Privacy Policy

Effective date: December 1, 2023

BR PERFORMANCE, LLC and its subsidiaries (“BR PERFORMANCE”, “us”, “we”, or “our”)operate https://www.br-performance.es and other websites (the “Service”)

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from https://www.br-performance.es

DEFINITIONS

Personal Data means data that (either in isolation or in combination with other information) enables you to be directly or indirectly identified.

Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Cookies are small pieces of data stored on a User’s device.

Data Controller is a party that determines the purposes for and the manner and means of processing any Personal Data. For the purpose of this Privacy Policy, we are a Data Controller of your data.

(a Processor or Servi)viders) is a party (other than an employee of the Data Controller) that processes Personal Data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your Persona Data more effectively.

(a Subject is any ) individual who is the subject of Personal Data.

(r is theindividu)ng our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

INFORMATION COLLECTION AND USE

We collect several different types of information for various purposes to provide and improve our Service to you. BR PERFORMANCE is the sole owner of the information collected on this site. BR PERFORMANCE will not sell, share, or rent this information to others in ways different from what is disclosed in this statement.

TYPES OF DATA COLLECTED

Personal Data

While using our Service, we may collect Personal Data that you choose to provide to us, for example, by registering a user account or subscribing to our newsletter. This Personal Data may include, but is not limited to:

Cookies and Usage Data

We may use Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.

Usage Data

We may also collect information on how the Service is accessed and used (Usage Data). This Usage Data may include information such as your computer's Internet Protocol (IP) address, browser type, browser version, referring websites, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, the number of times you return to a page, keystrokes typed, movement of the mouse or pointer and other click-stream or site usage data, unique device identifiers and other diagnostic data.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

- Session Cookies. We use Session Cookies to operate our Service. - Preference Cookies. We use Preference Cookies to remember your preferences and various settings. - Security Cookies. We use Security Cookies for security purposes.

Our use of cookies and other tracking technologies in our marketing operations can be adjusted based on the choices you make in our cookies setting page. We process Personal Data through the tools provided to us by Data Processors as described herein to provide and enhance our marketing services.

Our use of Personal Data collected for marketing operations is limited to the following purposes:

- Targeting specific audiences based on Users’ location and interests related to the search query. - Personalizing the ads that Users see based on their search queries. - Optimizing our campaigns. - Tracking the performance of our campaigns and measuring key metrics such as clicks, conversions, and return on investment to understand how our campaigns are performing and make data-driven decisions. - Adopting Brand Safety protection: ensuring we are not displaying our ads on unsafe or inappropriate websites, to protect our brand reputation. - Adopting of fraud prevention in our campaigns to protect our campaigns from online fraud (e.g., click fraud).

USE OF DATA

We use the collected data for various purposes: - To provide, administer, maintain, and improve our Service; - To notify you about changes to our Service; - To allow you to participate in interactive features of our Service when you choose to do so; - To provide customer support; - To monitor the usage of our Service; - To detect, prevent and address technical issues; and - For trend monitoring, marketing, and to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

RETENTION OF DATA

We store Personal Data for different time periods depending on the category of Personal Data and the nature of relationship that you have with us. We retain Personal Data for as short a period as possible to achieve the purpose for which Personal Data is collected. We consider the following criteria when we are making decisions on how long we will retain Personal Data:

- The category of Personal Data; - Whether the Personal Data is typically deleted based on specific schedules, such as marketing information; - Whether the Personal Data is necessary to operate or provide our services. For example, account information may be retained for a longer period of time based on the Agreement you have with us; - How long we need to retain the Personal Data to comply with our legal obligations; and - Our legitimate interests or legal purposes, such as network improvement, fraud prevention, record-keeping, promoting safety, security and integrity, or enforcing our legal rights.

TRANSFER OF DATA

Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

BR PERFORMANCE will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. No transfer of Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your Personal Data.

We may transfer customer information, including Personal Data, in connection with the evaluation of and entry into business transactions and based on our legitimate interests, such as buying or selling a business entity. If we or our assets are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Data may be one of the assets transferred to or acquired by a third party. We may also share Personal Data with our subsidiaries and affiliates for purposes consistent with this policy and based on our legitimate interests or contractual necessity.

DISCLOSURE OF DATA

Disclosure for Law Enforcement

Under certain circumstances, BR PERFORMANCE may be required to disclose Personal Data if required by law or in response to valid requests by public authorities (e.g., a court or a government agency).

Legal Requirements

We may disclose Personal Data in the good faith belief that such action is necessary to:

- To comply with a legal obligation, to protect and defend the rights or property of BR PERFORMANCE, to prevent or investigate possible wrongdoing in connection with the Service, to protect the personal safety of users of the Service or the public, or to protect against legal liability.

Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect Personal Data, we cannot guarantee its absolute security.

(DO NOT TRACK SIGNALS) We do not support Do Not Track (DNT). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. EXERCISE YOUR RIGHTS

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of Personal Data.

Whenever made possible, you can update Personal Data directly within your account settings section. If you are unable to change Personal Data, please contact us to make the required changes.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

You may have certain rights relating to your Personal Data, depending on your location and subject to local applicable laws. These rights may include, subject to any exceptions or limitations:

- The right to know what Personal Data is being collected and for what purpose; - The right to access your Personal Data; - The right to have your Personal Data rectified, corrected or updated; - The right to have your Personal Data deleted, including from any third parties where your Personal Data has been sold, shared or disclosed; - The right to opt out of the “sale” or “sharing” of your Personal Data; - The right to object to the processing of your Personal Data; and - The right not to be subject to any automated decision making and profiling.

If you would like to access, review, update, correct, and delete any Personal Data we hold about you, or exercise any other privacy rights available to you, please contact us. Our privacy team will review your verifiable privacy rights request (“Privacy Rights Request”) and respond to you as quickly as possible. If we are unable to comply with your request due to an exception or limitation, we will explain this in writing. If we need more time, we will inform you of the reason and extension period in writing.

We do not collect or use any sensitive categories of Personal Data and does not discriminate against you for exercising your privacy rights.

Please note that we may ask you to verify your identity before responding to such requests. This verification step will allow us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative. We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you.

Under the California Privacy Rights Act (‘CPRA’) and Virginia Commonwealth Data Protection Act (‘CDPA’), residents of California and Virginia have certain rights regarding the Personal Data that businesses collect and process about them. This includes the right to request access or deletion of Personal Data, as well as the right to direct a business to stop selling or sharing Personal Data.

In this Policy, we have detailed the categories of Personal Data that we collect and/or share, for what purposes, and the Data Processors and third parties with whom Personal Data may be shared.

We collect and in the past 12 months have collected the following categories of Personal Data for our business purposes: personal identifiers; information collected by cookies and other technologies, including IP address; Internet or other electronic network activity information, including app log information, content you view or engage with, and app, browser and device information; and inferences drawn from any of the above categories of Personal Data.

While we do not sell Personal Data in exchange for any monetary consideration, we do share Personal Data for other benefits as defined by Cal. Civ. Code 1798.140(ad)(2). We have shared in the preceding 12 months Personal Data as necessary for specific “business purposes,” as defined by Cal. Civ. Code 1798.140(e) and specified herein. This includes sharing personal identifiers, commercial information, and Internet or other electronic network activity with third parties such as payment processing providers, helpdesk services, consultants, and website analytics companies. You have a right to direct BR PERFORMANCE not to sell or share Personal Data. We do not sell or knowingly share the Personal Data of consumers who are under 18 years of age.

If you would like to access, review, update, correct, delete any Personal Data we hold about you, or exercise any other privacy rights available to you, including the right to opt out from selling or sharing Personal Data, please see the “Exercise your Rights” section of this Policy. We endeavor to respond to a Privacy Rights Request (as defined herein) within the required timeframes. If we need more time, we will inform you of the reason and extension period in writing. If you submit your Privacy Rights Request electronically through our request form, we will deliver our written response to the verified email associated with the request. If you did not submit the request with us via the online webform, we will deliver our written response by mail or electronically, at your option. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Right to Appeal – California and Colorado

If we do not take action on your Privacy Rights Request, we will inform you in writing of the reasons for not taking action, as well as provide an explanation of any rights you have to appeal the decision.

Right to Appeal – Virginia and Connecticut

You have the right to appeal a refusal to take action on a Privacy Rights Request within a reasonable period of time after your receipt of our decision. Within 60 days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you will be provided with a method through which you may contact the Attorney General of Virginia if you are a Virginia resident or the Attorney General of Connecticut if you are a Connecticut resident to submit a complaint.

DATA PROCESSORS AND SERVICE PROVIDERS

We may employ third-party companies and individuals to facilitate our Service (Service Providers), to provide the Service on our behalf, to perform Service-related services, or to assist us in analyzing how our Service is used.

These third parties have access to Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. For example, as listed herein, we may share Personal Data with vendors, consultants, and other Data Processors we employ to perform services on our behalf.  As listed herein, these Data Processors may include our payment processing providers, website analytics providers, tools we use to prevent spam and other security risks related to the abusive automated software, online activities, product feedback, help desk software providers, CRM service providers, and e-mail service providers.

Enterprise Resource Planning (ERP) - Netsuite

BR PERFORMANCE uses the Netsuite Enterprise Resource Planning (ERP) system as its primary business system. For more information on the privacy practices of Netsuite, please visit their data privacy page: https://www.oracle.com/legal/privacy/index.html

Communication - Five9

BR PERFORMANCE uses the Five9 cloud contact center system. If a customer calls the customer service number, the Five9 system will use the caller ID information and attempt to automatically locate the customer’s information. Phone conversations and the associated inbound phone number are recorded in the Five9 system and may be retained for up to 30 days. For more information on the privacy practices of Five9, please visit Five9’s security and privacy page: https://www.five9.com/trust/security-privacy

Email – Microsoft Office 365 Outlook

Any part of the information related to an order or account with BR PERFORMANCE could be contained in the email of our employees. This information could include Personal Data along with order information or any other information related to your transaction. BR PERFORMANCE subscribes to Microsoft Office 365 and may set an email data retention period according to company policies. For more information on the privacy practices of Microsoft, please visit their data privacy page: https://products.office.com/en-us/business/office-365-trust-center-privacy

ANALYTICS AND BEHAVIORAL REMARKETING

BR PERFORMANCE may use third-party Service Providers to monitor and analyze the use of our Service. BR PERFORMANCE may also use remarketing services to advertise on third-party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Service.

Microsoft Bing Universal Event Tracking

Microsoft Bing Universal Event Tracking (UET) is a mechanism for advertisers to report user activity on their websites to Bing Ads. UET records what customers do on the Service, and then Bing Ads starts collecting that data, allowing BR PERFORMANCE to track conversions or target audiences using remarketing lists.

For more information on the privacy practices of Microsoft, please visit the Microsoft Privacy Statement web page: https://privacy.microsoft.com/en-us/PrivacyStatement

Google Analytics and AdWords

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. Google AdWords remarketing service is provided by Google Inc.

You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: https://adssettings.google.com/anonymous Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy

Facebook

Facebook remarketing service is provided by Facebook Inc.

You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950

To opt-out from Facebook's interest-based ads, follow these instructions from Facebook:https://www.facebook.com/help/568137493302217

Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA.http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canadahttps://youradchoices.ca/or the European Interactive Digital Advertising Alliance in Europehttp://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook's Data Policy:https://www.facebook.com/privacy/explanation.

PAYMENTS

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g., payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of Personal Data is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

We work with Stripe as a payment processor. Their Privacy Policy can be viewed athttps://www.stripe.com/

LINKS TO OTHER SITES

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

As noted in our website terms of use, we have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

SMS ABANDON CART DISCLOSURE

This website uses cookies to help keep track of items you put into your shopping cart, including when you have abandoned your cart, and this information is used to determine when to send cart reminder messages via SMS.

CHILDREN'S PRIVACY

Our Service does not address anyone under the age of 18 ('Children'). If you are under 18, please do not attempt to register for the Services or send any Personal Data about yourself to us.

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take reasonable steps to remove that information from our servers and will not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law).

CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the 'effective date' at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.