Privacy Policy

Information You Provide

Account Information. When you create an account, we collect your name, email address, and password. If you sign up through a third-party authentication provider (such as Google), we receive your name and email from that provider.

Brand Names and Context. When you use the Service to analyze a brand name, we collect the brand name you submit and any optional context you provide (such as industry, target customers, location, or brand description). This information is used to generate your analysis and is stored with your account.

Payment Information. If you subscribe to a paid plan, our payment processor (Stripe) collects your payment card details, billing address, and related financial information. We do not store your full credit card number on our servers. We receive only a partial card number, card type, and billing details necessary to manage your subscription.

Communications. If you contact us for support or provide feedback, we collect the content of those communications along with your email address.

Information We Collect Automatically

Usage Data. We collect information about how you interact with the Service, including pages visited, features used, analysis history, timestamps, and actions taken.

Device and Browser Information. We collect your IP address, browser type and version, operating system, device type, screen resolution, and language preferences.

Cookies and Similar Technologies. We use cookies and similar tracking technologies to maintain your session, remember your preferences, and understand how the Service is used. See Section 8 for details.

Information Generated by the Service

Analysis Results. When you submit a brand name, the Service generates analysis data including domain availability results, social handle availability results, trademark screening results, naming attribute scores, AI-generated verdict text, alternative name suggestions, and compound word analysis. This generated data is associated with your account.

Providing the Service. To operate the Service, process your brand name analyses, generate reports and PDF downloads, and deliver results. This includes sending your brand name and context to AI service providers to generate verdicts, naming analysis, trademark assessments, and alternative suggestions.

Account Management. To create and manage your account, process payments, enforce usage limits based on your subscription tier, and communicate with you about your account.

Service Improvement. To understand how the Service is used, identify issues, improve features, and develop new capabilities. We may analyze aggregated, de-identified usage patterns for these purposes.

Security and Fraud Prevention. To detect, prevent, and respond to security incidents, fraud, and abuse of the Service.

Legal Compliance. To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

Communications. To send you transactional emails (account confirmation, password resets, analysis notifications). We may also send marketing communications about new features if you opt in. You can opt out of marketing emails at any time.

We do not sell your personal information. We share information only in the following circumstances:

Service Providers. We use third-party service providers to operate the Service. These providers process your data on our behalf and are contractually required to protect it: Supabase (database hosting and authentication), Stripe (payment processing), Vercel (application hosting), and AI Service Providers (we send brand names and context you provide to AI models to generate analysis results; these providers process the data according to their API terms and do not use your inputs to train their models).

Domain and Trademark Registries. To check domain availability, we query public WHOIS/RDAP services. To screen trademarks, we query the United States Patent and Trademark Office (USPTO), the European Union Intellectual Property Office (EUIPO), and IP Australia. These are public databases, and the queries contain only the brand name — not your personal information.

Social Media Platforms. To check handle availability, we make requests to social media platforms using the brand name you submit. These requests do not include your personal information.

Legal Requirements. We may disclose your information if required by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers. In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

With Your Consent. We may share your information for other purposes with your explicit consent.

Account Data. We retain your account information for as long as your account is active. If you delete your account, we will delete or de-identify your personal information within 30 days, except where we are required to retain it for legal, accounting, or security purposes.

Analysis Data. When you remove a brand name analysis from your dashboard, the analysis is hidden from your view but retained in our systems for a reasonable period for operational and compliance purposes. To request permanent deletion of analysis data, contact us at privacy@brandlockapp.com.

Anonymized Data. We may retain aggregated, anonymized data that cannot be used to identify you indefinitely for research and service improvement purposes.

Depending on your location, you may have the following rights regarding your personal information:

• Access. Request a copy of the personal information we hold about you.
• Correction. Request that we correct inaccurate or incomplete personal information.
• Deletion. Request that we delete your personal information, subject to certain legal exceptions.
• Portability. Request a copy of your data in a structured, machine-readable format.
• Opt-Out of Marketing. Unsubscribe from marketing emails at any time.
• Withdraw Consent. Where processing is based on your consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@brandlockapp.com. We will respond within 30 days (or sooner if required by applicable law).

For California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act. These include the right to know what personal information we collect, the right to delete, the right to correct, and the right to opt out of the sale or sharing of personal information. We do not sell or share (as defined by the CCPA) your personal information. To submit a request, email privacy@brandlockapp.com.

For European Economic Area, UK, and Swiss Residents

If you are in the EEA, UK, or Switzerland, we process your personal data based on the following legal bases: performance of a contract (providing the Service), legitimate interests (improving the Service, preventing fraud), consent (marketing communications), and legal obligations. You have the right to lodge a complaint with your local data protection authority. For data transfers outside the EEA, we rely on Standard Contractual Clauses or other approved transfer mechanisms.

We implement reasonable technical and organizational measures to protect your information, including:

• Encryption in transit (TLS/HTTPS)
• Encryption at rest for stored data
• Access controls limiting who can access your data
• Regular security assessments

No system is completely secure, and we cannot guarantee the absolute security of your information. If we become aware of a security breach affecting your personal data, we will notify you as required by applicable law.

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn that we have collected such information, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@brandlockapp.com.

We use the following types of cookies:

Essential Cookies. Required for the Service to function (authentication, session management, security). These cannot be disabled without breaking core functionality.

Analytics Cookies. Help us understand how the Service is used (page views, feature usage, error tracking). We use these to improve the Service.

We do not use advertising or tracking cookies. We do not serve ads, and we do not allow third-party advertisers to place cookies on the Service.

You can manage cookie preferences through your browser settings. Blocking essential cookies may prevent the Service from functioning properly.

The Service may contain links to third-party websites (such as domain registrars, social media platforms, or trademark offices). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

AI-Generated Content. BrandLock uses artificial intelligence to generate analysis results, including verdicts, naming attribute scores, alternative name suggestions, trademark risk assessments, and compound word analysis. AI-generated content may contain errors, omissions, or inaccuracies.

Not Legal Advice. Trademark screening results are informational only. They do not constitute a legal opinion or legal advice. Consult a qualified trademark attorney before making filing or business decisions based on our results.

Data Sent to AI Providers. When you submit a brand name for analysis, the name, your optional context, and structured analysis data are sent to our AI service provider’s API. This data is processed according to their API terms of service, which prohibit using API inputs for model training. We do not send your email, payment information, or other personal account details to AI providers.

Your information may be transferred to and processed in countries other than your own. Our service providers may operate in the United States and other jurisdictions. Where required, we use Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms to protect your data.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a prominent notice in the Service before the changes take effect. The “Last Updated” date at the top indicates when it was last revised. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@brandlockapp.com