Privacy & Policy

In accordance with the U.S. Data Protection Laws and GDPR version 1.1, we at IT Brain are big on data security. That is why we aim to make our Privacy Policy clear, concise and understandable so that you know exactly how your data is being managed and respected.

Who are we?

IT Brain is committed to providing a range of services to small to mid-sized firms to aid their digital transformations and turning their ideas into great software products. Driven to cultivate long-lasting relationships, we are committed to safeguarding your privacy. This website therefore serves as a marketing tool and any personal data acquired via this website is only intended for marketing purposes. This Policy makes it clear the choices available to you regarding the use of, access to, and how to update and correct your personal information. Our Privacy Policy is part of the website’s Terms of Use. We regularly update our Policy so please make sure to read it from time to time. If you have any questions regarding this Policy, please email us at info@itbrain.com.pk.

What is in this Privacy Policy?

      ● What personal data do we collect?
      ● How do we use and share your personal information?
      ● How long is your information kept for?
      ● Do we use cookies?
      ● Where is your data processed?
      ● What are your rights?
      ● Do we profile you?
      ● Is your data secured?
      ● Information security policy
      ● Legal Disclaimer
      ● Further Questions

What personal data do we collect?

We only gather that information that is necessary for us to allow you to use the website or to contact us. The information collected is only used in accordance with this Policy.

Information we obtain from you:

When you get in touch via the contact us form or the email, you provide us with your name, phone number, email address, company information, communication content and data associated with the communication. For instance when you apply for a vacancy, you share with us your name, email, contact number, location and any other information listed on your CV. You may also choose to provide similar details about an individual you want to refer. IT Brain also occasionally receives information from third parties like LinkedIn if you have given them the consent to use and transmit your information. We therefore recommend reviewing the privacy policies of such third-party websites as well before making your information public on their platform.

Information obtained from your use of our website:

The following information may be gathered when you visit our website:
      ● Information about your visits to and use of this Website, including your IP address, geographical location, browser type and version, referral source, page views and Website navigation paths.
      ● Information about your device(s), in particular, hardware model, version of the operating system.
      ● Cookies: For more information on the type of cookies and how to opt out, please continue reading.
Simply put, we may be interested in the following information:
      ● Your full name
      ● Information about your device(s), in particular, hardware model, version of the operating system.
      ● Your email?
      ● Your phone number
      ● Your geographical location
      ● Your designation
      ● Your Company
      ● Company Location
      ● Your LinkedIn profile
      ● The fact that you have visited our website
      ● What website referred you to ours
      ● Whether you have downloaded any marketing materials from our website

How do we use and share your personal information?

We process your information by way of obtaining, collecting, organising, using, retrieving, consulting, aligning or erasing. We may disclose your information to our subsidiaries or affiliates. We may also share it with third party service providers, vendors and agents who facilitate us with website management, technical support, data analysis and hosting. We make sure that they also abide by data protection policies like we do.
We may also disclose your personal data:
      ● As required by and to the extent of the law
      ● In connection with any ongoing or prospective legal proceedings
      ● To establish, exercise or defend our legal rights, including providing information to others with the aim of fraud prevention and reducing credit risk

How long is your information kept for?

We will delete your personal data as soon as we no longer have a need or a legal basis to process it.
What does this mean?
      ● We’ll always delete your data when we receive a request from you to do so (see below). In the unlikely event that we are still obliged under the law to keep your data, we’ll inform you about that.
      ● We will not store or otherwise process your data for “unlimited period” in other cases. If we rely on legitimate interest for processing, your data will be kept as long as we are in a business relationship with you. If we don't start a business relationship with you, your data will be stored in our systems for some limited time for our analytics to be done. In no case we will keep it for more than 1 year, the period which is necessary for communicating with your company as our potential client and after which we treat old analytics outdated, so your personal data is not needed anymore.

Do we use cookies?

When you visit our website, IT Brain may place cookies and similar analytical codes (collectively, “Cookies”) on your device, browser or the webpage you are viewing, in order to personalize your experience, understand usage patterns and provide, improve, and secure our website. Cookies are small pieces of text that are stored on your device when you visit a website. This allows the website to tailor its content to suit your needs whenever you visit it next. Cookies do not typically contain any information that personally identifies someone, but personal data that we store about you may be linked to the information obtained from cookies.
This may be done for a few reasons
      ● Functional: when cookies are used to tailor your experience. These Cookies make sure you can view the websites and use them in a proper way. Examples of functional cookies: SID, PHPSESSID, wp-settings-X, wp-settings-time-X, etc. For instance, cookies permit:
          ● Our website to remember the details you’ve provided when filling in forms – so that you don’t have to enter the same information multiple times.
          ● You to share website pages on social networks like Facebook, Twitter and LinkedIn.
      ● Performance: when cookies are used to analyse how you use our websites and to monitor website performance. This allows us to identify and fix any issues that arise quickly. For example, we use Google Analytics cookies to keep track of which pages are the most popular, collect anonymous information about how visitors use our website and to "remember" what a user has done visiting other pages on the website. We might also use cookies to highlight articles or offerings that we think will be of interest to you based on how you use our website.
      ● Advertising: when cookies are used to target you with our advertising. We do not allow third-party advertisements on our websites, but we do advertise our offers and services on other sites. Some of the sites on which we advertise may use cookies to store information about offers and services in which you have shown an interest as you browse the web. The information from those cookies allows the third party site to display the most appropriate advertisements for you. Examples of third-party cookies include bcookie, sb, fr, spin, wd, xs, etc.

How to reject and delete cookies?

You can adjust your browser settings to delete some of our cookies or cookies set by third parties. Most web browsers automatically accept cookies. However, you do not have to accept cookies and you can reject or block the use of cookies and delete all cookies currently stored on your device. You can find out how to do this for your particular browser by clicking “help” on your browser’s menu.

Where is your data processed?

Your data is processed in the US and may be transferred to the EU or PK - all entities abiding by the GDPR policies. Nevertheless, your data will always be safe and under GDPR protection, despite where it is processed. Such transfer and processing are possible only as reasonably necessary for the purposes set out in this Policy and within the scope of legitimate interest of IT Brain, abiding by contractual clauses so that your data does not fall outside the scope of the GDPR.

What are your rights?

As a data subject, you have the right to:
      ● Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding or using it.
      ● Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
      ● Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
      ● Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
      ● Object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
      ● Object to automated decision-making, including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
      ● Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
      ● Request transfer of your personal information in an electronic and structured form to you or to another party. This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
      ● Withdraw consent.You have the right to withdraw your consent to the collection, processing and transfer of your personal information for a specific purpose at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Should you want to exercise any of the above mentioned rights, please contact us at marketing@IT Brain.com. Before proceeding with your request, we may need to request specific information from you to confirm your identity and to ensure your right to access the information. Abuse of rights may hold you liable.

Do we profile you?

We will only undertake profiling to the extent if you have given your consent to receive marketing materials from us. We will use your personal information as described in this Policy.

Is your data secured?

IT Brain is ISO-27001 certified. Therefore we don’t allow any unreliable practices regarding the security of the information we deal with. Consequently, we take all appropriate technical and organisational measures to keep your data safe, as required by the GDPR. We do this through:
      ● All our employees, affiliates, consultants or any recipients of your data are bound by confidentiality (non-disclosure agreement) and are not authorised to process your data for purposes other than described in this Policy. We take full responsibility for that.
      ● We follow the Information Security Policy, which is mandatory and applies to all our consultants, contractors, and all other individuals who have authorised access to information resources.
      ● All our security practices and documents are reviewed on a yearly basis, approved by the executive management and are implemented throughout the group as well as are communicated to all our employees and consultants.
      ● Our Information Security Policy applies to all the information stored on physical or electronic data carriers, as well as any software and hardware that we possess or use temporarily.
      ● We conduct mandatory training for all our employees and consultants on privacy and security.
      ● Our servers, workstations and internet gateway devices are updated periodically with the latest antivirus definitions that include zero-day anti-malware protection.
      ● We ensure authentication and authorisation controls are robust and properly treated.
      ● We continuously gather and analyse data regarding all the new and existing threats and vulnerabilities, actual attacks on other organisation, as well as the information about the effectiveness of the existing security controls.
      ● We conduct risk assessment on a yearly basis.

Information Security Policy

At IT Brain, we constantly strive to align our customer needs and requirements with our core business values and industry best practices advocating highest service and product quality and maintain confidentiality, integrity and availability of information based on risk-based approach. We produce quality and security as functions in the products and services that we deliver that is defined customer requirements and designed, and developed accordingly.
IT Brain has developed a service strategy and delivery mechanism for internal and external IT infrastructure support. We create this through our effective leadership that is passionate about creating best value for its external and internal stakeholders.
At IT Brain all employees are encouraged to get involved in achieving overall customer satisfaction, quality of service and information security in following the processes and delivering the products and services. We can only do this by ensuring periodic and on need-based training at organization level and individual level. This is also to ensure that the teams stay abreast with evolving market trends and technologies.
We continually improve our systems following a Deming cycle using process approach in our QMS, ISMS and ITSM. Our processes support our system approach to management through factual decision making based on defined criteria that also encourages the involvement of all affected groups in the organization for the respective decision. IT Brain abides by all local, national and international legal requirements and regulations that we operate in.

Legal Disclaimer

In certain situations, IT Brain may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security requirements as well as instances requiring cooperation with law enforcement agencies where mandated by law.
As further required by Law (including mergers, acquisitions, divestitures, or asset sales, but only if the acquiring organization agrees to this Policy’s protections ), we may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Unauthorized Use of IT Brain Assets:

All materials provided on our website, including but not limited to text, graphics, logos, images, videos, and audio clips, are the property of IT Brain unless otherwise stated. Any unauthorized use, reproduction, distribution, or modification of our materials, including but not limited to our logo, portfolio, or work samples, is strictly prohibited and may constitute a violation of copyright, trademark, or other intellectual property laws.
IT Brain reserves the right to take legal action against any individual or entity found to be using our assets without proper authorization. This includes pursuing legal remedies for copyright infringement, trademark infringement, or theft of intellectual property. We take the protection of our intellectual property seriously and will vigorously defend our rights against any unauthorized use or exploitation. If you have any questions about the permitted use of our materials or wish to obtain authorization for a specific use, please contact us at info@itbrain.com.pk.
By accessing or using our website, you agree to abide by these terms and refrain from any unauthorized use of IT Brain's assets. We appreciate your cooperation in respecting our intellectual property rights and protecting the integrity of our brand.