Privacy Policy

When you use the Brainsmithy website or contact us, we may collect:

• Name, email address, phone number, and company name submitted via our contact form
• Information about your project or inquiry
• Usage data such as pages visited, time spent, and referral source (collected via privacy-respecting analytics)
• Device and browser information for website optimization

• To respond to your inquiries and provide requested services
• To send project updates and relevant communications
• To improve our website and services
• To comply with legal obligations

We do not sell, trade, or rent your personal information. We may share data with:

• Service providers who assist in delivering our services (e.g., email delivery, hosting)
• Legal authorities when required by law

We implement industry-standard security measures including encryption in transit (TLS), secure database access controls, and regular security reviews. No method of transmission over the Internet is 100% secure, but we strive to protect your information.

We use Google Analytics 4 to understand how visitors use our site. We do not use third-party advertising cookies. Essential cookies may be used for site functionality.

You have the right to:

• Request access to your personal data
• Request correction or deletion of your data
• Opt out of marketing communications
• Request a copy of your data in a portable format

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Contact form submissions are retained for up to 2 years.

Brainsmithy, LLC does not currently hold HIPAA, SOC 2, ISO 27001, or other formal compliance certifications. We are committed to protecting your data through industry best practices:

• Encryption of data in transit (TLS) and at rest
• Role-based access controls and least-privilege principles
• Regular security reviews and dependency auditing
• Secure coding practices following OWASP guidelines

If your project requires specific compliance standards, please discuss these needs with us during the scoping phase. Data Processing Agreements (DPAs) are available upon request for projects handling personal or sensitive data.

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page with an updated date.

If you have questions about this privacy policy or your personal data, contact us at hello@brainsmithy.ai.