As a data-dependent company, protecting our customers’ data is a primary consideration that drives every decision we make. Our Privacy Principles are so important to us that we’ve decided to expand upon them in a multi-part blog series. In this installment we explore Privacy Principle number three: We never rent or sell personal data.
We Never Rent or Sell Personal Data
No Branch customer can access another Branch customer’s end-user data. And we are not in the business of renting or selling any customer’s end-user data to anyone else. To enable customers to control their end-user personal data, they can request deletion of that data here at any time, whether in bulk or for a specific end user. These controls are available to customers worldwide, although we designed them to comply with GDPR requirements as well.
One of our foundational principles is that of trust. Customers must trust Branch in order to put our service front and center in every email, social post, share, advertisement, or general message they send to their users. One of the essential ways we build trust is by guaranteeing that our customers’ user data is secure, private, and never accessible by any other customer on our platform. We deliver this through data isolation architecture and industry-leading investments in security such as SOC2, ISO27001, and rigorous security investments.
The principle seems simple enough but it’s important to understand how it applies to Branch products. At the heart of our platform is a persona graph that supports and is used by all of the products on our platform. This persona graph is powerful because it links the identity fragments of a user that are spread across the devices, browsers, and apps they use, enabling Branch to deliver a connected experience and measurement to the user regardless of channel or device, and to provide a full picture to marketers of which campaigns and touchpoints are actually working.
But if we’re connecting all those identity fragments, does that mean that companies who implement Branch have access to the user data of other companies using the platform? Never. Does it mean that companies who implement Branch are essentially buying into this data? No. They will never have access to it. Here’s why: Our persona graph is advanced privacy technology that keeps data isolated and secure between customers, but allows us to build far better connected experiences and more accurate measurement because of Branch’s scale.
For example, if a user clicks on an email sent by Acme Books, Acme Books will only be able to see parameters of that link click because it happened inside their own platform. They cannot see any other information (like advertising identifier) that has not yet been “earned” by Acme — because that user hasn’t gone into the app yet. Now, if a user opens the Acme app, Acme Books will then be able to see app-specific information — but only because the user chose to engage directly with Acme’s app. No other user data is transferred to Acme Books. The only incremental information the persona graph provides to Acme Books is that both of those activities — the email link click and the app open, both of which came from a user’s direct interaction with Acme properties — came from the same person. It’s the connections between earned user data. That’s it. Acme will never be able to see where or how the connection was made or by what method, but it’s done in a far more accurate way than any technology on the market today.
Privacy Principle #3 can be distilled down to this: Your data is your data no matter what, and neither your competitors nor any other company will ever have access to it. Furthermore, you’ll never be able to access any other company’s data. We never make it available in any form to anyone. And we certainly never sell it to anyone. Your data is YOUR data. This is a key part of the foundation of trust in Branch.