September 20, 2023

1.  ABOUT BRELLA
   We are Brella Space Corp, with a principal office address of 12746 W. Jefferson Blvd., Suite 3-3100, Los Angeles, CA 90094 (“Brella”, “we”, “our” or “us”).
2.  ABOUT THIS PRIVACY POLICY
   • This privacy policy (the “Privacy Policy”) pertains to the personal data we collect, personal data provided to us by you, and the personal data we collect about you through our website (https://www.hellobrella.com/) (the “Site”), our mobile applications (collectively, the “Apps”), and all related sites, platforms, and services provided by us (together with the Site and Apps, the “Services”). It explains, among other things, how and why we collect data about you when us use our Services, what data we collect, what we do with that data, how we look after that data, and what your rights are in relation to the data.
   • This Privacy Policy applies to all visitors, users, and others who access the Services, including the following individuals (collectively, “you”):
     • Parents and/or legal guardians (collectively, “Parents”) of the children attending a Brella location (collectively, “Children”, and each a “Child”);
     • Brella teachers, caretakers, staff, and personnel (collectively, “Teachers”) ;
     • Individual(s) 18 years of age or older who are authorized and designated by the Parents as a Child’s safe pick up (collectively, “Safe Pick Ups”); and
     • Employers that contract directly with Brella for Brella to provide the Services to the employer’s employees (“Corporate Clients”).
3. DATA WE COLLECT ABOUT YOU
   The personal data we collect via or in relation to the Services can be split into three broad categories:
   • information you provide to us;
   • information collected automatically; and
   • information we obtain from third parties.

   Information you provide to us
   We may ask for and collect the following information when you use the Services:

   
   Identity and profile information: We require you to provide certain personal information to create an account on the Services, including your name, phone number, email address, and account password. You may also provide a photograph of yourself.

    

   • For Parents: In addition to the above, Parents will also be required to provide us with the name, date of birth, gender, home address, photograph, and medical history and immunization records of your Child(ren) (collectively, “Child Information”), the name, email address, and phone number of the Child’s Safe Pick Up(s), and the name, email address, and phone number of one or more individuals 18 years of age or older, designated as the Child’s emergency contact(s) (“Emergency Contact”). Parents may also choose to provide us with certain non-personally identifiable information of the Child(ren), including any allergies; status of potty training; naps, bottle, and food preferences; and any other special information regarding the Child(ren)(collectively, “Child Preferences”).
   • For Corporate Clients: In addition to the above, Corporate Clients will also be required to provide us with the name, email, business address, and phone number of the designated representative of the Corporate Client and the names, email addresses, and employment status of the Corporate Client employees.
   • For Employees of Corporate Clients: In addition to the above, Brella may send you a survey soliciting your customer service feedback. You may choose to provide Brella with feedback and any other information regarding the Services.

   Child Symptoms: If you are a Parent, for the comfort and safety of all of the Children in our care, you may also be asked to complete a questionnaire of what symptoms your Child may have of an infectious illness, such as whether your Child has a fever, cough, headache, runny nose, or is fatigued or nauseated. A member of Brella’s staff may also take your Child’s temperature when the Child arrives at a Brella location.

   
   Payment information: If you are a Parent or Corporate Client, we may request your credit card or other payment information to collect payments for Brella packages and hourly credits and complete other purchases you make through the Services, including diapers, meals, and snacks for a Child. We use the third-party providers Stripe and QuickBooks Payments to process your payment information. We do not store your payment information. The use and storage of your payment information is governed by Stripe’s Privacy Policy or QuickBook’s Privacy Policy, as applicable.

   
   Communications: When you communicate with us by email, mail, telephone, or through/via the Services or any third party application (such as brightwheel), we collect information about your communication and any information you choose to provide.
   

    

   Information we collect automatically

   We collect certain information automatically when you use the Services. This information includes:

    

   Interaction information and history: Information about your interactions and history with the Services, including the pages that you visit and links you click on, search history, the time, frequency and duration of your Site visits, your IP address, the trips you join, and your posts, reviews, and messages.

    

   Location data: When you use certain features of the Services, we may collect data about your geographical location. We use this data to provide you with location-based services, including in order to determine whether a Parent or a Safe Pick Up is on Brella premises for purposes of Child drop-off and pick-up.  

    

   Cookies: Like many websites on the Internet, when you visit the Site, Brella may assign your computer one or more cookies to facilitate access to the Site and to personalize your online experience. Through the use of a cookie, Brella also may automatically collect information about your online activity on the Services, such as the web pages you visit, the time and date of your visits, the links you click, and the searches you conduct on the Services. Brella may use this data to better understand how you interact with the Services, to monitor aggregate usage by our users and web traffic routing on the Services, and to improve the Site and our Services. Most browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies. If you choose to decline cookies, please note that you may not be able use some of the interactive features offered on the Services. In addition, please be aware that other parties may also place their own cookies on or through the Site and/or Services, and may collect or solicit personal information from you. Other cookies may reflect de-identified demographic or other data linked to the registration data you have submitted to Brella in hashed, non-human readable form. No personally identifiable information is contained in these cookies.

    

   If you use the Apps, Brella may also use mobile cookies. A mobile cookie is a small data file transferred to your mobile device for record-keeping purposes. These mobile cookies help Brella track session-based information and also better understand the effectiveness of the Services. These mobile cookies do not contain any personally identifiable information.

    

   You can set your browser to not accept cookies, but this may limit your ability to use the Services. We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser. For further details, visit donottrack.us.

    

   Information we receive from other sources

    

   Service providers and business partners: We may also receive information about you from our service providers and business partners, including companies that assist with payment processing, analytics, data processing and management, identify verification, account management, customer and technical support, hosting, and other services which we use to personalize your Brella experience. We explain in more detail why and how we use this information below.

   When we receive information from other sources, we rely on them having the appropriate provisions in place telling you how they collect data and who they may share it with.

4. HOW YOUR PERSONAL DATA IS USED
   This following explains how we use and process your personal data:
   
   Information you provide to us
   We will use this information to:
   • • Carry out our obligations arising from any contracts entered into between you and us (including the Terms of Service) and to provide you with the Services;
     • Protect and ensure the welfare and wellbeing of your Child and all of the Children in our care, including but not limited to by screening your Child for symptoms of an infectious illness;
     • Send you photos and other updates about your Child while under our care;
     • Better understand our users;
     • Verify your identity;
     • Send you an email or SMS text message to set up your Brella account;
     • Respond to your enquiries or to process your requests in relation to your information;
     • Notify you about important changes or developments to our Services;
     • Provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
     • Keep records in response to any complaints filed by users;
     • Ensure that the Services are being presented in the most effective manner for you, making the Services easier for you to use and to provide you with a smooth, efficient, safe and tailored experience; and
     • Detect and protect us against error, fraud and other criminal activity; and enforce our Terms of Service.
       
       Information we collect automatically
       We will use this information to:
     • Administer the Services and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes;
     • Improve the Services and user experience to ensure that content is presented in the most effective manner for you;
     • Allow you to participate in interactive features of our Services, when you choose to do so; and
     • Be used as part of our efforts to keep the Services safe and secure.
       
       Information we receive from other sources
       We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the information we receive).
5. SHARING YOUR PERSONAL DATA:
   
   The following describes the ways we may share your personal data or information about a Child in the normal course of business and in order to provide our Services.
   
   With your consent: We will disclose your personal data or that of a Child when and if you have agreed that we may do so. We will make this clear to you at the point at which we collect your personal data or Child Information, including the purpose(s) for which we will use the personal data.
   
   To Teachers: We disclose certain information to the Teachers, including personal information about the Parent and Safe Pick Up, Child Information and Child Preferences. This allows Teachers to ensure the safety and wellbeing of the Child.To Corporate Clients: We disclose certain information to Corporate Clients, including Services utilization data, for each Parent enrolled in the Services as an employee of the Corporate Client.
   
   Service providers: We use third-party service providers to facilitate or outsource some aspects of our Services and some of these service providers will process your personal data. For example, we use third party providers of e-signature and document automation and hosting services to facilitate the execution and storage of agreements, such as documate.
   Promotional purposes: We reserve the right to provide third parties with anonymized, aggregated information about our users (either on a user-wide basis or by on a subset user basis) for our own promotional purposes.
   If required by law: We may be required to disclose your personal data and Child Information by law, in response to a valid order of a court or other authority, to respond to requests relating to criminal investigations, or to the California Department of Social Services – Child Care Licensing.Extenuating circumstances: In the event of a health and/or safety emergency, we may disclose certain personal data, such as your personal information, location of the Child, Child Information and/or Child Preferences, with the Parent, Safe Pick Up, Emergency Contact, and/or medical or governmental authorities.

    

   Ouch Report: In the event an injury occurs to the Child during his or her time at Brella, Teachers will complete a report (the “Ouch Report”) to inform the Parents and/or Safe Pick Up of the injury sustained by the Child and what, if any, first aid was administered to the Child. The Ouch Report will be shared with and explained to the Parent and/or Safe Pick Up of the Child. The Ouch Report may contain certain Child Information and Child Preferences.

    

   Change of control: If a business transfer or change of business ownership takes place, we may transfer your personal data to the new owner. If this happens, you will be informed of this transfer.

    

   Protecting our rights: We may disclose your personal data if we feel this is necessary in order to protect or defend our legitimate rights and interests and/or to ensure the safety and security of the Services.

    

6. DATA SECURITY
   Brella (either itself or through third party service providers) maintains a variety of commercially reasonable electronic and procedural safeguards designed to protect your personal information from unauthorized access and disclosure. For example, Brella uses accepted tools and techniques to protect against unauthorized access to Brella’s systems. You should be aware that Brella has no control over the security of other sites on the Internet that you might visit or with which you might interact even when a link may appear to another site from one of the Services. Brella wants you to feel confident using the Services, but no system can be completely secure. Therefore, although Brella takes steps to secure your information, Brella does not promise, and you should not expect, that your personal information or communications will always remain secure. In the event of a breach of the confidentiality or security of your information, including your personal information, Brella will notify you as necessary and if possible so you can take appropriate protective steps. Brella may notify you under such circumstances using the e-mail address(es) that Brella has on record for you. You also should carefully handle and disclose your personal information
7. UPDATING AND RETENTION OF YOUR DATA
   You can access and update the personal information we hold about you by logging in to your account on the Services.  For instructions on accessing your information, to request a copy of the information we hold about you or to otherwise request assistance with these rights please contact us using the information below.
   
   We retain your personal information as long as we are providing the Services to you. We retain your personal information after we cease providing Services to you, even if you delete your account, to the extent necessary to fulfill your request (for example, keeping your email address to make sure it’s not on our mailing list); to comply with our legal and regulatory obligations; for the purpose of fraud monitoring, detection and prevention; to comply with our tax, accounting, and financial reporting obligations; or where we are required to retain the data by our contractual commitments to our partners; or, with respect to Child Information, as required by the California Department of Social Services. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
   
   Even if you delete your account and we delete your information from our systems, keep in mind that the deletion by our third party providers may not be immediate and that the deleted information may persist in backup copies for a reasonable period of time.
8. MINORS
   The Services are not intended for use by minors. Individuals under the age of 18 are not permitted to use the Services and must not attempt to register an account or submit any personal data to us. We therefore do not knowingly collect any personal data from any person who is under the age of 13 or allow persons under the age of 13 to register an account. If it comes to our attention that we have collected personal data from a person under the age of 13, we will delete this information as quickly as possible.If you are a parent or guardian and you learn that your child (under the age of 13) has provided us with personal data, please notify us immediately at admin@brellaspace.com.
9. CALIFORNIA RESIDENTS
   If you are a resident of California, you may ask us to provide you with a list of certain categories of personal data that we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year. You may also request the identity of certain third parties that received your personal data from us for their direct marketing purposes during the immediately preceding calendar year. We currently do not provide your personal information to third parties for their direct marketing purposes and will not do so without providing a right to opt out.For more details about the personal information we have collected over the last 12 months, please see the Data We Collect About You section above. We collect this information for the business and commercial purposes described in the How Your Personal Data is Used section above. We share this information with the categories of third parties described in the Sharing of Personal Data section above. We do not sell (as such term is defined in the California Consumer Privacy Act) the personal information we collect (and will not sell it without providing a right to opt out).
10. VISITING THE SITE AND SERVICES FROM OUTSIDE THE UNITED STATES
    This Privacy Policy is intended to cover collection of information on the Services from residents of the United States and is not directed to the residents of any other country. If you are visiting the Site or using the Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where Brella’s servers are located and Brella’s central database is operated. By using the Services, you understand that your information may be transferred to Brella’s facilities and those third parties with whom Brella shares it as described in this Privacy Policy. You are responsible for ensuring that information you share conforms to all local data protection laws.
11. MORE INFORMATION
    It is our goal to make our privacy practices easy to understand. If you have questions, concerns or if you would like more detailed information, please email us at admin@brellaspace.com.
    
    
12. CHANGES TO THIS PRIVACY POLICY
    This privacy policy may change from time to time and, if it does, the up-to-date version will always be available on our Services. If we make changes to this Privacy Policy, we will post the revised Privacy Policy on the Services and update the “Last updated” date at the top of this page. Please be sure to periodically check this page to ensure that you are aware of any changes to this Privacy Policy. Any material changes to this Privacy Policy will be communicated to registered users by a notification to their account and/or by posting a notice of the change on the Services.