractual clauses (if sent to the US or onward to other countries) to ensure that information about you is lawfully transferred under EU law.
The third-party service providers we use to help us deliver the Services and which process your Content are referred to as “sub-processors” and are listed on this page.
By its nature, social media data can be shared with people around the globe. The Social Networks and Third-Party Services that you choose to integrate with our Services may collect, store, and process your information from various locations around the world according to their own terms and privacy policies.
BranchUp maintains industry standard security safeguards to protect your information. This includes ensuring our employees receive appropriate security and privacy training and guidance so they are aware of the measures they need to implement to protect your information.
Access controls are in place to limit access to your information to those who need it to perform their jobs. For example, information about you may be provided to our customer support specialists to help you with your requests. Individuals who are permitted to handle your information must adhere to confidentiality obligations.
We encrypt data where appropriate to ensure that your information is kept private. We undertake vendor security and privacy reviews to ensure that vendors follow our stringent requirements to safeguard your information, and we also enter into data protection agreements with our vendors. All payment information is fully encrypted and handled only by PCI certified organizations.
More detailed information on our security practices is available in our Trust Center.
In general BranchUp does not permanently store Content from Social Networks. Rather, when you login to the Services, we retrieve data from Social Networks in real time so that it is displayed in the portal for viewing during your session. We store other Content that you produce (such as draft Content for publication on Social Networks) so that you can easily access this material on the Services.
Aggregated data is used by BranchUp for analysis, product improvement, and troubleshooting purposes. In some cases, Content may continue to exist on the Social Networks even after you or we delete it from our Services, and you will need to contact the relevant Social Network directly if you want it to remove this Content.
We retain your information only as long as required to provide the Services requested by you, for record keeping purposes, to comply with our legal obligations, resolve disputes, and enforce the terms for the Services.
After it is no longer necessary for us to retain information about you, we will dispose of it in a secure manner or anonymize the information.
Depending on the situation and the type of data involved, BranchUp may act as a data controller or a data processor.
BranchUp acts as a data controller when we are:
The legal bases for processing information about you include:
WhereBranchUp is acting as a data controller, we have outlined certain rights in the section “What are your rights regarding the information about you?”.
In addition, you may have the following rights:
If you would like assistance on any of the above requests, please email our privacy team with details of your request so that we may consider how we can help you.
Where you are using our Services and making decisions about the personal data that is being processed in the Services (including selecting the Social Network accounts you wish to connect to the Services, or uploading and using Content), you are acting as a data controller and BranchUp is acting as a data processor.
There are certain obligations under the GDPR that you have as a data controller, including being responsible for managing Content on the Services. As a data processor, BranchUp will only access and process Content to provide you with the Services in accordance with your instructions (which you provide through the Services), the Terms of Service, the Social Networks’ terms, and applicable laws. As part of delivering the Services, we may process Content to further improve the Services, such as enhancing usability and developing new features.
If you, as a data controller, require BranchUp to agree to data protection requirements under Article 28, GDPR, or under UK data protection laws, BranchUp makes available a data processing addendum that meets these requirements. Please email your customer details (organization name and plan information) with your request to our Privacy team here.
If you are using the Services as an authorized user of a BranchUp customer (whether that customer is your employer, another organization, or an individual), that customer determines its own policies (if any) regarding storage, access, modification, deletion, sharing, and retention of personal information and Content, which may apply to your use of the Services. Please check with that customer about the policies and settings it has in place.
If you are a consumer as defined in the California Consumer Privacy Act (CCPA), the following provisions apply to you. Definitions of terms are set out in the CCPA.
We have outlined certain rights in the section “What are your rights regarding the information about you?”
Under the CCPA, you may have the following specific rights:
You may exercise your rights by emailing our Privacy team. If your organization requires a CCPA addendum, please email us your customer details (organization name and plan information) with your request here.
While we disclose personal information to service providers for the purpose of managing our relationship with you (e.g. distributing marketing communications) and providing the Services, we do not sell your personal information.
If you have any questions, concerns or feedback, please email our Privacy team and Privacy Officer/Data Protection Officer; or send a letter to:
BranchUp Technologies Inc.
638 Millbank Vancouver, BC
Canada V5Z 4B7
Attn: BranchUp Privacy Team
If we are unable to resolve your concerns, you also have the right to contact your local data protection authority.