Branch Navigator Privacy Policy

Last updated October 11, 2021

Overview

We value privacy and are committed to providing our services in a privacy-first way, including by practicing data minimization, limiting the information we disclose, and implementing measures to safeguard our data. At a high level, our Branch Navigator Services help our Customers’ Users navigate their mobile devices with more relevant suggestions and improved search capabilities. To provide these services, we collect certain device-level data (e.g., advertising identifier and IP address) and query data (e.g., “t”, “tw”) from Users. We use this information to provide and improve the Navigator Services, as well as to provide other Branch products and services, and generally to serve or communicate with our Customers. We may also de-identify or aggregate data we collect through the Navigator Services and use it for any purpose. We disclose information to our service providers and Customers and also to comply with laws, to protect ourselves and others, or as part of a business transaction. Users may opt out of certain data collection by following the instructions in the User Choices section below. Because we provide technology that powers the Navigator Services to our Customers, they may use a different name to describe their use of Branch’s Navigator Services (for example, “Scout” or “Finder”). Users should review the privacy policies of their mobile device providers and mobile applications they use, which may give You additional options or rights regarding how our Customers use Your data.

Introduction

Branch Metrics, Inc. ("Branch", "us", or "we") offers a Navigator service (the “ Navigator Services”), that enables developers of mobile applications and device features using the Navigator Services (our " Customers") to provide contextual results and intent-based links in their apps, giving their end users ("Users") simplified access to completing an action (for example, to quickly navigate to a deep page within a particular app). Branch recognizes and believes that data privacy is important to all Internet users, and therefore we design and operate our services in a privacy-first manner.

This Branch Navigator Privacy Policy (the “Navigator Privacy Policy”) explains what information Branch uses to provide the Navigator Services, and how it shares and protects data obtained by Branch through the Navigator Services.

Please note that this Navigator Privacy Policy only applies to the Navigator Services. Branch also offers a website and other services, some of which may be accessible by Users who, through their use of the Navigator Services, click on a Branch link or interact with an app or website of a Branch customer. For the privacy policy applicable to the Branch website and other Branch services, including services accessible by Users through the Navigator Services, please review the Branch privacy policy posted here. The Navigator Services, and the Branch services described in the Branch privacy policy, are collectively the “Branch Platform".

What are the Navigator Services?

Branch provides technology so Customers can provide their Users with content results in response to queries. We do this in two main ways. First, Branch leverages data from Users through the Navigator Services and through other Branch services to enhance and tailor results in response to queries. Second, Branch provides Customers with mobile deep-linking technology to return deep links to queries. “Deep linking” means providing links to a specific, generally searchable or indexed, piece of content in an app or on a website (e.g. “https://branch.io/security/”), rather than the app’s landing page or website’s home page (e.g., “https://branch.io”). Deep links thus enable Users to be directed to specific content within an app. Branch generally has no direct relationship with Users. When Customers install the Branch technology on their apps (via an application programming interface and/or software development kit), the technology enables Customers to respond to Users’ queries with contextual results and intent-based deep links, which in turn helps Users by giving them results and deep links to simplify access to completing an action (for example, to identify nearby restaurants, order food for delivery, travel to a location, or find a contact on their device).

What Information Does Branch Collect from the Navigator Services?

User Data

Below, we explain what information we collect from Users through the Navigator Services. We process information in a way that is relevant for the purpose for which it was collected as described below.

We require that each Customer commit to share with Branch only information that it has lawfully obtained and that it has the right to share with Branch. We strongly discourage Customers from sharing sensitive User information with us, as such information is not necessary for the provision of the Navigator Services.

Software development kits (“SDKs”) and application programming interfaces (“APIs”) include code that allows Customers to integrate and use the Navigator Services. The Branch Navigator Services SDKs and APIs collect the following information when Customers use the SDKs and/or APIs in their mobile apps, some of which is considered personal data under applicable law (in other words, information that itself may identify a unique individual or can be linked back to an individual). The chart below summarizes the information collected automatically by the Navigator Services and for what purposes this information is being collected.

Information Collected	Purpose
Advertising identifier (e.g., Google Ad ID or IDFA)	Used for device identification and serving personalized results and advertising.
IP Address	Used to understand general location, and for statistical purposes.
Country Code	This is the ISO country code equivalent for the SIM provider’s country code, and is used to understand country-level location.
Device Locale (country, language)	Used for customizing results and advertising to the device’s country and language settings.
Query	Any query submitted by a User for purposes of responding to the User’s queries. Queries may include information that identifies an individual (for example, if a User searches for a friend “John Smith” or for news about a particular celebrity) as well as information that does not identify anyone (for example, “pizza nearby” or “phone cases”). Queries may be Internet-based or device-based (for example, to search for a contact or an app on a User’s phone). For Internet-based queries, we collect the information described in this table. For device-based queries, our SDK will collect and store information locally on a User’s device (for example, a User’s contacts or the apps stored on a User’s device), but Branch does not receive this data.
Device Model	Used to serve relevant results and advertising, and for reporting.
Device Manufacturer	Used to serve relevant results and advertising, and for reporting.
Operating System	Used to serve relevant results and advertising, and for reporting.
Operating System Version	Used to serve relevant results and advertising, and for reporting.
Mobile Network Status (Carrier)	Used to serve relevant results and advertising, and for reporting.
Screen Resolution	Used to serve relevant results and advertising, and for reporting.
Screen Size	Used to serve relevant results and advertising, and for reporting.
Navigator Services Software Data	Information about the Navigator Services software running on your phone, including version, package name, and Customer (not User) information associated with software installation.
Engagement Data	Information relating to a User’s interactions (e.g., impressions, clicks) with the Navigator Services, including query results, advertisements, and/or apps; used to improve the Navigator Services and for reporting.

In certain cases, Customers have configured the Navigator Services to operate on a device without sending either the advertising identifier or query to Branch servers. In such cases:

the Navigator Services will analyze information stored on your mobile device to serve results and advertising. Such analysis will be conducted within your device, and Branch does not collect such data to conduct this analysis.
Branch may momentarily read an IP address for statistical purposes and to anonymously sync data from its servers to improve on-device query results and advertising.

In addition to the information we collect identified above, the Navigator Services may otherwise analyze information stored on your mobile device or accessible through your mobile device’s services to provide more relevant results to and advertising for mobile app content in response to queries. The analysis of such information accessible through your mobile device will be conducted within your device, and Branch does not collect such data to conduct this analysis.

Customer Data & Postback Data

Customers may provide information to us to help better direct advertising to their desired audiences delivered through the Navigator Services (“Customer Data”). Branch processes Customer Data as a service provider on behalf of its customers for the Navigator Services and will not use this Customer Data for other purposes.

In some cases, Branch permits Customers that do not use other Branch Services, such as Branch’s attribution tools, to use the Navigator Services to deliver advertisements in connection with Users’ queries. When this occurs, we may receive data from such Customers’ third-party service providers, at Customers’ direction, regarding how those Customers’ end users interact or engage with Customer’s advertisements (“Postback Data”).

Branch processes all Postback Data it receives as a processor on behalf of each Customer that provides it, and Branch uses that Postback Data only to provide the Navigator Services to the Customer. Branch does not control the purposes or means of processing the Postback Data by Customer, and is not responsible for Customer’s collection, use or disclosure of Postback Data.

How Does Branch Use Information Collected by the Navigator Services, and What Information Does Branch Use to Provide the Navigator Services?

Data Branch collects through the Navigator Services is processed:

to provide, maintain, optimize, research, and improve the Navigator Services, including to develop the results for User queries and improve the relevance and/or usefulness of the results.
to better understand how and from where Users come to click on certain deep links and what types of links are popular.
to serve advertisements in connection with Users’ queries.
to fulfill Customers’ and prospective Customers’ requests for the Navigator Services including processing data at the Customer’s direction and transferring User data to them. Branch does not control how Customers use information Branch shares with Customers, and Users should read Customers’ privacy policies to understand how Customers use information they receive from Branch.
to use for internal and Customer business purposes, including to support both the Navigator Services and other Branch products and services, develop new products and services, market products or services, support the products and services of our Customers, and as permitted or required by applicable law.
to create reports based on aggregated information, which is information that cannot be linked back to any individual person or Customer, and share these reports with the public.

We may aggregate and/or de-identify the data we collect. After data has been aggregated and/or de-identified, Branch does not use it to personally identify an individual. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including business partners, Customers, and/or others.

Where permitted by law and our agreements with customers, and with your consent (to the extent required by law), Branch may also use data collected through other Branch services to enhance and tailor results of User queries. Please see the Branch privacy policy to understand our privacy practices with respect to those Branch services.

Our Customers’ Use of Information

We require that our Customers utilize the Navigator Services responsibly and in accordance with certain terms and conditions. Branch is not responsible for the data practices of any of our Customers through the Navigator Services or otherwise. Each Customer’s practices are subject to each Customer’s individual privacy policy. Users should review the privacy policy of each Customer to understand how that Customer treats User information collected through the Navigator Services.

User Choices

Where available, you may be able to modify what data will be sent to Branch by (1) deleting the Customer app through which You use the Navigator Services, (2) modifying settings in the Customer app, or (3) resetting or re-installing the Customer app or device software.

Do Not Track

The Navigator Services are designed for mobile applications and therefore do not respond to web browser “do not track” signals.

How Does Branch Share Information?

In addition to the ways described above, Branch may also share information with others under the following circumstances:

With third-party vendors, consultants and other service providers who work for us and need access to information we collect to do that work, including for cloud storage, data analysis, and project tracking. These third parties are prohibited from using the information for purposes other than performing services for us or to comply with applicable legal requirements.
With our Customers and their agents, as described in this Navigator Privacy Policy.
With customers of other Branch services, including their vendors or agents, if requested by the customer, for attribution purposes.
To comply with laws or to respond to lawful requests and legal process, and in order to investigate, prevent, or take action regarding suspected, or actual, prohibited activities, including but not limited to fraud and situations involving potential threats to the physical safety of any person.
To protect the rights and property of Branch, our agents, Customers, Users, and others including to enforce our agreements, policies, and any applicable terms and conditions.
In connection with or during negotiation of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

How We Secure the Information We Collect

Securing the information provided by our Customers and collected through the Navigator Services is important to us. Branch has implemented industry-standard technical, administrative, and physical safeguards to help protect the information on our servers against unauthorized access, alteration, disclosure or destruction. You are responsible for maintaining the security of Your devices and online accounts, such as not sharing passwords to Your devices.

Links to Other Services

The Navigator Services link to other websites and apps. These other domains are not controlled by Branch, and we do not endorse or make any representations about third-party websites, apps, or social media platforms. We encourage You to read the privacy policies of each website and application that You interact with. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at Your own risk.

Our Data Retention Policy

Personal data collected via the Navigator Services are stored in an identifiable form for no more than 7 days, after which they are removed or pseudonymized. Any and all pseudonymized logs are deleted after 12 months, unless otherwise required by applicable law or otherwise agreed between Branch and the Customer.

Branch may retain information collected by the Navigator Services beyond these periods for fraud prevention, analysis, or response, or to protect the safety of Branch, its Customers, Users, or the public.

Our Policy Regarding Children

The Navigator Services are not directed to children. We require that Customers agree to not knowingly send to us data relating to any children under 13 (or, in certain jurisdictions, under 16). If You believe that we might have any information from or about a child under 13 (and in certain jurisdictions under 16) in violation of this policy, please contact us at discoveryprivacy@branch.io, so that Branch can promptly investigate and delete any inappropriately obtained information.

Your Rights

Under applicable law, You have the right to access, rectify, erase and restrict the processing of Your personal data. You also have the right to object to Branch’s processing of Your data, all in accordance with applicable law. Because Branch cannot associate the personal data collected via the Navigator Services with a particular individual, it is not reasonably possible for Branch to verify the identity of any particular data subject. To comply with the security requirements of certain applicable laws, in such circumstances we therefore may refuse to process the data subject request and will inform You accordingly. Branch does, however, provide mechanisms for objecting to certain types of processing of Your personal data as set forth in the User Choices section above.

You have the right to lodge complaints about our data processing activities by filing a complaint with our Data Protection Officer who can be reached by the “Contact Us” section below or with a supervisory authority.

California Consumer Privacy Act

The California Consumer Privacy Act of 2018 (“CCPA”) provides certain rights to natural persons who are residents of California. Our CCPA privacy notice is available here.

Contact Us, Questions, Changes to This Discovery Privacy Policy

We may change this Discovery Privacy Policy at any time in our sole discretion. We will post all changes to this Policy on this page and will indicate at the top of the page the modified Policy’s effective date. If You have any questions or suggestions regarding this Policy, please contact our Data Protection Officer at:

Branch Metrics, Inc.
195 Page Mill Road, Suite 101
Palo Alto, CA 94306
or by email at discoveryprivacy@branch.io