Privacy Policy

Introduction

Broniec Associates and its affiliates, (collectively “Broniec”, “we”, “us”, and “ours”) respects the privacy of visitors to its Website (https://broniec.com/, “our Site” or “the Site”). The Broniec Privacy Policy (the “Policy”) describes the information that we collect while we provide our services.

Our privacy policy is designed to inform you about our policies and procedures for collecting, using, retaining, processing, transferring, and disclosing your information in connection with your use of the Website and the Service. By proceeding further, you have read and expressly consent to the collection, use, retention, processing, transfer, and disclosure of personal data under the terms of this Privacy Policy.
This Privacy Policy governs your access to the Service, regardless of how you access it, and explains what data we collect when you use the Service, why we collect the data, how it is used, and your rights and choices.

This Privacy Policy applies to all users of the Website and Service (together “you” or “Users”).

This Website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy policy of every website you visit.

1. Acceptance of this Privacy Policy

By accessing and using our Service, you signify acceptance of the terms of this Privacy Policy. Where we require your consent to process your personal data, we will ask for your consent to the collection, use, and disclosure of your personal data as described further below. We may provide additional “just-in-time” disclosures or information about the data processing practices of a specific Service. These notices may supplement or clarify our privacy practices or may provide you with additional choices about how we process your data.
If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Website and Service.

2. Scope

This Privacy Policy is subject to the provisions mainly of the California Consumer Privacy Act of 2018 (“CCPA”) the General Data Protection Regulation (“GDPR”), and other applicable privacy laws. Under the CCPA, we are a “Business”, and you, if you are an individual residing in California, are a “Consumer” with certain protected privacy rights concerning your Personal data. Similarly, Under the GDPR, Broniec is placed as a data “Controller” and you, if you are an individual and reside in the United Kingdom, Northern Ireland, the European Union, or Switzerland (collectively, and for the purposes of this Privacy Policy, the “EEA”), are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.” We will take commercially reasonable steps to maintain compliance with GDPR and CCPA requirements.
Any other terms which are used throughout this Privacy Policy shall have their respective meanings, as defined in our standard Terms, unless the context indicates otherwise.

3. Information we collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity data includes your full name, addresses and date of birth;
  • Contact data includes you and your company’s name, physical address, email address, and telephone numbers;
  • Transaction data includes details about payments to and from you and other details of services you have purchased from us;
  • Technical data includes internet protocol address, your login data, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, information about the visits, including the full Uniform Resource Locators (URL), clickstream to, through and from this Website (including date and time), products viewed or searched for, page response times, download errors, length of visits to certain pages, Website interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the Website, and any phone number used to call our customer service number.
    Usage data includes information about how you use our Website and Service, such as app launches within our Service, including browsing history, search history, product interaction, crash data, performance and other diagnostic data, and other usage data;
  • Communication data includes data you communicate to us;
  • Location data in case of using a location-enabled device;
    Marketing and communications data includes your preferences in receiving marketing from us and your communication preferences;
  • Other information you provide to us includes details such as the content of your communications with us.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.

You are not required to provide the requested personal data. However, if you choose not to do so, we will not be able to provide you with our products or services or respond to requests you may have. Thus, where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you.

4. How we collect information

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • Apply for our Service;
  • Subscribe to our Service or Newsletter;
  • Request marketing to be sent to you; or
  • Give us feedback or contact us.

Automated technologies or interactions. As you interact with our Website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.

Third parties, which includes, but is not limited to Company’s sub-contractors in technical, payment services, advertising networks, search information providers, credit reference agencies, or other third parties who may provide information, for the purpose of fulfilling the Service or to comply with legal requirements. Examples of the personal data we receive about you from various third parties include:

  • Technical data from analytics providers and search information providers.
    Contact and transaction data from providers of technical, payment and delivery services.

5. How we store and use your information

We use the gathered personal data to provide you with our Service and to ensure our legitimate interests. More specifically, we will use your personal data for the following purposes:

Providing our Service: We use User Account-related data provided by Users in connection with the sign-up, use, or support of the User Account (such as usernames, email address and billing information) to provide you with access to the Service, contact you regarding your use of the Service, or to notify you of important changes to the Service. Such use is necessary for the performance of the contract between you and us.

Respond to Requests: When you ask for information about the Service (for example, when you request a demo or ask us to send you offers or price information), we will use your contact information to respond to your request.

Sending Marketing Communications: Where required by applicable law (for example, if you are an EU data subject), we will only send you marketing information by email, or contact you by phone, if you consent to us doing so at the time you provide us with your personal data.
When you provide us with your consent to be contacted for marketing purposes, you have the right to withdraw your consent at any time by following the instructions to “opt-out” of receiving marketing communication in each marketing email we send you. In addition, if at any time you do not wish to receive future marketing communications or wish to have your name deleted from our mailing or calling lists, please contact us at slevine@broniec.com.

Please note that if you opt-out from marketing communications, we may still contact you regarding issues related to our Service and to respond to your requests.

For our Legitimate Business Interests: We use data relating to your use of and interaction with the Service for certain legitimate business interests, which are the following:

  • To personalize and improve your access to and use of the Service (including to increase our Service’s functionality, product features, and user-friendliness);
  • To conduct analytics and report on industry trends on content usage and performance;
  • To meet our corporate and social responsibility objectives;

For internal business/technical operations, including troubleshooting, data analysis, testing, to prevent fraud or criminal activity, misuses of our products or services and ensure the security of our IT systems, architecture, and networks.

This use of your personal data is necessary for our legitimate interests in understanding how our services are being used by you and to improve your experience on it.

Algorithms and profiling: We do not use algorithms or profiling to make any decision that would significantly affect you without the opportunity for human review.

Any information stored on Broniec, or any third-party service that we use, is encrypted and kept securely on our cloud. Access to such information, even at Broniec, is done through the best practices while keeping privacy and security of the information.

6. Cookies

We use cookies and similar tracking technologies to collect and use personal data about you on our Site, including to serve interest-based advertising. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

You may turn off cookies in your browser via settings. You can block cookies on your browser to refuse cookies. You may delete cookies. If you turn off cookies, you can continue to use the Platform and browse its pages, but the Platform and certain services will not work properly.
We collect essential cookies, functionality cookies, analytics and performance cookies.

7. How we disclose your information

We do not disclose or sell your information to third parties or other websites without your consent, except to those necessary to deliver services for us and except as required by law. These third parties and their functions are listed below.

Employees, Service Providers, Business Partners, and Others: We will disclose your personal data to our employees as necessary to deliver the Service, and we may use certain third party companies and individuals to help us provide, support, analyze, and improve the Service (such as providers of data storage services, maintenance services, payment processing, database management, digital business services, providers of analytics services who help us understand how you use and interact with the Service, providers of digital advertising services, providers of CRM, marketing, and sales software solutions). These third parties may have access to your personal data for the purpose of performing these tasks on our behalf and pursuant to our instructions.

Where we make use of third party service providers to help us provide the Service to you, including for the purposes of retrieving or delivering information, records, notifications or other messages to you or any users or for hosting or providing any component of our Service, we require such third parties to maintain the confidentiality of any personal data we provide to them for these purposes. Third-party service providers are contractually bound to protect and use such information only for the purposes for which it was disclosed, except as otherwise required or permitted by law. We ensure that such third parties will be bound by terms complying with applicable law.

Such third parties may be situated outside of your country and you consent to your personal data and that of any data subjects you provide to us being transferred cross-border so that we can provide the Service to you. In this regard, we engage only with reputed third-party service providers who have security and privacy policies and procedures providing at least the same level of protection as we do ourselves. You warrant that you have all necessary permissions to give us the above consent.

We may also share non-personal or non-identifiable information, including website visitor information and account usage data with third-party analytics service providers. Your personal data may be shared if it is made anonymous and aggregated, as in such circumstances the information will cease to be personal data.

Compliance with Laws and Law Enforcement Requests: We may disclose to any competent law enforcement body, regulatory body, government agency, court or other third party the data stored in your User Account and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation, or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Broniec or its Users; (d) to protect Broniec’s legal rights; (e) to report suspected illegal activity; or (v) to investigate violations of this Privacy Policy or our Terms of Service.

Business Transfers: If we are involved in a merger, acquisition, consolidation, liquidation, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, but we will notify you of any change in control or use of your personal data or Content, or if either become subject to a different Privacy Policy. We will notify you either by sending you an email or posting a notice on our Website. We will also notify you of choices you may have regarding the information.

8. How we delete your information

We will retain your personal data for as long as is necessary for the purposes set out in this Privacy Policy or for our Service, for as long as your User Account is active, or as needed to provide you the Service or for the duration required by law, whichever is the longer. If you wish to delete your User Account please contact us at slevine@broniec.com and raise a formal request. Please note that we may retain, use or disclose your information as necessary to comply with our legal obligations, to resolve disputes or enforce our agreements, and legitimate business interest (such as for analytics purposes, safety, and security).

9. Security Measures

The security of your information is important to us. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it.

Taking into account relevant developments in technology including telecommunications and web services, technical limitations associated with different telecommunications protocols, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we shall in relation to the personal data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk.

We use a variety of security measures to ensure the confidentiality of your personal data, and to protect your personal data from loss, theft, misuse, alteration or destruction. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security.

Please always check that any website on which you are asked for financial or payment information in relation to our reservations or Service is operated by us or by third-party service providers authorized by us. If you do receive a suspicious request, do not provide your information and report it as set out in this Privacy Policy.

However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal data. You are responsible for keeping your User Account passcode, membership numbers and pin numbers safe and secure. Do not share those with anyone. If there is unauthorized use or any other breach of security involving your information, you must notify us as soon as possible.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by internet or wireless connection, including email since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us using the contact information provided in this Privacy Policy.

10. Section applicable to EU Data Subjects

Scope: This section applies solely to data subjects as defined by the General Data Protection Regulation (“GDPR”) (“EU data subjects”). For these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, where applicable, and Switzerland. Reference to the EU also includes the UK in the case when the scope of GDPR is equivalent to the scope of data protection in the UK (the UK-GDPR).

In relation to the rights and obligations of EU data subjects, this Privacy Policy should be interpreted in a way that assures maximum compliance with GDPR. Thus, regarding EU data subject, the terms of this Privacy Policy are to be understood in accordance with the meaning given to them by GDPR.

Data Controller

Broniec is the data controller for processing of your personal data, but we also act as a data processor for personal data that we process on behalf of our Users.

Broniec is the data controller of your personal data processed for purposes set forth herein and, unless expressly specified otherwise, is responsible for the collection, use, disclosure, retention, and protection of your personal data in accordance with this Privacy Policy and applicable laws.

The data controller and the processor have signed and comply with the Standard Contractual Clauses for data transfers between EU and non-EU countries.

Your Rights: Subject to applicable EU law, you have the following rights in relation to your personal data:

Right to be informed: You have the right to concise, transparent, intelligible and easily accessible information regarding the processing of your personal data.

Right of access: If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.

Right to rectification (updating your information): If your personal data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we share your personal data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data so you can contact them directly.

Right to erasure: You may ask us to delete or remove your personal data, such as where our legal basis for the processing is your consent and you withdraw consent. If we share your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data with so you can contact them directly. We may continue processing personal data where this is necessary for a legitimate interest in doing so (for example, for compliance with the law), as described in this Privacy Policy.

Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it. We will tell you before we lift any restriction on processing. If we share your personal data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data so you can contact them directly.

Right to data portability: You have the right to obtain your personal data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your personal data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.

Right to object: You may ask us at any time to stop processing your personal data, and we will do so:

  • If we are relying on a legitimate interest to process your personal data — unless we demonstrate compelling legitimate grounds for the processing or;
  • If we are processing your personal data for direct marketing.

Right to withdraw consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing of your data before we received notice that you wished to withdraw your consent.

Right to lodge a complaint with the data protection authority: You have the right to make a complaint at any time to your local data protection authority. We would, however, appreciate the chance to deal with your concerns before you approach the local data protection authority so please contact us in the first instance.

You may exercise your rights by contacting us as indicated under the “Contact Us” section below. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We may ask you to verify your identity to help us respond efficiently to your request.

Security and Breach
Security measures: Appropriate technical and organizational measures are implemented to ensure that, by default, the only personal data processed are those, which are necessary for each specific purpose of processing. This applies to the quantity, the extent of the processing, the period of storage and the accessibility of the collected personal data. With such measures, we try to ensure that personal data are not made accessible to an indefinite number of persons without your intervention.

In case of a personal data breach: If a personal data breach occurs, we shall without undue delay, where feasible, not later than 72 hours after having become aware of it, notify the supervisory authority. This does not apply when the personal data breach is unlikely to resolve in risk to your rights and freedoms. In case of a risk to your rights and freedoms due to a personal data breach, we shall also inform you without undue delay. This does not apply to situations where we have implemented appropriate technical and organizational protection measures that were applied to the personal data affected by the breach or if our subsequent measures ensure that the risk is no longer likely to materialize. It also does not apply when it would involve disproportionate effort. In the described cases we shall inform you through public communication or similar way in an equally effective manner.

11. Transfer of your personal data

We store your personal data on Google Cloud, based out of the United States of America which participates in and has certified their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.

We still aim to apply appropriate safeguards to protect your privacy, security, your personal data and to use your personal data only consistent with your relationship with our company and the practices described in this Privacy Policy. We also enter into data processing agreements and model clauses with our vendors when applicable.

12. Your California privacy rights

The California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA) require us to disclose the categories of Personal Information (as defined in the acts) we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above. We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:

  • Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
  • Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
  • Right to Delete. You may submit a verifiable request to close your Account and we will delete Personal Information about you that we have collected.
  • Right to request that a business that sells a consumer’s personal data, does not sell the consumer’s personal data.

Do Not Sell or Share My Personal Information. You may request to opt out of our sale or sharing of your personal information to third parties. For purposes of this California Privacy Statement, “sell” means the sale of your personal information to a third party for monetary or other valuable consideration, subject to certain exceptions set forth in applicable California law. For purposes of this California Privacy Statement, “share” means disclosure of personal information to third parties for cross-context behavior al advertising purposes, subject to certain exceptions in applicable law. To effect the opt out, please contact slevine@broniec.com. As described above, we, and certain other companies, place tracking technologies, such as cookies, on our websites which allow us, and those companies, to receive information about your activity on our websites that is associated with your browser or Device. We and these companies may use that data to customize content for you and to serve you more relevant ads on our websites or others. We do not knowingly sell or share the personal information of minors under 16 years of age.

Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2021 will receive information regarding 2020 sharing activities).
If you would like to exercise any of these rights or if you would like to receive any further information about these rights, please contact us at any time via email disclosed below. To obtain this information, contact us specifying that you want a “Request for California Privacy Information” on the subject line and in the body of your message. You must include sufficient information regarding your identification as the data subject and a detailed request with the declaration, under the penalty of perjury, that you are exercising your rights for lawful purposes. We will do our best to respond to your valid request (one that meets the described criteria) within 45 days of receiving it. Please be aware that only the required information will be included in our response.

13. Personal data of minors

We do not intentionally collect identifiable information from anyone who is a minor under the law of any applicable jurisdiction. If it is discovered that we have unintentionally collected personally identifiable information from a minor, we will delete that information immediately. Please notify us if you know of any minors using our Website and the Service so we can take action to prevent access to our Website and Service.

14. Third-party Links

Our Website may contain certain links to third-party websites (“Third-party Links”) that are not run by us. We are not responsible for personal data about you that is collected and stored by these platforms and similar third parties. They have their own privacy policies so please note that this Privacy Policy does not apply to them. For that reason we recommend you to read their privacy policies carefully before submitting personal data to them.

15. Changes to our privacy policy

This Privacy Policy may change from time to time. If we make a material change to this Privacy Policy, we will provide you with notice (for example, by email if you have provided your email address to us and your email address is current), and we may provide notice of changes in other circumstances as well. It is therefore important that you register with us and notify us if you change your email address. If you do not provide us with a current email address, you should regularly review this policy to ensure that you are informed of any changes.

16. Contact Us

If you have any questions about this Privacy Policy, please contact us at:
Phone – (770) 729-9664
Fax – (770) 729-9764
Email: slevine@broniec.com
Policy updated : June 4, 2024

This policy may be changed from time to time to reflect changes in our practices concerning the collection and use of client data. This version of the Policy is effective June 3, 2024.