Privacy Policy
Last updated: May 5, 2025
Who We Are
BIMI Certifications is owned and operated by Brand Indicators, LLC, a Delaware Limited Liability Company (LLC) based in the United States. We provide certification services through our website www.bimicertifications.com. As a data controller, we determine the purposes and means of processing your personal data.
This comprehensive privacy policy outlines how Brand Indicators, LLC ("we", "us", or "our") collects, uses, protects, and shares your personal information when you visit or use www.bimicertifications.com. We are committed to protecting your privacy and ensuring transparency in our data practices.
What Personal Data We Collect
Information You Provide to Us
We collect personal information that you voluntarily provide to us when using our services, including but not limited to:
- Contact information (name, email address, postal address, telephone number)
- Account registration details (username, password)
- Professional information (job title, company name, industry)
- Payment information (credit card details, billing address)
- Certification and training records
- Communication preferences
Information Collected Automatically
When you visit our website, we automatically collect certain information about your device and usage patterns:
- IP address and location data
- Browser type and version
- Operating system
- Referring website
- Pages visited and time spent on the site
- Device information (type, screen resolution)
- Clickstream data and browsing patterns
Cookies and Similar Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience and collect information about how you use our site:
- Essential cookies: Required for the website to function properly
- Analytics cookies: Help us understand how visitors interact with our website
- Functionality cookies: Remember your preferences and settings
- Marketing cookies: Track your activity across websites to deliver personalized advertising
You can manage your cookie preferences through your browser settings or our cookie consent management tool.
How We Use Your Information
We use your information for the following purposes:
- To provide and improve our website and services.
- To analyze website usage and optimize user experience.
- To deliver targeted advertising and marketing communications, including remarketing and audience targeting through Google, Meta, X, and HubSpot. This means that when you use our website, you should expect to be marketed to across various platforms and channels.
- To respond to your inquiries and provide customer support.
- To operate our DMARC/BIMI checking service and communicate results to you.
- To comply with legal obligations and enforce our terms.
- Verifying your identity and credentials.
- Protecting against fraudulent or unauthorized activity.
Our use of marketing tools and integrations, including Google Analytics, HubSpot, Meta Pixel, and X Pixel-enables us to collect data about your interactions with our website and use that data to create and deliver personalized marketing campaigns. This includes retargeting you with ads, building custom audiences, and optimizing our marketing strategies to reach you and similar users more effectively. By using our website, you acknowledge and consent to the use of your information for these marketing purposes.
Legal Bases for Processing
We process your personal data based on the following legal grounds:
- Performance of a contract when providing our services.
- Legitimate interests in operating and improving our business. This includes ensuring the security and integrity of our website and services, preventing fraud, direct marketing (with opt-out options), and analyzing and improving our services. Before processing your data under this basis, we conduct a Legitimate Interest Assessment (LIA) to ensure our interests do not override your rights and freedoms. You have the right to object to processing based on legitimate interest at any time.
- Your consent, particularly for marketing communications.
- Compliance with legal obligations.
International Data Transfers
As a company that hosts data in both the US and EU, we implement appropriate safeguards when transferring personal data across borders:
- We may utilize the EU-U.S. Data Privacy Framework (DPF) to transfer data from the EU to the United States.
- We may implement Standard Contractual Clauses (SCCs) approved by the European Commission.
- We ensure that all international transfers comply with applicable data protection laws.
Use of Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Track website usage and performance (Google Analytics).
- Manage forms, communications, and marketing automation (HubSpot).
- Serve and measure advertising (Meta Pixel, X Pixel).
- Personalize your experience and remember your preferences.
You can manage your cookie preferences through your browser settings or by using opt-out tools such as the Google Analytics Opt-out Browser Add-on.
Data Sharing and Third Parties
We may share your information:
- With service providers and vendors who help us operate our website and services (e.g., analytics, marketing, hosting).
- With advertising partners (Google, Meta, X) for marketing and retargeting purposes.
- Professional advisors (lawyers, accountants, auditors).
- Regulatory authorities, law enforcement, and government agencies when required by law.
- Business partners with your consent.
- In the event of a merger, acquisition, or sale of all or part of our business assets.
We do not sell your personal information for monetary compensation, but we may "share" information as defined under certain US state privacy laws (such as the California Consumer Privacy Act, CCPA) for cross-context behavioral advertising.
Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction:
- Encryption of sensitive data in transit and at rest.
- Secure hosting environments with restricted access.
- Regular security assessments and updates.
- Employee training on data protection and security procedures.
- Strict access controls and authentication requirements.
Data Retention
We retain your personal data for up to two years maximum, or earlier if there is no need for it (specifically, 90 days after it becomes "stale"). The specific retention period depends on the type of data and its purpose. When personal data is no longer needed, we securely delete or anonymize it. Upon request, we can provide a mapping of our data retention periods.
Do Not Call Registry
We check our data against the Do Not Call (DNC) Registry to ensure compliance with applicable telemarketing laws and to respect your communication preferences.
Your Rights and Choices
Depending on your location, you may have the following rights:
Rights for All Users
- Access: Request access to the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete information.
- Deletion: Request deletion of your personal information, subject to legal exceptions.
- Opt-out: Opt out of targeted advertising, sharing, or the sale of your personal information.
- Do Not Track: Our website responds to browser "Do Not Track" signals as required by applicable law.
Additional Rights for EU Residents (GDPR)
If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to withdraw consent at any time.
- Right to lodge a complaint with a supervisory authority.
- Right not to be subject to automated decision-making, including profiling, with significant legal effects.
Rights for California Residents (CCPA/CPRA)
California residents have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to know what personal information is collected, used, shared, or sold.
- Right to delete personal information.
- Right to opt-out of the sale of personal information.
- Right to non-discrimination for exercising your CCPA rights.
- Right to limit use and disclosure of sensitive personal information.
To exercise your rights, please contact us at the information provided below.
Children's Privacy
We offer B2B services, and our website and services are not intended for children. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.
Delaware LLC Privacy
As a Delaware LLC, we benefit from certain privacy protections under Delaware law:
- Member and manager names are not required to be listed in public filings.
- Only our company name and registered agent information appear in public records.
- Our internal operating agreements and ownership details remain private.
Updates to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy regularly.
Summary Table: Key Technologies and Data Uses
| Technology | Purpose | Data Collected | Opt-Out Options |
| Google Analytics | Analytics, Marketing | Usage, device, IP, location | Browser add-on, cookie settings |
| HubSpot | Forms, CRM, Marketing | Contact info, engagement | Email unsubscribe, contact us |
| Meta Pixel | Advertising, Retargeting | Browsing, engagement | Ad Preferences, browser settings |
| X Pixel | Advertising, Analytics | Browsing, engagement |
Ad Preferences, browser settings |
| DMARC/BIMI Tool | Domain verification | Domain, email, technical info | N/A |
Contact Us
If you have any questions, requests, or concerns about this Privacy Policy or our data practices, please contact us:
Brand Indicators, LLC
1111B S Governors Ave STE
Dover, DE 19904, US
Phone: +1 (248) 238-3948
Email: hello@bimicertifications.com
Website: www.bimicertifications.com