Brace (“we,” “our,” or “us”) operates the Brace personal CRM platform and browser extension. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
By using Brace, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our services.
1. Information We Collect
1.1 Information You Provide
- Account Information: Name, email address, and profile information when you create a Brace account
- Authentication Data: Login credentials and authentication tokens for accessing our services
- User Preferences: Your settings and preferences within the Brace application
- Payment Information: If you subscribe to our paid services, we collect payment information through our payment processor, DODO Payments.
1.2 Information Collected Automatically
When you use the Brace browser extension with automation enabled, we may collect:
- LinkedIn Profile Data: Your LinkedIn profile information (name, headline, profile URL)
- Connection Data: Information about your LinkedIn connections that you choose to sync
- Message Data: LinkedIn messages and conversation metadata for contacts you manage in Brace
- Activity Data: Feed posts and engagement data relevant to your network
- Session Information: Authentication tokens required to perform actions on your behalf
1.3 Technical Information
- Device Information: Browser type, operating system, and device identifiers
- Usage Data: How you interact with our services, features used, and timestamps
- Log Data: IP addresses, error logs, and diagnostic information
1.4 Analytics and Session Recordings
We use third-party analytics tools, including PostHog, to collect information about your use of the Service. This helps us understand user behavior, improve our Service, and optimize user experience.
We use PostHog to record user sessions, which may include:
- Your clicks, scrolls, and mouse movements
- Pages you visit and features you interact with
- Text you enter (except for sensitive fields like passwords)
These recordings help us understand how users interact with our Service, identify usability issues, and improve user experience.
2. How We Use Your Information
We use the collected information for the following purposes:
- Provide Services: Sync your LinkedIn network to your Brace CRM, display contacts and conversations, and execute actions you initiate
- Maintain Functionality: Authenticate your sessions, process your requests, and ensure service reliability
- Improve Services: Analyze usage patterns to enhance features and user experience
- Communicate: Send service-related notifications, updates, and respond to your inquiries
- Security: Detect, prevent, and address technical issues and security threats
We Do NOT:
- Sell your personal data to third parties
- Use your data for advertising purposes
- Share your data with third parties for their marketing purposes
- Use your data for creditworthiness determination or lending purposes
- Train AI models on your personal content without explicit consent
Google API Services Limited Use Disclosure:
The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
3. Data Storage and Security
3.1 Where We Store Data
- Local Browser Storage: Session data, preferences, and authentication tokens are stored locally in your browser
- Brace Servers: CRM data is stored on our secure servers (backend.brace.so) for synchronization across devices
3.2 Security Measures
We implement appropriate technical and organizational measures to protect your data:
- All data transfers use HTTPS encryption (TLS 1.2+)
- Authentication tokens are securely stored and transmitted
- Access to production systems is restricted and logged
- Regular security assessments and monitoring
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
4. Data Sharing and Disclosure
We may share your information only in the following circumstances:
- Service Providers: With trusted third-party vendors who assist in operating our services (hosting, analytics, authentication), bound by confidentiality obligations
- Payment Processors: Payment information is processed by our Merchant of Record, DODO Payments
- Analytics Providers: We use PostHog for analytics and session recording to improve our Service
- Legal Requirements: When required by law, court order, or governmental authority
- Safety and Rights: To protect the safety, rights, or property of Brace, our users, or others
- Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice provided to you
- With Your Consent: When you explicitly authorize us to share specific information
4.1 Large Language Model (LLM) Providers
We use third-party LLM providers to process data and generate insights. These providers include:
- Google (Gemini)
- Anthropic (Claude)
- OpenAI (GPT)
When you use our Service, your data may be processed by these LLM providers according to their respective terms of service and privacy policies. Please note:
- We only share data necessary for the performance of our Service
- The data shared with LLM providers is subject to their respective privacy policies
- Our agreements with these providers include appropriate data protection provisions
Google (Gemini)
Anthropic (Claude)
OpenAI (GPT)
5. Browser Extension Permissions
The Brace browser extension requests the following permissions:
| Permission | Purpose |
|---|---|
| cookies | Detect LinkedIn login status to determine when sync is possible |
| storage | Store user preferences, settings, and session data locally |
| tabs | Manage LinkedIn tabs for data synchronization operations |
| scripting | Execute data sync scripts on LinkedIn pages when automation is enabled |
| webRequest | Capture session tokens necessary for API access |
| alarms | Schedule periodic data synchronization tasks |
Host Permissions
| Domain | Purpose |
|---|---|
| *.linkedin.com | Access LinkedIn to sync your network data to Brace CRM |
| *.brace.so | Communicate with Brace backend services |
6. Your Rights and Controls
6.1 User Controls
- Toggle Automation: Enable or disable automation at any time via the extension popup
- Account Settings: Update your profile and preferences at app.brace.so
- Uninstall: Remove the browser extension to delete all locally stored data
6.2 Data Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information
- Portability: Request your data in a portable, machine-readable format
- Objection: Object to certain processing of your personal information
- Restriction: Request restriction of processing in certain circumstances
To exercise these rights, contact us at privacy@brace.so.
7. Data Retention
We retain your personal information for as long as necessary to:
- Provide our services to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.
9. GDPR Compliance (European Users)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland:
- We process your data under legal bases including: consent, contract performance, legitimate interests, and legal obligations
- You have the rights described in Section 6.2 above
- You may lodge a complaint with your local data protection authority
- Brace acts as the Data Controller for your personal information
10. CCPA Compliance (California Users)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used
- Request deletion of your personal information
- Opt-out of the “sale” of personal information (note: we do not sell personal information)
- Non-discrimination for exercising your privacy rights
To exercise these rights, contact us at privacy@brace.so or use the controls in your account settings.
11. Cookies and Tracking
Our extension uses essential cookies and local storage to:
- Maintain your authentication session
- Store your preferences and settings
- Enable core functionality
We do not use third-party advertising or tracking cookies in the browser extension.
12. Children's Privacy
Brace is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we discover that we have collected information from a child under 18, we will delete that information promptly.
13. Third-Party Services
Our services may integrate with third-party platforms (such as LinkedIn). Your use of these platforms is governed by their respective privacy policies. We encourage you to review:
Important: You are responsible for ensuring your use of Brace complies with LinkedIn's Terms of Service. Brace provides tools for personal network management, and users should use these tools responsibly.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the updated policy on our website
- Updating the “Last Updated” date
- Sending an email notification for significant changes
Your continued use of Brace after changes become effective constitutes acceptance of the revised policy.
15. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us:
- Email: privacy@brace.so
- Website: brace.so
© 2026 Brace. All rights reserved.