Privacy, Safety, and Ethics

In a world where data is becoming increasingly valuable, we at Brainvine understand that your privacy and data security are critical. That's why we've taken a number of strict measures to ensure that your data is always safe.

About Shape Image
Home Hero Large Image
More than 20,000 professionals have already chosen Brainvine

Measures to protect your privacy and secure your data

  • Secure EU servers

    All our servers are located within the European Union, mainly in the Netherlands. This means that your data is protected by the world's most stringent privacy laws, in accordance with the General Data Protection Regulation (GDPR).

  • We do not share data

    We never share sensitive information with third parties, except when it is strictly necessary to provide services to you as a customer. Your information is yours, and we respect that. This is in line with the principle of data minimization as set out in the GDPR.

  • Full GDPR compliance

    Brainvine fully complies with the GDPR guidelines. We have data processing agreements with our AI providers that ensure that your data remains safe and private. These agreements are crucial to meet the data processor's responsibilities as described in Article 28 of the GDPR.

  • No model training

    Our AI providers are contractually obliged by means of a data agreement not to use your data to enrich, train or in any way improve their models. Your data remains your data. This protects your rights to privacy and data protection.

  • Encryption and privacy

    We never have “eyes-on” access to user conversations. Everything you share with us is stored in encrypted form so that only you can access it. This is an example of data protection by design and default settings, as required by Article 25 of the GDPR.

  • You are the boss.

    At Brainvine, you are always in control of your own data. We don't store anything without your permission, and if you decide to delete something, it's really gone. No copies, no leftovers. This is in line with the right to erase data, also known as the “right to be forgotten”, as described in article 17 of the GDPR.

  • Trust as a basis

    At Brainvine, it's all about trust. We are committed to protecting your privacy and providing a safe environment where you can work with peace of mind. Choose Brainvine and experience the security of data security and privacy protection at the highest level.

Google OAuth integration

When you sign in to our platform via Google, we use the OAuth 2.0 protocol to verify your identity. In doing so, we use the following principles:

  • Access authorization
    We only ask for access to your basic profile information at Google, namely:
    • First name, last name
    • E-mail address
    • Profile picture
  • Purpose of use
    This information is only used to:
    1. Verify your identity and create your account or log in.
    2. Personalizing the user experience (for example, by displaying your name).
  • Save and Delete Data
    We only store the minimum information required for as long as your account is active. When you delete your account, we also completely delete your Google login information, in accordance with our deletion policy (Right to Delete, Article 17 GDPR).
  • Sharing with third parties
    We don't share your Google data with other parties unless it's strictly necessary to provide the service you've requested.
  • Revoke permissions
    You can revoke our app's access to your Google Account at any time via your Google Account settings. After revocation, you will no longer be able to sign in with Google.
  • Privacy Policy Link
    Our full privacy policy — including this Google-OAuth section — is on this dedicated page, hosted on our own, validated domain. This page is prominently linked on our app homepage and interface. We will communicate changes to this privacy policy clearly via email and in the app.

Technical and organizational measures
In addition to the above points, we apply the following additional guarantees:

  1. Regular security audits
    Periodic checks by external specialists to detect leaks or weaknesses.
  2. Restricted internal access
    Only authorized personnel with a strict “need-to-know” principle can access certain functional systems.
  3. Backups and recovery procedures
    Automated backups on encrypted media and procedures for rapid data recovery.