Privacy Policy

Last updated: September 23, 2025

1. Introduction

Brazeno.com LLC (“Brazeno,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our messaging platform, AI chatbot services, and software development services (collectively, the “Services”). It also explains your choices and rights over your data.

Note: This Privacy Policy governs privacy practices only. For terms that limit or disclaim our liability, please review our Terms of Service. Where this Policy references protections, it does not waive any limitations in the Terms of Service.

2. Roles & Scope

Depending on how our Services are used, we may act as:

  • Data Controller (or “business”) for data we collect about our own website visitors, accounts, and marketing.
  • Data Processor (or “service provider”) for data we process on behalf of our customers (e.g., their end-user contact data and message content). In this role, we process information only under our customers’ instructions and our agreement with them, including any Data Processing Addendum (DPA).

3. Information We Collect

3.1 Personal Information You Provide

  • Name and contact information (email, phone)
  • Account credentials and profile details
  • Billing and payment information
  • Support communications and feedback
  • Communication preferences

3.2 Automatically Collected Information

  • Device information, IP address, browser type/version
  • Pages viewed, referring/exit pages, timestamps
  • API usage patterns, performance metrics
  • Log files, diagnostics, and error reports

3.3 Messaging Data (Customer End Users)

  • SMS, email, and voice message content (as directed by customers)
  • Recipient contact information
  • Delivery status, engagement metrics, and related metadata
  • Templates, segments, and campaign configuration

Customer Responsibility: Customers are responsible for having a lawful basis to send messages to their end users and for honoring opt-out/consent requirements applicable to their use case.

4. How We Use Information

  • Provide, operate, and maintain the Services
  • Authenticate users; manage accounts and billing
  • Send service-related communications and notifications
  • Improve performance, quality, and user experience
  • Prevent fraud/abuse, ensure security, and enforce policies
  • Comply with legal obligations and respond to lawful requests
  • Provide customer support and training

5. Legal Bases (EEA/UK only)

Where GDPR/UK GDPR applies, our processing may rely on: (i) performance of a contract; (ii) legitimate interests (e.g., securing Services, improving features); (iii) consent (e.g., certain marketing); and/or (iv) compliance with legal obligations.

6. Information Sharing & Disclosure

We do not sell personal information. We may share information as follows:

  • Service Providers: With vetted vendors that support hosting, message delivery, analytics, payments, and related functions—each bound by appropriate confidentiality and data protection obligations.
  • Legal/Compliance: To comply with law, regulation, legal process, or to protect rights, safety, and property of Brazeno, users, and the public.
  • Business Transfers: As part of a merger, acquisition, financing, or sale of assets, subject to appropriate safeguards.
  • With Consent: As directed or approved by you.

Third-Party Links: Our site may contain links to third-party sites/services we do not control. We are not responsible for their content or privacy practices.

7. Security

We implement technical and organizational measures designed to protect information, including:

  • Encryption in transit and at rest where appropriate
  • Access controls, authentication, and least-privilege policies
  • Network segmentation and vulnerability management
  • Secure infrastructure and monitoring
  • Employee training and confidentiality obligations

No method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Data Retention

We retain information only as long as necessary to provide Services, comply with legal, tax, and accounting obligations, resolve disputes, and enforce agreements.

Messaging Data: Message content is typically retained for 30–90 days unless longer retention is required by law or requested by the customer for business purposes. Metadata (e.g., delivery logs) may be retained longer for security, billing, fraud prevention, and audit.

9. Your Rights & Choices

Your available rights depend on your location and applicable law and may include:

  • Access to personal information we hold about you
  • Correction of inaccurate or incomplete data
  • Deletion (subject to lawful exceptions)
  • Portability of certain data
  • Restriction or Objection to certain processing
  • Opt-out of marketing communications at any time

Where we process data as a processor on behalf of a customer, we will direct end users to contact the relevant customer (data controller) to exercise rights.

10. Cookies & Tracking

We use cookies and similar technologies to remember preferences, analyze traffic, personalize content, and improve the Services. You can control cookies via your browser; some features may not function properly without them. We may use analytics tools (e.g., Google Analytics) to understand usage and performance.

11. International Transfers

Your information may be transferred to and processed in countries other than your own. Where required, we implement appropriate safeguards, such as European Commission Standard Contractual Clauses, adequacy decisions, and contractual/technical/organizational measures.

12. Children’s Privacy

Our Services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will take steps to delete it.

13. Sector & Sensitive Data Notices

  • Healthcare/HIPAA: Brazeno is not a covered entity. We may act as a business associate only where a signed Business Associate Agreement (BAA) is in place. Do not transmit protected health information (PHI) via our Services unless a BAA has been fully executed.
  • Sensitive Data: Do not use the Services to send payment card data, government IDs, or other sensitive categories unless expressly permitted and protected by appropriate agreements and controls.

14. U.S. State Privacy Disclosures

For residents of California and certain other U.S. states, you may have additional rights (e.g., to know, delete, correct, and limit use/disclosure of personal information). We honor “Do Not Sell or Share” requests where applicable and recognize Global Privacy Control (GPC) signals for browser-based opt-outs where required by law. To exercise rights, use the contact methods below.

15. Data Processing Addendum (DPA)

For customers who require a DPA, we make one available upon request. The DPA governs our processor obligations, including data subject requests, sub-processor disclosures, international transfers, and security measures.

16. Changes to This Privacy Policy

We may update this Policy from time to time. We will notify you of material changes by posting the updated Policy on our website, emailing registered users where appropriate, and updating the “Last updated” date above.

17. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

18. Important Notices & Disclaimers

  • No Legal Advice: This Policy is provided for transparency and does not constitute legal advice. Your use of the Services remains subject to our Terms of Service.
  • Customer Responsibility: Customers are solely responsible for their compliance with messaging and privacy laws applicable to their use (e.g., consent, opt-outs, notices, retention) and for the content they send using the Services.
  • Precedence: In case of conflict between this Policy and an executed agreement (e.g., DPA, BAA, MSA), the executed agreement will govern to the extent of the conflict.