Skip to content

Legal Documents

All policies and documents related to doing business with Softbrik can be found here. Should any information be missing - drop us a Voice Message.

End User Privacy Policy

Last revised on 28th December 2022, effective as of January 1, 2023.

Softbrik works hard to respect your privacy, starting with being transparent about what data we collect and how we use it. This privacy policy describes the information Softbrik OÜ, registry code 14597527, address Hobujaama tn 4, 10151 Tallinn, Harju County, and/or its wholly owned subsidiary. Softbrik Health S.a.rl., registry code B245839, address 21 Rue Glesener, L-1631, Luxembourg, common email id [], (“we” or “us”) collect from End Users (“you”) via our digital forms (the “Forms”) and the information we collect on behalf of our clients (“Controllers”) who employ our technology to use our messaging, analytics, and other services (the “Services”).

1. Scope

1.1 This End-User Privacy section covers fundamentals of how the data is collected from you. To understand how the Data is processed, please refer to the comprehensive Softbrik Data Processing Agreement.

1.2 This Policy applies when you interact with us through our Services. It does not apply to non-Softbrik websites and mobile applications that may link to the Services or be linked to or from the Services as they are third parties that Softbrik does not own or control. Softbrik is not responsible for any 3rd Party’s privacy or security practices. Please review the privacy policies on those websites and applications directly to understand their privacy practices. In case of any questions, we always encourage you to clarify with us first at

1.3 Any order forms or additional agreements to which users agree governing the provision of optional Softbrik features shall take precedence over the terms of this Privacy Policy to the extent of any differences, so please read such order forms or additional agreements carefully.


2. Which Privacy Laws do we cover?

Softbrik covers a host of European and international Privacy best practices.

2.1  Applicable data protection legislation – any applicable legislation relating to data protection and security, including the

  1. European Directive on Privacy and Electronic Communications (Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector)
  2. General Regulation on the Protection of Personal Data or GDPR (Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC) and their amendments, replacement, or extensions (hereinafter together referred to as “EU legislation”), These include health care related provisions and patient rights as termed as ‘Medical GDPR’.
  3. All binding national laws within European Union implementing EU law and other binding data protection or data security directives, laws, regulations, and decisions in force at the relevant time for general and healthcare specific situations.
  4. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) As per the Federal Government of the United States pertaining to healthcare data and patient rights.

2.2 Softbrik participates in and complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Softbrik’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks.


3. Information We Collect on Website and on Forms

3.1  Softbrik Website & Forms typically include fields that permits you to enter:

(i)  Name, Email Id, Telephone Number, and other Contact Details if the controller has enabled this so that the customer service professionals have an option to contact you

(ii)  Your preference and feedback about customer products and services in textual form

(iii) Your preference and feedback about customer products and services in voice format as an encrypted audio-file.

(iv) Your demographical information that our customers can seek with Survey Forms

(v)  Any information you share with our customers for support on product or services

3.2  Other forms of information that can be collected are:

(i)  In certain instances, payment information and associated contact information

(ii) Email addresses and similar contact information in widgets for marketing newsletters, including whether you open or click links in any correspondence

(iii) Device information collected from third-party API integrations. For example, Customers can  use third-party integrations to record the Customer website pages you visit and upload that information to our systems


4. Information We Collect Automatically

When you interact with the Services, certain information about your use of our Services is collected automatically. This includes:

4.1 Details of your visits to our site and information generated during the use of our site (including the timing, frequency, and pattern of service use) including, but not limited to, traffic data, location data, weblogs and other communication data, the resources that you access, and how you reached our site.

4.2 Details regarding the device you use to access our Services, including, but not limited to, your IP address, operating system, and browser type.

4.3 Information about how you interact with our ads and newsletters, including whether you open or click links in any correspondence.

Much of this information is collected through trusted 3rd party tracking technologies which are mentioned in this page –


5. How We Use & Protect Your Information

5.1 We may use the information we collect from you for the following purposes:

5.2 To provide our customers (Controllers) a detailed understanding of your feedback for improvement of their products and services, including to take steps to enter a contract for sale or for services, process payments, fulfil orders, and send service communications.

5.3 Your Voice feedback data is processed to offer feedback services to the Controller’s customer service professionals or similar team (Customer Feedback, Customer Success). Voice feedback data is auto categorized through ML/AI according to keyword recognition and pattern enhancement allowing customer service professionals to see end-user summary and trends.

5.4 To Create custom audiences on social media sites.

5.5 To provide you with the best service and improve and grow our business, including by understanding our customer base and purchasing trends and understanding the effectiveness of our marketing.

5.6 To understand how our Services are being used, track site performance, and make improvements.

5.7 To deliver ads about our Services to you around the web and measure their effectiveness.

5.8 To detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal, and to comply with legal requirements regarding the provision of products and services


6. Understanding Meta-Data

Most businesses that have an internet presence use “targeted” advertising, which is also known as “personalized,” “interest-based,” or “behavioural” advertising. We use it too, and because we respect your privacy we would like to explain why. We use information we collect about you for two key purposes:

6.1 When you visit our website or interact with our emails to advertise to you on other websites and around the web, including paid search results and social media. We partner with companies that collect this information for us using cookies, JavaScript, and similar web technologies. The information we collect is granular, such as how you navigate through our website and how you interact with the different elements on each page. We link that information to an ID number that represents you (or more accurately, the device you use to interact with us), which is often a random string of alphanumeric characters. However, that ID and the information associated with it does not identify you personally. Our goal in collecting this information is to advertise more effectively to people who we think are interested in our services, such as by serving our ad on social media to people who have previously visited our website. If we did not use targeted advertising, we would end up serving ads to many people who have no interest in or need to use our services.

6.2 We collect information on behalf of our Customers (Controllers) to provide them with more accurate understanding of your sentiments about their products and services. This data is also collected our database with randomized IDs and we use the meta-data to improve the precision of our Machine Learning algorithms for better contextual understanding. This means we will group your data using a Machine Learning model to understand emotional conditions and continuously try to improve the precision of those detection. However, our data modelling is purely for providing insights to our Customers for taking business actions and for enhancement purpose only, not to construed as a single source of truth under any circumstances whatsoever.

To understand the roles and responsibilities of us (Data Processor) and our Customers (Data Controllers) please read through the Data Processing Agreement.  


7. Third Parties

7.1 Softbrik works with only trusted 3rd parties to handle your data (Service Providers). To know full list of the trusted service providers, we will keep it updated on the ‘Service Providers’ page of the website (

7.2 Additionally sometimes Our Services may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. To be very clear, we have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services in any context whatsoever.


8. Additional Information About Data Collection & Sharing Practices

8.1 Sharing of De-identified or Aggregated Data
We may share aggregated or de-identified data at our discretion.

8.2 Combination of Information
We may combine information from the Services together and with other information we obtain from our business records.

8.3 Change of Ownership or Corporate Organization
We may transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this Policy.

8.4 Our Practices Regarding Information Belonging to Children

The Services are intended for adult Customers aged eighteen (18 years) and older and end-users aged thirteen (13 years) and older.

Softbrik does not knowingly collect personally identifiable information from anyone under the age of 13 under any condition and educates our Customers to refrain from commercial outreach to children below 13 years using our services. If we discover that we have inadvertently collected information from anyone younger than the age of 13, we will delete that information.

If you are a parent or guardian and you are aware that your children has provided us with Personal Data, please contact us immediately at If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers. 

8.5 Sharing of Medical or Health Information
To the extent that we receive protected health information about you, that information is subject to electronic disclosure to the extent permitted by applicable laws as mentioned in Section 2.1. For certain healthcare projects we may take additional consent pertaining to the project in respective languages.

8.6 Retention of Medical Information

Typically Softbrik retains data for all users in their respective customer environments. Specifically for medical projects, there may be retention period requirement which are different to the general situation. In those cases, depending on the customer and project sponsor guidelines, Softbrik will retain or delete data after certain stipulated amount of time. Typically additional documentation with customized consent links are available for such projects in the respective language of the survey but not necessarily.


9. Your Options & Rights Regarding Information

9.1 Please note that if you make a request to exercise your rights regarding information our customers collected about you, then we will direct your inquiry to that customer because it is their responsibility to respond to you under the law.

9.2 If at any time you would like to unsubscribe from receiving future marketing or outreach emails, you can click the unsubscribe link at the bottom of any email or email us at and we will promptly remove you from all correspondence. Please note un-subscription from marketing email does not prevent sending you operational emails regarding a project that you are participating nor key updates or notifications from Softbrik and its partners, regarding our Services, Terms & Conditions, change in Policies and so forth. Softbrik reserves the complete right and autonomy to decide the nature and frequency of such communication.

9.3 Most web browsers automatically accept cookies but, if you prefer, you can usually modify your browser setting to disable or reject cookies. If you delete your cookies or if you set your browser to decline cookies, some features of the Services may not be available, work, or work as designed. You may also be able to opt out of or block tracking by interacting directly with the other companies who conduct tracking through our Services.

9.4 You may choose to activate a “do-not-track” signal via your browser. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, we currently does not take action in response to these signals. For more information on “do-not-track,” visit


10. Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you use our Services outside of the geographical borders of the European Union, you understand that we may collect, process, and store your information in the European Union, specifically in Ireland and Germany where we tend to store majority of our data via encrypted and secure cloud solution services. 

As of today we guarantee compliance with the list of laws explicitly mentioned in Section 2.1 and no more. The laws in the European Union regarding information may be different from the laws of your state or country and it is your responsibility to ascertain if we meet the standards expected from your legal regimen prior to usage if you are outside the jurisdictions mentioned in Section 2.1. 

The data collected will be transferred to the European Union for most practical purposes. Any such transfers will comply with safeguards as required by relevant law from the European Union standpoint. By using the Services, you consent to the collection, international transfer, storage, and processing of your data.

Softbrik will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.


11. Disclosure Of Data

Softbrik may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Softbrik
  • To prevent or investigate possible wrongdoing in connection with the Services
  • To protect the personal safety of users of the Services or the public
  • To protect against legal liability.


12. Further changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Services, prior to the change becoming effective and update the ‘effective date’ at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.


Contact US

If you have any questions about this Privacy Policy, please contact us by email: