Privacy Policy for Brave Technology Co-Op

Privacy—yours and all of our users’—is very important to us. This privacy policy explains how personal information is used and protected. Information requested or provided other than through the Brave Button System (the “Buttons”) will contain separate privacy terms and conditions. This statement explains how we deal with personal information that is obtained via the Buttons. We respect the privacy of our users and ensure that any personal information we receive or transmit will be protected and treated confidentially.

Brave’s CEO, Gordon Casey, is in charge of protecting personal information and, accordingly, also serves as our Privacy Officer. You can reach him in this capacity via dataprotection@brave.coop or over the phone at 1-833-833-2100.

Definitions

Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
User – a natural person whose Personal Data is being Processed.
We/us (either capitalized or not) – Brave Technology Co-Op.

Data Protection Principles

We promise to follow the following data protection principles:

  • Processing is and will at all times be lawful, fair, and transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
  • Processing is limited to the purposes described in this Privacy Policy. Our Processing activities fit the purpose for which Personal Data was gathered.
  • Processing is done with the least required data. We only gather and Process the minimum amount of Personal Data required for any purpose for which personal data is processed.
  • Processing is limited with a time period. We will not store your personal data for longer than needed.
  • We will do our best to ensure the accuracy of data.
  • We will do our best to ensure the integrity and confidentiality of data.

User's Rights

The User has the following rights (applies to EU citizens only):

  • Right to information – meaning you have the right to know whether your Personal Data is being processed; what data is being gathered, from where it is obtained and why and by whom it is processed.
  • Right to access – meaning you have the right to access the data collected from/about you. This includes the right to request and obtain a copy of your Personal Data gathered.
  • Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
  • Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
  • Right to restrict Processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
  • Right to object to Processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
  • Right to object to automated Processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
  • Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
  • Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled please contact us.
  • Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
  • Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data.

Type of Information Gathered

The Button registration process may require individual users to share their location and phone numbers, sign waivers or acknowledgement of acceptance of terms and conditions. Users of the Buttons may also choose to provide additional identifying information at registration and through feedback, whether offered or solicited by Brave or an industry partner such as a health authority, housing provider or other body providing services to the User. In addition, Button users may opt to use other services offered by Brave, which will be subject to a similar Privacy Policy and additional terms of use.

When using the Site, you may also use the services offered by other parties. This privacy policy does not apply to the practices of companies that we do not own or control, or to people that we do not employ or manage. Please check the privacy practices of these other companies or persons (if any) to understand how they treat the personally identifiable information that you provide to them and contact them if you have any concerns.

How We Use Your Personal Data

We use your Personal Data to provide our service to you. With your consent we use your Personal Data for the following purposes:

  • To support the prevention of harmful drug overdose and provide access to emergency services and/or community support in the event of an overdose or other drug related injury or illness.
  • To request intervention by emergency medical services and/or community support in the event of overdose, illness, or injury related to drug use.

We may also Process your Personal Data in order to fulfill an obligation arising from law. We reserve the right to anonymize Personal Data gathered and to use any such data. We will use data outside the scope of this Policy only when it is anonymized.

We might Process your Personal Data for additional purposes that are not mentioned here, but are compatible with the original purpose for which the data was gathered. While we are reserving the right to use your data for additional purposes, we will ensure that those uses further our purpose of preventing accidental drug overdose deaths and offering services to people who reach out to us for this purpose. To do this, we will ensure that:

  • the link between purposes, context and nature of Personal Data is suitable for further Processing;
  • the further Processing would not harm your interests and
  • there would be appropriate safeguard for Processing.

We will inform you of any further Processing and purposes.

How We Secure Your Data

We do our best to keep your Personal Data safe.  We use safe protocols for communication and transferring data (such as HTTPS). We use anonymizing and pseudonymizing where suitable. We monitor our systems for possible vulnerabilities and attacks. If we share personal information with others, we subject them to strict contractual and legal controls regarding the protection, use, and disclosure of the information. If we share anonymous or de-identified data with third parties, we will contractually require them to keep it in de-identified form and forbid them to make any attempt to re-identify the data or allow others to do so.

Even though we try our best we cannot guarantee the security of information. There is always some risk that unauthorized, wrongful, or illegal access to your information, however, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

If you have an account with us, note that you have to keep your username and password secret.

Online Tracking

We may use cookies, web beacons, and similar technologies to help us verify your identity upon return to our technology, and improve your user experience with our services. No other parties will be able to collect your personally identifiable information while they are using the Buttons or using our services. Where applicable, we will not collect personally identifiable information about your activities over time and across third-party web sites or online services whether or not we receive a Do Not Track signal.

A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make sites work. In the event that the Buttons use Cookies, only we will be able to access those cookies. You can control your cookies at the browser level. Choosing to disable cookies may hinder your use of certain functions.

You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

Consent Regarding Communications Between Us

For contractual purposes, you (a) consent to receive all communications from us, including any possible newsletters or messages about security incidents, in electronic form via your account in the Site or, if applicable, via the email address you submit when you register, and (b) agree that all Terms, agreements, notices, disclosures and other communications that we provide to you electronically satisfy any legal requirement that such communications would satisfy if they were in writing. Emails we send to you will contain an easy automated unsubscribe link so that you can opt-out of the subscription. Simply follow the indications in the email.

Individual Choice and Access

You have choices in the collection, use, and sharing of your personal information:

If you do not want us to have your information, do not register to use the Buttons. The Button system links to other technology and may in due course allow you to connect with other applications and websites or apps. Please read the privacy statements of any websites that you visit. Brave is not responsible for the privacy practices or the content of any connected technology. If you want to review and correct your personal information, please contact us and we would be glad to assist you (see Contact Information, below).

Retention Policy

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

Contact Us/Opt Out

Please contact us if you have any questions or comments about privacy, about how any information you send us may be used, if you are an EU citizen seeking erasure or access to your Personal Data, or if you want to opt out of receiving communications from us, at:

Brave Technology Co-Op
Email: dataprotection@brave.coop
Address: 308 - 877 E Hastings St, Vancouver, BC V6A 3Y1

It is your right to contact the Supervisory Authority should you have concerns, question, or need help enforcing your legal rights (EU citizens only).

Supervisory Authority

Email: info@dataprotection.ie
Phone: +353 57 868 4800

Updates

Modifications to this Privacy Policy that are editorial in nature or reflect changes in the services we offer will not require new consent. If we ever make material changes that would permit us to share your information more broadly than we have previously described, we will ask you to consent to the new Privacy Policy before it applies to you.

This Privacy Policy is effective 3 February 2019.