Sign In
Book a Demo
Last updated: March 2026
Privacy Policy

Website and Business Privacy Notice

Table of Contents

Introduction

We, Brandi AI, LLC (the “Company,” “we,” “us,” “our”), respect the privacy and data protection rights of our website visitors, business users, and business contacts.

This Privacy Notice (the “Notice”) describes the personal information we collect and the policies and procedures we use regarding personal information in each of the following contexts:

  • The data practices on our website mybrandi.ai (the “Website”).
  • Our relationship with representatives of existing and prospective customers and vendors (the “Representatives”), and the Representatives who log in to use our SaaS solution (“Portal Users”).

This Notice may be amended from time to time. We will post any changes to this Notice on our Website a reasonable time in advance of the effective date of the change, and we will also make efforts to proactively notify you by email of the changes to the Notice if we have your email address.

Our Website and Portal is not intended for visitors and users under 18. We do not knowingly collect their data.

Contact Us

If you have any questions, comments, or concerns regarding this Notice or our processing of your personal information, please contact us at [email protected].

What We Collect and Why

Scenario

Purposes

Examples of information processed

You contact us through our Website's demo form or in an email message

Our business development

Name, email address, your company affiliation, and any free-text content of your inquiry.

Our business relationship with customers

Administering the business and professional services relationship with customers. Facilitating the provision of support to customers.

Name, email address, company affiliation, position, phone number, country, past communications

Our business relationship with vendors and service providers

Administering the business relationship with vendors and service providers. Facilitating the Company's use of vendors' and service providers' products and services.

Name, email address, company affiliation, position, phone number, country, past communications

Portal Users accessing and using the Portal

Administering the relationship and service agreement we have with the company (business) using the Portal User. Facilitating the provision of the Portal and support for the Portal.

Name, username, email address, access authentication information, company; position; phone number; past communications; activities performed on the Portal

Website Analytics and Performance

Our business development, Website operation, and website improvement

The webpages of the Website and Portal that you accessed or viewed, your interactions with the content, IP addresses, browser information, device identifiers, and data collected through cookies and similar technologies. We obtain your consent before placing non-essential cookies.

Abuse of rights or violation of law

Responding to, handling, and mitigating suspected violations of law in connection with our business.

Any of the information mentioned above.

Methods and Sources for Collecting Your Personal Information

We collect personal information from several sources:

  • Directly from you when you provide it to us through email communications or an online form. You are not legally obligated to provide us with your personal information, but if you do not, we will be unable to handle or respond to your inquiry, maintain our business contact with you, or sign you up as a Portal User.
  • If another representative of your organization provides us with your information.

What We Collect and Why

We share your information in the following scenarios:

Scenario
Purposes
Third Parties

Service providers assisting with internal operations

Operating the Website and our business.

Cloud service providers

Abuse of rights or violation of law

Responding to, handling, and mitigating suspected violations of law.

Authorities, legal counsel, and advisors.

Judicial or regulatory authority request

Complying with a binding request from an authority.

Authorities.

Business reorganization (merger/acquisition)

Enabling a structural change in the operation of the Website and our business.

The target entity, legal counsel, and advisors.

Data Retention and Security

  • We retain your information for the duration necessary to operate the Website, the Portal, and our business, and to interact with customers and suppliers, and thereafter as needed for record-keeping purposes.

We will retain your information for the duration needed to support our ordinary business activities, operating the Website, the Portal, and interacting with existing and potential customers and suppliers. Thereafter, we will still retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims, and enforce our agreements. The overall period of retention is approximately seven years.

  • We implement measures to secure your information.
    • We implement appropriate technical and organizational measures to secure your information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, and staff training. While we maintain industry-standard security practices, no system can guarantee absolute security, and we continuously work to enhance our protective measures.
    •  

Additional Information for Individuals in the EU or UK

Controller

Brandi AI, LLC is the controller of the personal data described in this Notice.

International Data Transfers

To facilitate processing your information with our service providers, we will transfer your information to countries such as the United States. For transfers to countries without adequacy decisions, we implement appropriate safeguards, including Standard Contractual Clauses approved by the European Commission (2021/914/EU) and the UK International Data Transfer Addendum, supplemented by additional technical and organizational measures where necessary to ensure equivalent protection.

Legal Basis for Processing

Purpose or Scenario
Legal Basis

Responding to your inquiry via website forms or email

Legitimate interests in developing potential leads and responding to business inquiries

Administering business/service relationships with customers; Portal Users; support

Legitimate interests in administering the contractual relationship with customers and provision of service

Administering relationships with vendors and service providers

Legitimate interests in administering contractual obligations with service providers and vendors

Website analytics and performance

Your consent

Responding to suspected violations of law

Legitimate interests in defending against and enforcing against violations harmful to our business

Complying with a binding authority request

Legitimate interests in complying with mandatory legal requirements

Enabling structural business changes

Legitimate interests in our business continuity

Data Subject Rights

If you are in the EU or the UK, you have the following rights under the GDPR:

  • Right to withdraw consent that you previously gave, where the processing of your personal data is based on your consent.
  • Right to Access and receive a copy of your personal information that we process.
  • Right to Rectify inaccurate personal information we have concerning you and to have incomplete personal information completed.
  • Right to Data Portability, that is, to receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
  • Right to Object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims.
  • Right to Restrict us from processing your personal information (except for storing it) in certain circumstances, such as when you contest accuracy, processing is unlawful, we no longer need the data, or you have objected to processing.
  • Right to be Forgotten. Under certain circumstances, you have the right to ask us to erase your personal information. However, we may still process your personal information if it is necessary to comply with our legal obligations or for the establishment, exercise, or defense of legal claims.

If you wish to exercise any of these rights, please contact us through the channels listed in this Notice.

When you contact us, we reserve the right to request reasonable evidence to verify your identity before providing you with information. If we are unable to provide you with the requested information, we will explain the reason.

Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, you may lodge a complaint with the supervisory authority in the Member State of your residence, place of work, or place of alleged infringement of the GDPR.

If you are in the UK, you may lodge a complaint with the Information Commissioner’s Office (ICO).