| Server IP : 82.197.83.129 / Your IP : 216.73.216.166 [ Web Server : LiteSpeed System : Linux us-bos-web1456.main-hosting.eu 4.18.0-553.40.1.lve.el8.x86_64 #1 SMP Wed Feb 12 18:54:57 UTC 2025 x86_64 User : u489457460 ( 489457460) PHP Version : 7.3.33 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail Domains : 2 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/u489457460/domains/brexa.ai/public_html/ |
Upload File : |
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Brexa</title>
<link rel="icon" type="image/png" href="../assets/images/favicon.png" />
<meta name="description" content="">
<meta name="keywords" content="">
<link rel="canonical" href="#">
<!-- inter font -->
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link
href="https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap"
rel="stylesheet">
<!-- preload head styles -->
<link rel="preload" href="../assets/css/unicons.min.css" as="style">
<link rel="preload" href="../assets/css/swiper-bundle.min.css" as="style">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css" />
<!-- preload footer scripts -->
<link rel="preload" href="../assets/js/libs/jquery.min.js" as="script">
<link rel="preload" href="../assets/js/libs/scrollmagic.min.js" as="script">
<link rel="preload" href="../assets/js/libs/swiper-bundle.min.js" as="script">
<link rel="preload" href="../assets/js/libs/anime.min.js" as="script">
<link rel="preload" href="../assets/js/helpers/data-attr-helper.js" as="script">
<link rel="preload" href="../assets/js/helpers/swiper-helper.js" as="script">
<link rel="preload" href="../assets/js/helpers/anime-helper.js" as="script">
<link rel="preload" href="../assets/js/helpers/anime-helper-defined-timelines.js" as="script">
<link rel="preload" href="../assets/js/uikit-components-bs.js" as="script">
<link rel="preload" href="../assets/js/app.js" as="script">
<!-- app head for bootstrap core -->
<script src="../assets/js/app-head-bs.js"></script>
<!-- include uni-core components -->
<link rel="stylesheet" href="../assets/js/uni-core/css/uni-core.min.css">
<!-- include styles -->
<link rel="stylesheet" href="../assets/css/unicons.min.css">
<link rel="stylesheet" href="../assets/css/prettify.min.css">
<link rel="stylesheet" href="../assets/css/swiper-bundle.min.css">
<!-- include main style -->
<link rel="stylesheet" href="../assets/css/theme/main.min.purge.css">
<!-- include scripts -->
<script src="../assets/js/uni-core/js/uni-core-bundle.min.js"></script>
</head>
<body class="uni-body panel bg-white text-gray-900 dark:bg-gray-900 dark:text-gray-200 overflow-x-hidden">
<!-- Google Tag Manager (noscript) -->
<noscript><iframe src="
https://www.googletagmanager.com/ns.html?id=GTM-MQXQPCJB"
height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
<!-- End Google Tag Manager (noscript) -->
<!--header section start-->
<?php include 'header.php'; ?>
<!--header section End-->
<!-- Contact modal -->
<div id="uc-contact-modal" data-uc-modal="overlay: true">
<div class="uc-modal-dialog lg:max-w-650px bg-secondary text-dark dark:bg-gray-800 dark:text-white rounded-1-5">
<button
class="uc-modal-close-default top-0 ltr:end-0 rtl:start-0 rtl:end-auto m-2 p-0 border-0 icon-2 lg:icon-3 btn btn-md dark:text-white transition-transform duration-150 hover:rotate-90"
type="button">
<!-- <i class="unicon-close"></i> -->
<i class="fa-regular fa-circle-xmark fa-xs"></i>
</button>
<div class="panel vstack gap-2 md:gap-4 text-center">
<div class="panel cstack px-3 md:px-4 py-4 md:py-8 m-0 lg:mx-auto">
<div class="panel vstack justify-center items-center gap-2 sm:gap-4 text-center">
<h4 class="h5 lg:h4 m-0">Schedule your 15-minute demo now</h4>
<div class="panel w-100 sm:w-350px md:w-500px mx-auto">
<form class="vstack gap-2">
<div class="vstack lg:hstack gap-2">
<input
class="form-control h-48px w-100 md:w-1/2 bg-white dark:border-white dark:text-dark"
type="text" placeholder="Full name*" required>
<input
class="form-control h-48px w-100 md:w-1/2 bg-white dark:border-white dark:text-dark"
type="text" placeholder="Last name*" required>
</div>
<div class="vstack lg:hstack gap-2">
<input
class="form-control h-48px w-100 md:w-1/2 bg-white dark:border-white dark:text-dark"
type="email" placeholder="Your email*" required>
<input
class="form-control h-48px w-100 md:w-1/2 rtl:text-end bg-white dark:border-white dark:text-dark"
type="tel" placeholder="Phone number*" required>
</div>
<input class="form-control h-48px w-full bg-white dark:border-white dark:text-dark"
type="text" placeholder="Company name*" required>
<textarea
class="form-control min-h-150px w-full bg-white dark:border-white dark:text-dark"
placeholder="Your message.."></textarea>
<button class="btn btn-primary btn-md text-white mt-2" type="submit">Schedule my
demo</button>
<p class="fs-7 opacity-70 mt-2 text-center">We’ll tailor your demo to your immediate
needs and answer all your questions. Get ready to see how it works!</p>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- Bottom Actions Sticky -->
<div class="backtotop-wrap position-fixed bottom-0 left-0 z-99 m-2 vstack">
<!-- <div class="darkmode-trigger cstack w-40px h-40px rounded-circle text-none bg-gray-100 dark:bg-gray-700 dark:text-white"
data-darkmode-toggle="">
<label class="switch">
<span class="sr-only">Dark mode toggle</span>
<input type="checkbox">
<span class="slider fs-5"></span>
</label>
</div> -->
<a class="btn btn-sm bg-primary text-white w-40px h-40px rounded-circle" href="to_top.php" data-uc-backtotop>
<i class="icon-2 fa-solid fa-angle-up "></i>
</a>
</div>
<!-- Wrapper start -->
<div id="wrapper" class="wrap pt-4 lg:pt-6 xl:pt-9">
<div class="breadcrumbs panel z-1 py-2 bg-gray-25 dark:bg-gray-100 dark:bg-opacity-5 dark:text-white">
<div class="container ">
<ul class="breadcrumb nav-x justify-center items-center gap-1 fs-7 m-0 fw-bold">
<li><img src="../assets/images/common/icons/home.svg" alt="icon" class="me-1"></li>
<li><a href='index.php'>Home</a></li>
<!-- <li><i class="unicon-chevron-right fw-medium opacity-50 rtl:rotate-180"></i></li> -->
<li><i class="fa-solid fa-angle-right opacity-50 rtl:rotate-180"></i></li>
<li><span class="opacity-50">GDPR Policy</span></li>
</ul>
</div>
</div>
<div class="section py-4 lg:py-6 xl:py-8">
<div class="container max-w-lg">
<div class="page-wrap panel vstack gap-4 lg:gap-6 xl:gap-8">
<header class="page-header panel vstack justify-center gap-2 lg:gap-4 text-center">
<div class="panel">
<h1 class="h3 lg:h1 m-0">Data Protection and Privacy at Brexa</h1>
</div>
</header>
<div class="page-content panel fs-6 md:fs-5">
<h3 class="h4 md:h3 mb-2">Overview</h3>
<p>Brexa constantly works on building, reviewing and further developing required policies,
processes, and procedures in place to comply with the applicable privacy and data protection
laws. Some of those laws include the EU and the UK General Data Protection Regulation
(“GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”), and the e-Privacy Directive
as implemented in the Member States of the EU. Further, Brexa is constantly evaluating our
exposure to other data protection laws to make any necessary adjustments to our privacy
program. Additionally, we regularly monitor data protection developments with a view to
incorporate the principles from new laws, frameworks, and best practices into our operations
to keep strengthening the protection of personal data</p>
<p>We have engaged privacy experts to assist us with our privacy and data protection compliance
efforts, and with their assistance, we are actively engaged in ensuring our own compliance
with applicable data protection laws and having solutions to enable our customers to comply
with their own obligations as data controllers under the applicable data protection laws.
Read on to learn a few things we have done to help you make our use of our service as
compliant as possible.</p>
<h3 class="h4 md:h3 mt-3 lg:mt-6 mb-2">What Are the EU GDPR and UK GDPR?</h3>
<p>The GDPR is the European Union’s, comprehensive privacy and data protection law that took
effect on May 25, 2018. The primary aim of the GDPR is to regulate how the personal data of
individuals in the EU is processed – even by businesses that have no physical or legal
presence in the EU. Organizations can face hefty fines for non-compliance: up to €20 million
or 4 percent of annual global revenue, whichever is higher. The UK GDPR largely mirrors the
GDPR and was adopted by the UK as part of Brexit.</p>
<h6 class="h5 md:h5 mt-2 lg:mt-4 mb-4 text-primary">Take a look at the full text of the GDPR
articles.</h6>
<h3 class="h4 md:h3 mt-3 lg:mt-6 mb-2">Is Brexa GDPR certified?</h3>
<p>There is not yet any kind of recognized GDPR global certification scheme in the EU, but we’ve
been working hard to ensure that we’re in compliance with the GDPR. We spend a considerable
amount of time and energy to ensure that our data protection practices meet or exceed the
highest standards, so that individuals who disclose personal data to us can rest assured
that their data is protected. Read on to learn how we work to make your use of our service
compliant.</p>
<h3 class="h4 md:h3 mt-3 lg:mt-6 mb-2">How Can I Enter into a Data Processing Addendum (DPA)
with Brexa?</h3>
<p>We offer customers a new Data Processing Addendum (DPA) in conjunction with our Terms of
Service. When applicable, the DPA amends our standard terms of service to reflect
obligations required by the GDPR. This is the instrument that legally binds us to complying
with our responsibilities under the GDPR and other applicable data protection laws, such as
the CCPA.</p>
<p>The DPA governs the terms by which we, as a data processor, process data on behalf of you,
our customers, (who are typically data controllers) in accordance with Article 28 of the EU
GDPR and other data protection and privacy laws that may be applicable.</p>
<p>According to Article 28 of the GDPR, data processors must act only upon the documented
instructions of the data controller unless otherwise required by law. This, however, does
not relieve us of any of our obligations or liabilities under the GDPR. We are still
required to ensure that we comply with the GDPR.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">What Does Brexa Do to Ensure that Its Vendor
Relationships Meet Applicable Data Protection Requirements?</h3>
<p>Before transferring any personal data to service providers, we conduct due diligence on the
recipient of the data (including reviewing security reports). We also ensure that robust
contractual protections are in place. Our vendor management procedures require that such
contracts be in line with the highest common denominators when it comes to data protection
laws (the GDPR and the CCPA). We have developed a detailed DPA that all service providers
must sign in addition to their standard contract. We can also sign the service providers’
DPAs if they meet the legal and contractual requirements.</p>
<p>When we need to transfer personal data governed by the GDPR outside the European Economic
Area (“EEA”) or the UK to a country that has not been deemed to provide an adequate level of
data protection by the European Commission or the UK Secretary of State, we ensure to
strengthen the protection of the data through approved transfer mechanisms.</p>
<h6 class="h5 md:h5 mt-2 lg:mt-4 mb-4 text-primary">We require our service providers to share
with us recent third-party audit security reports such as SOC 2 reports and ISO 27001
certifications security documentation or respond to detailed security questionnaires.</h6>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">GDPR and You</h3>
<p>So Brexa is focused on compliance with the GDPR. Does that mean that I’m automatically
compliant too? If not, where can I learn more about my own obligations?</p>
<p>Much of how you collect, use, and dispose of personal data is not determined by Brexa (your
data processor). Thus, each organization should get its own professional guidance on the
topic to help ensure compliance. In addition to our Readiness Guide, here’s an additional
resource from the UK Information Commissioner’s Office:
<strong> https://ico.org.uk/for-organisations/advice-for-small-organisations/checklists/data-protection-self-assessment/.</strong>
</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Am I a Data Controller? Is Brexa a Data Processor?</h3>
<p>Typically, a Brexa customer will be considered a data controller (i.e., an organization that
determines the purposes and means of the processing of personal data) and Brexa will be
considered a data processor under the law.</p>
<p>Controllers and processors each have their own respective obligations under the law.
Therefore, our GDPR compliance plan looks a bit different from what yours will look like.
This doesn’t mean we can’t be used by data controllers – quite the opposite. When a data
controller engages a service provider like us, the service provider is typically a data
processor acting on behalf of the controller, and the processor acts at the behest of the
controller. As stated above, our DPA will govern the relationship, and the nature of the
processing activities, between Brexa and its customers.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">What is Considered Personal Data?</h3>
<p>According to GDPR Article 4, personal data means…“any information relating to an identified
or identifiable natural person (‘data subject’); an identifiable natural person is one who
can be identified, directly or indirectly, in particular by reference to an identifier such
as a name, an identification number, location data, an online identifier or to one or more
factors specific to the physical, physiological, genetic, mental, economic, cultural or
social identity of that natural person.”</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">So, what does that mean for you?</h3>
<p>Within your Brexa account, that would include your customers’ contact information. And they
may at some point ask you to forget them, or modify their information to be accurate, etc.
You would then be responsible for fulfilling that request.</p>
<p>Does the GDPR Require an Additional Checkbox to Be Able to Lawfully Process Personal Data? Or
Will a Sentence such as "Enter your information for us to email you XYZ Pdf" Be Sufficient?
</p>
<p>If you are processing personal data on the basis of the data subject’s consent, you will need
to include a mechanism to collect that consent, which could include an unticked checkbox
which the data subject can tick to consent to the processing of his or her data for a
specified purpose (for example, receiving email marketing communications from you about your
products). If you can consider this type of arrangement as a “contract” between you and the
individual who requested the “something,” then you may be able to skip the checkbox
altogether and base your processing on the need to perform your obligations under this
“contract”.</p>
<h6 class="h5 md:h5 mt-2 lg:mt-4 mb-4 text-primary">If a Customer Asks to Exercise Their Right
to be Forgotten, do I have to Remove them from my Database?</h6>
<p>Normally, yes.Article 17 of the GDPR sets out the data subject’s right to have his or her
data erased (also known as the “right to be forgotten”) when certain (broad) grounds apply,
such as (without limitation) when the personal data are no longer necessary for the purposes
of processing, where consent, as the sole basis of processing, has been withdrawn, or where
the data subject has objected to the processing of his or her personal data and you have no
“compelling legitimate grounds” to continue the processing. It’s important to note how
broadly this right applies: in practice, there will be few circumstances where the GDPR will
not require the deletion of data at the data subject’s request.</p>
<h3 class="h4 md:h3 mt-4 lg:mt-4 mb-2">Consent</h3>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Do I need to obtain consent again from all my contacts?
</h3>
<p>Not necessarily. There are other permitted bases for processing personal data under Article
6 of the GDPR, such as the need to process personal data for the performance of a contract,
or the legitimate interests of the data controller or another party. However, if you will be
processing personal data based solely on the consent of the individual, you likely need to
re-acquire consent from these “old” contacts.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Under GDPR, can I still have my opt-in forms checked by
default?</h3>
<p>No, please note that the use of pre-ticked opt-in boxes is not valid under the GDPR. Silence
or inactivity on the part of the data subject, as well as merely using a service (without
first ticking a box to indicate agreement) doesn’t count as “consent”.</p>
<h3 class="h4 md:h3 mt-4 lg:mt-4 mb-2">Data Protection</h3>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Contact</h3>
<p>In accordance with Article 38 of the GDPR, members of the public may contact the DPO with
regard to issues related to processing of their personal data and to exercise their rights
under the GDPR – for example, to object to the processing of their data in cases where the
data controller (that’s you, the Brexa customer) does not provide an adequate response.</p>
<p>In accordance with Article 27 of the GDPR, supervisory authorities and persons whose personal
data are being processed by us, Brexa, may contact our Article 27 Representative on all
issues related to processing, for the purposes of ensuring compliance with the GDPR.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">What solution does Brexa offer for cross-border data
transfers?</h3>
<p>Area (commonly referred to as the EEA and which consists of the EU, plus Norway, Iceland, and
Liechtenstein) in certain circumstances, such as to a country whose data protection laws are
deemed "adequate" by the European Commission, or by relying on an approved data transfer
mechanism.</p>
<p>Because we’re a company located outside of the EU, we have added the Standard Contractual
Clauses to our DPA to enable the lawful flow of personal data from the UK and EEA to Brexa
in the United States.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">What Security Controls Has Brexa Implemented to Safeguard
My Data?</h3>
<p>Our Data Security Statement goes well beyond the customary confidentiality clauses found in
the business terms of many SaaS providers. The statement describes some of the specific data
security controls that we’ve implemented and, by publishing the information, legally
obligates us to maintain the high standard of data security that’s described in the
Statement.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Is Brexa PCI Compliant?</h3>
<p>We adhere to, and are audited annually for compliance with, the Payment Card Industry Data
Security Standard, which is a rigorous data protection framework oriented towards the
protection of payment card data.</p>
<p>Our most recent PCI DSS audit documentation is available upon request. Please contact
support@brexa.ai if you require the documentation.</p>
<h3 class="h4 md:h3 mt-4 lg:mt-4 mb-2">GDPR and Other Channels</h3>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">How does the GDPR apply to social media?</h3>
<p>The GDPR applies to personal data processed for the purposes of social media marketing
campaigns, communication with customers via social media, and using Facebook tracking pixels
and similar technologies. However, the specific impact depends on the manner in which the
social media is used. Social media isn’t specifically discussed in the GDPR, so there are no
aspects of the GDPR that are unique to social media or social media marketing.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Does the GDPR apply only if a customer buys something
from a website?</h3>
<p>If you are offering services to a data subject in the UK or EU, they do not necessarily need
to buy something from you in order for the GDPR to apply. When you go out of your way to
offer goods or services to the people in the UK or EU, the GDPR likely applies to you.</p>
<h3 class="h5 md:h4 mt-4 lg:mt-4 mb-2">Compliance of Third-Party Integrations with Brexa</h3>
<p>When you configure your Brexa service to connect with third-party apps, you must ensure that
you also use those providers in a compliant manner. For example, you need to ensure service
providers that you enter into a contract with the service provider that meets the
requirements laid out in Article 28 of the EU and UK GDPR. This means, for example, that
there must be an agreement that, among other things, requires the service provider to use
the personal data you entrust it with only upon your instructions, and to notify you of any
data breaches. You also need to determine whether such service providers have the technical
capabilities to protect the personal data you make available to them.</p>
<p>When you configure your Brexa service to connect with those third-party apps, you should
ensure that those vendors are also GDPR compliant, and that your relationship with that
vendor meets the requirements laid out in Article 28 of the GDPR. For example, the service
agreement in place between your company and the third-party service provider should impose
various obligations on that service provider, such as a requirement to use the personal data
only upon your instructions, and to notify you of any data breaches.</p>
</div>
<!-- <div class="page-footer panel">
<p class="fs-7 opacity-60 m-0">Last updated: 27 Oct, 2024</p>
</div> -->
</div>
</div>
</div>
</div>
<!-- Wrapper end -->
<!--header section start-->
<?php include 'footer.php'; ?>
<!--header section End-->
<!-- include jquery & bootstrap js -->
<script defer src="../assets/js/libs/jquery.min.js"></script>
<script defer src="../assets/js/libs/bootstrap.min.js"></script>
<!-- include scripts -->
<script defer src="../assets/js/libs/anime.min.js"></script>
<script defer src="../assets/js/libs/swiper-bundle.min.js"></script>
<script defer src="../assets/js/libs/scrollmagic.min.js"></script>
<script defer src="../assets/js/helpers/data-attr-helper.js"></script>
<script defer src="../assets/js/helpers/swiper-helper.js"></script>
<script defer src="../assets/js/helpers/anime-helper.js"></script>
<script defer src="../assets/js/helpers/anime-helper-defined-timelines.js"></script>
<script defer src="../assets/js/uikit-components-bs.js"></script>
<!-- include app script -->
<script defer src="../assets/js/app.js"></script>
<script>
// Schema toggle via URL
const queryString = window.location.search;
const urlParams = new URLSearchParams(queryString);
const getSchema = urlParams.get("schema");
if (getSchema === "dark") {
setDarkMode(1);
} else if (getSchema === "light") {
setDarkMode(0);
}
</script>
</body>
</html>