Privacy Policy
Privacy Policy
Privacy Policy
Effective date:
Effective date:
Effective date:
Sep 1, 2025
Sep 1, 2025
Sep 1, 2025
Welcome to BrandBridge. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how BrandBridge ("we," "our," or "us") collects, uses, shares, and protects your information when you use our website and services (collectively, the "Services").
By accessing or using our Services, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect information to provide our services, improve user experience, and ensure the security of our platform. This includes:
A. Information You Provide Directly
Account Information: When you create an account, we collect your name, email address, and password.
Payment Information: If you purchase services, we collect billing details and payment information. (Note: We utilize third-party payment processors; we do not store full credit card numbers on our servers).
Communications: Information you provide when you contact our support team.
B. Google User Data (Gmail API)
To provide our core services, BrandBridge accesses specific Google user data through the Gmail API. We only access data that you explicitly authorize.
Gmail Data Accessed:
Email Content: Email messages, headers, and metadata (sender, recipient, subject, date, message content).
Thread Details: Email thread information and conversation history.
Organization: Email labels, categories, and history IDs (for synchronization).
Attachments: Email attachments and their associated metadata.
Google Account Information:
Email address (for user identification).
Profile information (name, profile picture).
Account verification data.
Specific API Scopes: We request the following specific permissions:
https://www.googleapis.com/auth/gmail.readonly (Read all email messages and settings)
https://www.googleapis.com/auth/gmail.modify (Manage email labels and organization)
https://www.googleapis.com/auth/gmail.send (Send emails on your behalf)
openid, email, profile (Basic account identification)
2. How We Use Your Data
We use the data we collect for specific, legitimate business purposes.
A. General Service Usage
To provide, operate, and maintain our Services.
To process transactions and manage your account.
To send you administrative information, including updates, security alerts, and support messages.
B. Google User Data Usage
We strictly use Google user data for the following purposes:
Email Management & Organization:
Synchronizing and displaying your Gmail inbox within BrandBridge.
Organizing email threads related to brand partnerships and collaborations.
Tracking conversation history with brands and business contacts.
Enabling search and filtering of business-related emails.
Business Intelligence & Analysis:
Extracting and analyzing email content to identify brand deal opportunities.
Processing email metadata to categorize business communications.
Generating insights about partnership opportunities and negotiations.
Identifying action items and deliverables from email conversations.
Communication Features:
Enabling email sending through the Gmail API from within BrandBridge.
Tracking email thread statuses and response patterns.
Technical Operations:
Monitoring Gmail inboxes for real-time updates via Google Cloud Pub/Sub webhooks.
Maintaining synchronization state to ensure data consistency.
Storing history IDs to enable incremental email synchronization.
AI/ML Processing:
The application processes email data using AI/ML services (OpenAI) to extract business-relevant information such as deal terms, deliverables, and partnership opportunities. This is done strictly for the purpose of assisting content creators in managing their brand partnerships.
3. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We share data only with the specific third-party service providers listed below to support our infrastructure and features.
A. Third-Party Service Providers
Infrastructure & Storage:
Supabase: Cloud database provider storing synchronized email data, metadata, and user information in secure PostgreSQL databases.
Google Cloud Platform (GCP): Hosts Pub/Sub services for real-time Gmail notifications and webhooks.
AI/ML Service Providers:
OpenAI: Email content is processed through OpenAI's API to extract business-relevant information, identify brand deals, and generate insights.
Langfuse: An LLM observability platform used for monitoring AI features. Note: Langfuse receives anonymized/aggregated usage metrics, not raw email content.
B. Purpose of Sharing
Sharing is strictly limited to:
Providing core application functionality (sync, storage, analysis).
Improving user experience through AI-powered insights.
Maintaining system reliability and performance.
C. Google API Limited Use Disclosure
BrandBridge's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
4. Data Storage and Security
We implement industry-standard security measures to protect your data.
Storage Infrastructure:
All data is stored in Supabase PostgreSQL databases with encryption at rest.
Database connections use SSL/TLS encryption (sslmode=require) for data in transit.
Geographic redundancy via secure, compliant cloud infrastructure.
Access Tokens & Credentials:
Gmail OAuth access tokens and refresh tokens are stored encrypted in the database.
Tokens are transmitted over HTTPS only.
We actively manage token expiration and automatic refreshes.
Application Security:
All API communications use HTTPS/TLS encryption.
We utilize OAuth 2.0 for secure authentication with Google.
Session tokens are cryptographically secure with 7-day expiration.
Input validation and sanitization are performed on all user data to prevent injection attacks.
5. Data Retention and Deletion
We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.
Retention Periods:
Email Data: Retained as long as your account is active and Gmail authorization is maintained.
Session Data: Expires and is cleaned up after 7 days.
OAuth Tokens: Retained until you revoke authorization.
Automatic Deletion: When you revoke Gmail access or delete your BrandBridge account, all associated Gmail data (messages, threads, metadata, attachments, and tokens) is automatically deleted via database CASCADE constraints.
How to Request Deletion:
Revoke Access: Visit Google Permissions, find "BrandBridge," and click "Remove Access." This triggers automatic data deletion.
Delete Account: Contact brandbridge.ceo@gmail.com with the subject "Account Deletion Request." All data is permanently deleted within 30 days.
Selective Deletion: Contact support to request the deletion of specific email threads; processed within 14 business days.
6. Children's Privacy
BrandBridge is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.
7. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.
8. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: brandbridge.ceo@gmail.com
Welcome to BrandBridge. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how BrandBridge ("we," "our," or "us") collects, uses, shares, and protects your information when you use our website and services (collectively, the "Services").
By accessing or using our Services, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect information to provide our services, improve user experience, and ensure the security of our platform. This includes:
A. Information You Provide Directly
Account Information: When you create an account, we collect your name, email address, and password.
Payment Information: If you purchase services, we collect billing details and payment information. (Note: We utilize third-party payment processors; we do not store full credit card numbers on our servers).
Communications: Information you provide when you contact our support team.
B. Google User Data (Gmail API)
To provide our core services, BrandBridge accesses specific Google user data through the Gmail API. We only access data that you explicitly authorize.
Gmail Data Accessed:
Email Content: Email messages, headers, and metadata (sender, recipient, subject, date, message content).
Thread Details: Email thread information and conversation history.
Organization: Email labels, categories, and history IDs (for synchronization).
Attachments: Email attachments and their associated metadata.
Google Account Information:
Email address (for user identification).
Profile information (name, profile picture).
Account verification data.
Specific API Scopes: We request the following specific permissions:
https://www.googleapis.com/auth/gmail.readonly (Read all email messages and settings)
https://www.googleapis.com/auth/gmail.modify (Manage email labels and organization)
https://www.googleapis.com/auth/gmail.send (Send emails on your behalf)
openid, email, profile (Basic account identification)
2. How We Use Your Data
We use the data we collect for specific, legitimate business purposes.
A. General Service Usage
To provide, operate, and maintain our Services.
To process transactions and manage your account.
To send you administrative information, including updates, security alerts, and support messages.
B. Google User Data Usage
We strictly use Google user data for the following purposes:
Email Management & Organization:
Synchronizing and displaying your Gmail inbox within BrandBridge.
Organizing email threads related to brand partnerships and collaborations.
Tracking conversation history with brands and business contacts.
Enabling search and filtering of business-related emails.
Business Intelligence & Analysis:
Extracting and analyzing email content to identify brand deal opportunities.
Processing email metadata to categorize business communications.
Generating insights about partnership opportunities and negotiations.
Identifying action items and deliverables from email conversations.
Communication Features:
Enabling email sending through the Gmail API from within BrandBridge.
Tracking email thread statuses and response patterns.
Technical Operations:
Monitoring Gmail inboxes for real-time updates via Google Cloud Pub/Sub webhooks.
Maintaining synchronization state to ensure data consistency.
Storing history IDs to enable incremental email synchronization.
AI/ML Processing:
The application processes email data using AI/ML services (OpenAI) to extract business-relevant information such as deal terms, deliverables, and partnership opportunities. This is done strictly for the purpose of assisting content creators in managing their brand partnerships.
3. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We share data only with the specific third-party service providers listed below to support our infrastructure and features.
A. Third-Party Service Providers
Infrastructure & Storage:
Supabase: Cloud database provider storing synchronized email data, metadata, and user information in secure PostgreSQL databases.
Google Cloud Platform (GCP): Hosts Pub/Sub services for real-time Gmail notifications and webhooks.
AI/ML Service Providers:
OpenAI: Email content is processed through OpenAI's API to extract business-relevant information, identify brand deals, and generate insights.
Langfuse: An LLM observability platform used for monitoring AI features. Note: Langfuse receives anonymized/aggregated usage metrics, not raw email content.
B. Purpose of Sharing
Sharing is strictly limited to:
Providing core application functionality (sync, storage, analysis).
Improving user experience through AI-powered insights.
Maintaining system reliability and performance.
C. Google API Limited Use Disclosure
BrandBridge's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
4. Data Storage and Security
We implement industry-standard security measures to protect your data.
Storage Infrastructure:
All data is stored in Supabase PostgreSQL databases with encryption at rest.
Database connections use SSL/TLS encryption (sslmode=require) for data in transit.
Geographic redundancy via secure, compliant cloud infrastructure.
Access Tokens & Credentials:
Gmail OAuth access tokens and refresh tokens are stored encrypted in the database.
Tokens are transmitted over HTTPS only.
We actively manage token expiration and automatic refreshes.
Application Security:
All API communications use HTTPS/TLS encryption.
We utilize OAuth 2.0 for secure authentication with Google.
Session tokens are cryptographically secure with 7-day expiration.
Input validation and sanitization are performed on all user data to prevent injection attacks.
5. Data Retention and Deletion
We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.
Retention Periods:
Email Data: Retained as long as your account is active and Gmail authorization is maintained.
Session Data: Expires and is cleaned up after 7 days.
OAuth Tokens: Retained until you revoke authorization.
Automatic Deletion: When you revoke Gmail access or delete your BrandBridge account, all associated Gmail data (messages, threads, metadata, attachments, and tokens) is automatically deleted via database CASCADE constraints.
How to Request Deletion:
Revoke Access: Visit Google Permissions, find "BrandBridge," and click "Remove Access." This triggers automatic data deletion.
Delete Account: Contact brandbridge.ceo@gmail.com with the subject "Account Deletion Request." All data is permanently deleted within 30 days.
Selective Deletion: Contact support to request the deletion of specific email threads; processed within 14 business days.
6. Children's Privacy
BrandBridge is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.
7. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.
8. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: brandbridge.ceo@gmail.com
Welcome to BrandBridge. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how BrandBridge ("we," "our," or "us") collects, uses, shares, and protects your information when you use our website and services (collectively, the "Services").
By accessing or using our Services, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect information to provide our services, improve user experience, and ensure the security of our platform. This includes:
A. Information You Provide Directly
Account Information: When you create an account, we collect your name, email address, and password.
Payment Information: If you purchase services, we collect billing details and payment information. (Note: We utilize third-party payment processors; we do not store full credit card numbers on our servers).
Communications: Information you provide when you contact our support team.
B. Google User Data (Gmail API)
To provide our core services, BrandBridge accesses specific Google user data through the Gmail API. We only access data that you explicitly authorize.
Gmail Data Accessed:
Email Content: Email messages, headers, and metadata (sender, recipient, subject, date, message content).
Thread Details: Email thread information and conversation history.
Organization: Email labels, categories, and history IDs (for synchronization).
Attachments: Email attachments and their associated metadata.
Google Account Information:
Email address (for user identification).
Profile information (name, profile picture).
Account verification data.
Specific API Scopes: We request the following specific permissions:
https://www.googleapis.com/auth/gmail.readonly (Read all email messages and settings)
https://www.googleapis.com/auth/gmail.modify (Manage email labels and organization)
https://www.googleapis.com/auth/gmail.send (Send emails on your behalf)
openid, email, profile (Basic account identification)
2. How We Use Your Data
We use the data we collect for specific, legitimate business purposes.
A. General Service Usage
To provide, operate, and maintain our Services.
To process transactions and manage your account.
To send you administrative information, including updates, security alerts, and support messages.
B. Google User Data Usage
We strictly use Google user data for the following purposes:
Email Management & Organization:
Synchronizing and displaying your Gmail inbox within BrandBridge.
Organizing email threads related to brand partnerships and collaborations.
Tracking conversation history with brands and business contacts.
Enabling search and filtering of business-related emails.
Business Intelligence & Analysis:
Extracting and analyzing email content to identify brand deal opportunities.
Processing email metadata to categorize business communications.
Generating insights about partnership opportunities and negotiations.
Identifying action items and deliverables from email conversations.
Communication Features:
Enabling email sending through the Gmail API from within BrandBridge.
Tracking email thread statuses and response patterns.
Technical Operations:
Monitoring Gmail inboxes for real-time updates via Google Cloud Pub/Sub webhooks.
Maintaining synchronization state to ensure data consistency.
Storing history IDs to enable incremental email synchronization.
AI/ML Processing:
The application processes email data using AI/ML services (OpenAI) to extract business-relevant information such as deal terms, deliverables, and partnership opportunities. This is done strictly for the purpose of assisting content creators in managing their brand partnerships.
3. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We share data only with the specific third-party service providers listed below to support our infrastructure and features.
A. Third-Party Service Providers
Infrastructure & Storage:
Supabase: Cloud database provider storing synchronized email data, metadata, and user information in secure PostgreSQL databases.
Google Cloud Platform (GCP): Hosts Pub/Sub services for real-time Gmail notifications and webhooks.
AI/ML Service Providers:
OpenAI: Email content is processed through OpenAI's API to extract business-relevant information, identify brand deals, and generate insights.
Langfuse: An LLM observability platform used for monitoring AI features. Note: Langfuse receives anonymized/aggregated usage metrics, not raw email content.
B. Purpose of Sharing
Sharing is strictly limited to:
Providing core application functionality (sync, storage, analysis).
Improving user experience through AI-powered insights.
Maintaining system reliability and performance.
C. Google API Limited Use Disclosure
BrandBridge's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
4. Data Storage and Security
We implement industry-standard security measures to protect your data.
Storage Infrastructure:
All data is stored in Supabase PostgreSQL databases with encryption at rest.
Database connections use SSL/TLS encryption (sslmode=require) for data in transit.
Geographic redundancy via secure, compliant cloud infrastructure.
Access Tokens & Credentials:
Gmail OAuth access tokens and refresh tokens are stored encrypted in the database.
Tokens are transmitted over HTTPS only.
We actively manage token expiration and automatic refreshes.
Application Security:
All API communications use HTTPS/TLS encryption.
We utilize OAuth 2.0 for secure authentication with Google.
Session tokens are cryptographically secure with 7-day expiration.
Input validation and sanitization are performed on all user data to prevent injection attacks.
5. Data Retention and Deletion
We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.
Retention Periods:
Email Data: Retained as long as your account is active and Gmail authorization is maintained.
Session Data: Expires and is cleaned up after 7 days.
OAuth Tokens: Retained until you revoke authorization.
Automatic Deletion: When you revoke Gmail access or delete your BrandBridge account, all associated Gmail data (messages, threads, metadata, attachments, and tokens) is automatically deleted via database CASCADE constraints.
How to Request Deletion:
Revoke Access: Visit Google Permissions, find "BrandBridge," and click "Remove Access." This triggers automatic data deletion.
Delete Account: Contact brandbridge.ceo@gmail.com with the subject "Account Deletion Request." All data is permanently deleted within 30 days.
Selective Deletion: Contact support to request the deletion of specific email threads; processed within 14 business days.
6. Children's Privacy
BrandBridge is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.
7. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.
8. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: brandbridge.ceo@gmail.com