866.274.8648

GET STARTED
Business
Residential
Facility Safety
Business

Secure Your Business With Brivo
From bustling enterprises to specialized facilities, Brivo tailors security solutions to fit your unique business needs.

Business

Enterprise
Commercial Real Estate
Healthcare & Wellness
Manufacturing & Distribution
Education

Financial Services
Religious Institutions
AEC Security

Residential

Convenience & Security for Residents
Simplifying multifamily and vacation rentals with resident-friendly access and secure property management tools.

Residential

Multifamily
Vacation Rental

Facility Safety

Facility Safety Reimagined
Brivo's remote access control secures hybrid workplaces and empowers instant lockdown for ultimate facility safety.

Facility Safety

Hybrid Workplace Security
Emergency Lockdown

Capabilities
Devices
Capabilities

Innovation in Access Management
Brivo's capabilities streamline access control, video surveillance, and smart building management.

Capabilities

Access Control
Video Surveillance
Smart Home
Mobile Management
Visitor Management
Identity Management
Partner Integrations
Devices

Securing Every Entry Point
Explore Brivo's selection of video, readers, control panels, and smart locks to customize your security solution.

Devices

Video
Readers
Control Panels
Smart Locks
Resource Library
Industry Expertise
Useful Tools
Integrations
Resources

Find Everything You Need to Learn About Brivo's Security Solutions
Explore our guides, case studies, partner tools, and FAQs to learn more about what makes Brivo simply better.

Resources

Resource Library
Data Sheets
Ebriefs
Customer Stories
For Partners
FAQ
Industry Expertise

Brivo Industry Insights
Gain in-depth knowledge on access control trends and best practices. Explore data intelligence, blog posts and articles written by access control specialists.

Industry Expertise

All Access Blog
Access Control Insights
Data Insights Hub

Useful Tools

Brivo Calculators & Tools
Empower your security decisions. Explore cost analysis tools like TCO and ROI calculators, plus revenue estimators and access control planning resources.

Useful Tools

Total Cost of Ownership
Return on Investment
Rent Revenue Tool
Card Calculator
Payment Programs

Integration Marketplace

Brivo's Integration Marketplace
Expand your security ecosystem beyond access control. Explore seamless integrations with leading technology partners.

Integrations

Integration Maketplace
Partner With Brivo
Partner Quicklinks
Partner Resources
Partners

Grow Your Business with Brivo
Expand your reach with industry-leading access control. We provide the tools and support to help you succeed.

Partner With Brivo

Become a Reseller
Become a Tech Partner
Succeed with Brivo
For Developers

Partner Quicklinks

Brivo Partner Quicklinks
Access essential resources, including the Partner Portal, dedicated tools, the Brivo Store, and Brivo University training.

Partner Quicklinks

Partner Portal
Partner Tools
Partner Training
Brivo Store
Brivo University

Partner Resources

Brivo Partner Resources
Visit the Brivo Partner Hub and explore in-depth guides, training materials, marketing assets and more to support your success.

Partner Resources

Partner Hub

Why Brivo
News Room
Why Brivo

Why Brivo?
Discover Brivo's mission, the impact we're making, and our unwavering commitment to security.

Why Brivo

Our Mission
CEO Promise
Connect
Meet Us
Careers

Brivo by the Numbers
Security & Compliance
Contact Us

News Room

Brivo News Room
See the latest updates in product announcements, news, media coverage, and our award recognitions.

News Room

Product News
Press
News
Media Center
Awards

Brivo Services Privacy Statement

Last Update and Effective: March 29, 2024

At Brivo©, privacy and security are core elements of our service. This Brivo Services Privacy Statement (the “Privacy Statement”) describes Brivo’s privacy practices in relation to the data Brivo receives through the use of hardware, services and applications provided by Brivo (collectively, the “Brivo System”). Brivo Systems LLC and its subsidiaries are collectively referred to in this Privacy Statement as “Brivo”.

This Privacy Statement applies to the following:

  • Personal information that a Customer’s Administrator, or Brivo Reseller, inputs, or uploads or that is otherwise captured by the Brivo System;
  • Activity and event data that is automatically collected by Customers using the Brivo System; and,
  • Personal information acquired by or captured about Customers, their users, and visitors, in order to establish or maintain their business relationship with Brivo.

Collectively this is considered “Customer Data”.

Capitalized terms used, but not defined in the Statement, shall have the meanings given in Section 1 (Definitions) of the Brivo Applications Terms of use.

Roles of Customers, Resellers and Brivo in Protection of Customer Data

Brivo provides the Brivo System to Customers via its Reseller channel. Resellers selected by the Customer handle the initial setup and configuration of the Customer’s Brivo account. Customers can choose what data to share with the Reseller and/or Brivo during the set-up process. After the initial set-up, the Customer’s access to the Brivo System is limited to its authorized Administrators.

Customers are responsible for verifying that all individuals who are designated as Administrators are authorized by the Customer for the levels of access granted. In general, Brivo recommends that the Customer designate an employee of the Customer to be the Primary Administrator. If the Customer chooses to permit an individual who is not an employee of the Customer (such as, for example, an employee of a Reseller to have any administrative rights or other access or privileges to the Customer’s account or Customer Data), the Customer is responsible for monitoring the third party’s access to and use of the account and Customer Data. Brivo is not responsible for any unauthorized use or misuse of the Customer’s account access, account privileges or Customer Data by anyone using access provided by the Customer.

Certain Brivo employees also will have access to Customer Data, solely in connection with the provision of the Brivo System and to respond to specific Customer and Brivo Reseller requests for technical support. Brivo will access Customer Data only for the purposes of providing the Brivo System, preventing, or addressing service or technical problems, in accordance with the provisions of any separate written agreement between Brivo and Customer (such as, for example, the Brivo terms of use applicable to the Brivo System (the “Terms of Use”)), or as may be required by law.

COLLECTION AND USE OF CUSTOMER DATA

Brivo collects and processes all Customer Data strictly on behalf of Customers in accordance with Brivo’s contractual agreements with them and/or as defined in the Terms of Use and/or as required or permitted by law.

Customers are responsible for ensuring that Customer Data is collected and processed in accordance with all applicable laws. Since Customer Data is managed by the Customer, the Customer is responsible for providing appropriate notice and choice regarding Brivo’s processing of Customer Data on behalf of the Customer. If an individual has any questions or concerns related to Brivo’s handling of Customer Data pertaining to them, he or she may contact us at privacy@brivo.com and we will work with the applicable Customer to address the concern.

Brivo may also collect personal information from Customer employees, contractors, or agents in order to properly manage Brivo’s business relationship with Customer. Customers will receive login credentials to manage their Brivo System accounts, including such personal information.

Types of Customer Data Collected Related to the Brivo System

Brivo collects the following types of Customer Data:

  • Information provided by Customers: The Brivo System provides the capability for Customers to store basic personal information such as an individual’s name, credential number, email address and photograph. This information is used to correlate events to the correct individual, as well as to enable notifications and mobile application functionality. The Customer is solely responsible for determining if storage of this data is appropriate and permitted in the context of applicable laws and regulations.
  • Information generated from security events: The Brivo System is used by the Customer to collect activity and event data. For example, the Customer can use the Brivo System to record that an access credential was used at a particular door at a certain time. Through correlation with the information a Customer provides, Brivo may be able to tie an access event to a particular individual’s credential.
  • Log Information: The Brivo System records the actions of Administrators, as well as the status and the settings of various devices that have been configured to operate with the Brivo System. Log information may be used by the Customer to review the activity of Administrators.
  • Mobile Applications: Brivo provides mobile applications which can optionally be used with the Brivo System. The Brivo Mobile App provides administrative access to the Brivo System. Brivo Mobile Pass is a form of digital credential used, for example, to authorize physical access to a building. Brivo uses Wi-Fi and Bluetooth to identify when the device is within proximity to applicable available Brivo readers to open the proper lock or door. In order to use the services of the Brivo Mobile App, various features such as location services, Wi-Fi and Bluetooth communication must be activated on the mobile device.

Customer Data may be used by Brivo to:

  • Enable event notifications and Brivo Mobile Pass functionality.
  • Contact the Customer to inform them of product and service enhancements that Brivo thinks may be of interest to them.
  • Provide important service notices regarding the Brivo System and related devices. (While Customers use Brivo System services, it will not be possible to opt out of communications regarding Brivo System service notices.)
  • Ask the Customer to participate in surveys that help Brivo better understand the Customer’s needs in order to improve Brivo products and services.

Brivo also shares data with relevant third-party service providers when explicitly authorized by Administrators in the relevant Brivo System account; for example, to enable integrations via Brivo’s Application Programming Interface (API).

Compliance with General Data Protection Directive (GDPR) Application of the GDPR for Brivo:

In the context of the GDPR, individual residents in the European Economic Area with data stored in the Brivo System or using Brivo applications are considered “Data Subjects.” Customers (and in some cases Brivo Resellers or Brivo API Partners) are considered “Data Controllers.” Brivo is generally a “Data Processor” but can also be a sub-Processor with respect to Customer Data. Brivo is a Data Controller with respect to User Private Data, as defined in the Terms of Use – Brivo Subscription Services. Brivo’s obligations with respect to User Privacy Data are as set forth in the End User License Agreement – Brivo Mobile Apps.

In Brivo’s role as a Data Processor, Brivo is the responsible custodian of the Data Subject’s data, performing this role on behalf of the Data Controller. The Data Controller is completely responsible for determining what data is captured, stored, and processed within the Brivo System. Brivo does not share, sell, rent or trade personally identifiable information with third parties unless directed by a Data Controller.

Within Brivo’s service model, most Data Subjects will have limited direct interaction with the Brivo System applications that capture and store their data. This interaction by Data Subjects will primarily be via the Brivo Mobile Pass application. Most Data Subjects will be employees, visitors, or contractors of the Data Controller. Data is captured based on their relationship with the Data Controller. The Data Controller is responsible for gaining necessary consent from the Data Subject regarding the data to be stored. In cases where a Data Subject requests Customer Data to be deleted from the Brivo System, Brivo will refer such request to the Data Controller for adjudication.

The GDPR includes provisions that grant Data Subjects portability rights in their personal data. Brivo will coordinate with Data Controllers and, as applicable Data Subjects, when requested to delete or port data. Brivo provides portability and is continually working to enhance its data export capabilities.

GDPR Right of Individual Access and Limited Use

Those residing within the European Economic Area may request access, correct or to limit the use of their personal information within the Brivo System by submitting a request to Brivo at privacy@brivo.com or by contacting us as set forth below.

Information Security

Brivo maintains a comprehensive, written information security program that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Customer Data.

Brivo has the distinction of being one of the first building security platforms to be SOC 2 audited and being the first physical security software-as-a-service (SaaS) company to utilize the SSAE 16/18 framework to provide security review. Brivo undertakes an independent third-party annual SOC 2 audit that reviews certain of its internal controls and processes. Brivo also is certified under ISO27001. Brivo recognizes that the GDPR will help it move towards the highest standards of operations in protecting Customer data.

Law Enforcement Requests

Brivo may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

Data Location & Transfer of Information

Brivo stores all Customer Data in the continental United States or Europe depending on the instance you use. To facilitate Customers’ global operations, Brivo transfers some information to the United States and provides access to that information to Customers around the world.

Accountability for Onward Transfer of Personal Data

Except as otherwise provided herein, Brivo may share personal information with third parties in connection with the operation of our business and consistent with the purpose for which the personal information was collected.

Data Retention

Brivo retains Customer Data according to the time frames set forth in the Terms of Use – Brivo Subscription Services.

Data Incidents

If Brivo becomes aware of any improper access, unauthorized use, or disclosure of Customer Data (a “Data Breach”), Brivo will analyze the facts of the Data Breach in the context of applicable laws, regulations, policies, and contractual obligations to determine the appropriate notification process. Brivo will conduct notifications in a timely manner after becoming aware of a Data Breach and take reasonable steps to minimize harm and mitigate further risks to Customer Data.

For data transfers to the U.S. from the European Union, the UK (and Gibraltar) or Switzerland, Brivo adheres to the Data Privacy Framework Principles. Our Data Privacy Framework Statement is available at: https://www.brivo.com/data-privacy-framework/.

Contacting Us

If you have questions regarding this Privacy Statement or if you need to request access to or update, change or removal of personal information that we control, you can do so by contacting:

Brivo Systems LLC
7700 Old Georgetown Road, Suite 300
Bethesda MD, 20814 USA
privacy@brivo.com
+1 301-664-5277

CALIFORNIA PRIVACY RIGHTS (FOR CALIFORNIA RESIDENTS ONLY)

California law may provide California residents with additional rights regarding our use of their personal information. To learn more about the privacy rights of California residents, visit our CCPA Privacy Notice page.

CERTAIN RIGHTS FOR RESIDENTS OF COLORADO, CONNECTICUT, UTAH, and VIRGINIA

Residents of Colorado, Connecticut, Utah, and Virginia may have additional rights under applicable state law. Please contact Brivo as described above with any questions you may have.

Changes to this Privacy Statement

Brivo reserves the right to change this Privacy Statement from time to time but will alert you that changes have been made by indicating on this Privacy Statement the date it was last updated. If Brivo makes a material update, Brivo may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on Brivo’s website or in the Brivo System or by contacting you using the email address you provided. We encourage you to periodically review this Privacy Policy to stay informed about Brivo’s collection, processing and sharing of Customer Data.