top of page

Privacy Policy

Learn about our

Privacy Policy for BrightyAI
 

Introduction

Welcome to BrightyAI. This Privacy Policy outlines how BrightyAI ("we", "us", or "our") collects, uses, discloses, and protects information gathered through our services. This policy is designed to be compliant with U.S. privacy laws and regulations. By using BrightyAI, you consent to the data practices described in this policy.
 

Definition

 

Account: This term refers to the distinct account established for individuals or entities to access and utilize the services or certain features provided by BrightyAI.

 

You/Your: This designation applies to the person or entity engaging with BrightyAI's services. This encompasses individuals using the services personally or on behalf of an organization. In the context of the General Data Protection Regulation (GDPR), 'You' are recognized as the Data Subject or User, as it's you who interacts with our services.

API (Application Programming Interface): This term refers to the set of protocols and tools provided by BrightyAI for integration with the user's software, facilitating interaction between different software applications.

 

Cookies: Small data files stored on the user's device (such as a computer or mobile device) to enhance the browsing experience and remember user preferences.

 

Device: Any electronic apparatus used to access our services, including but not limited to computers, smartphones, and tablets.

 

Data Controller: BrightyAI, in its capacity as a data controller, determines the purposes and means of processing personal data of users. This encompasses decision-making regarding the personal data collected and managed.

 

Data Subject: Refers to any individual whose personal data is being processed. In the context of BrightyAI, this includes users of our services.

 

Service: Encompasses all offerings provided by BrightyAI, including but not limited to our website, API, and any additional tools or applications designed for user interaction.

 

Data Processors (Service Providers): Third-party individuals or entities that process data on behalf of BrightyAI. These service providers are engaged to manage data more efficiently and securely.

 

Personal Data: Information relating to an identifiable individual, obtained directly from the individual or through other sources, and which is in BrightyAI's possession or likely to come into its possession.

 

Usage Data: This includes data collected automatically from the use of our services or from the infrastructure of the services themselves, such as the length of time spent on a webpage.

 

User: Any individual engaging with BrightyAI's services. This term is synonymous with "Data Subject" and refers to anyone whose personal data is processed by BrightyAI.

 

Do Not Track (DNT): has been developed under the guidance of U.S. regulatory authorities, such as the Federal Trade Commission (FTC). This initiative encourages the creation of standards that allow internet users to have more control over the tracking of their activities across different websites.

 

Website: Refers to the collection of web pages accessible under the Brighty AI primary and subdomains.

 

Widget: A tool or application provided by BrightyAI that can be integrated into a user's website to enhance functionality or user interaction.

 

Sale: In the context of the California Consumer Privacy Act (CCPA), the term "Sale" is broadly defined. It encompasses activities like selling, renting, releasing, disclosing, disseminating, transferring, or otherwise making available a consumer's personal information to another business or third party. This can be for monetary gains or other valuable considerations, and may be done through various means including orally, in writing, or electronically.
 

Information We Collect

Personal Information

We collect the following categories of personal information:

  • Identification Information: identifiable information like name, email address, physical address, and phone number. 

  • Financial Information: Financial and transactional information for payment processing (bank account details, credit card numbers, and transaction history).

  • Internet Activity: Browsing history, search history, and information on interactions with our website or services (technical data such as IP address, browser type, and usage statistics).

Non-Personal Information

  • Aggregated Data: We collect aggregated data through various means, including but not limited to user interactions with our service, website traffic patterns, and general usage statistics. By analyzing trends, patterns, and overall user engagement, we can enhance the functionality, efficiency, and user experience of our service. Aggregated data allows us to gain valuable insights into how our services are used, helping us to identify areas for growth and improvement. It enables us to tailor our service to better meet the needs and expectations of our users. We also use aggregated data for market analysis, helping us to understand industry trends, user demands, and competitive landscapes.

    Our handling of aggregated data is designed to be fully compliant with applicable privacy laws and regulations, ensuring that user privacy is not compromised. We take stringent measures to ensure that individual users cannot be identified or re-identified from the data.

    We are committed to transparency in how we collect and use aggregated data. This section of our Privacy Policy serves to inform users of these practices. While aggregated data is generally non-identifiable, we provide options for users to control their data, including settings and preferences related to data collection and usage.
     

How We Use and Share Your Information

  • Legal Compliance: Adhering to applicable laws, regulations, and legal requests and disclosing information in response to lawful requests by public authorities.

    • Compliance with Law Enforcement and Legal Orders: There are situations where BrightyAI might need to disclose your personal data, specifically if we are mandated by law, or in response to valid requests from government entities, courts, or law enforcement agencies.

    • Meeting Legal and Regulatory Obligations: BrightyAI may release your personal data if we believe in good faith that it's necessary to:

      • Adhere to legal requirements or obligations.

      • Defend the rights or property of BrightyAI.

      • Investigate suspected or actual illicit activities related to our Service.

      • Ensure the safety of Service users or the public.

      • Guard against legal liabilities.

  • Service Provisioning: At BrightyAI, we engage with various third-party service providers to perform a range of services on our behalf. This collaboration is essential for enhancing our service offerings and ensuring a seamless user experience. Here’s how we share your information with these entities:

    • Data Processing and Management: These providers handle the technical aspects of data storage, processing, and management, ensuring that our service runs smoothly and efficiently.

    • Analytics and Performance Monitoring: To better understand user interaction with our service and improve our offerings, we use analytics service providers who analyze user data and provide insights.

    • Security and Fraud Prevention: These services help us protect your data and our service from unauthorized access, cyber threats, and fraudulent activities.

  • Marketing: Sending promotional materials, subject to your consent where required by law.

  • Corporate Changes and Transitions: In the event of significant corporate changes, such as a merger, acquisition, or sale of assets, there may be a transfer of your personal data. We will notify you in advance of any such transfer, at which point your personal data will be subject to a new Privacy Policy.
     

Principles of Data Sharing

  • Purpose-Limited Sharing: We share information with service providers strictly for the purposes outlined in our agreements with them. This means they are authorized to use your information only to deliver the services we have contracted them for.

  • Privacy and Security Compliance: All our service providers are required to adhere to privacy and security standards that align with our own policies. We ensure that they implement adequate measures to protect your data.

  • Legal and Contractual Obligations: Our agreements with service providers include clauses that bind them to comply with relevant privacy laws and regulations, ensuring they handle your information responsibly and lawfully.

  • Transparency and Control: We aim to be transparent about the nature of our relationships with third-party service providers. Where possible, we provide you with control over how your data is shared and used by these entities.
     

Data Security and Retention

  • Security Measures: We implement appropriate technical and organizational measures to protect your data. The safeguarding of your personal data is a priority for us. However, it's important to recognize that no method of electronic transmission or storage is infallible. While we commit to employing commercially acceptable practices to protect your personal data, absolute security cannot be guaranteed.

  • Data Retention: We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.
     

Your Rights and Choices

  • Access and Correction: You can request access to or correction of your personal information.

  • Consent for Sharing: In certain cases, we may seek your explicit consent before sharing your data with service providers, especially for purposes like marketing and communication.

  • Opt-Out of Marketing Communications: You have the right to opt-out of receiving marketing communications or limit the extent to which your information is shared.

  • California Privacy Rights: Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal information.
     

Detailed Information on the Processing of Your Personal Data

Analytics Services 

We collaborate with third-party service providers to evaluate and analyze how our services are used.

 

Google Analytics

  • Google Analytics, a service by Google, assists in tracking and reporting on website traffic. Google processes this data to observe how our Service is utilized and may integrate this data with their other services, including advertising networks.

  • To prevent your data from being used by Google Analytics, you can install the Google Analytics opt-out browser add-on. This tool restricts Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information about visit activity.

  • For detailed insights into Google’s privacy practices, please visit their Privacy & Terms page at Google Privacy & Terms.

 

SEMRush

  • SEMRush provides analytical services for website evaluation.

  • You have the option to opt-out of marketing communications by following the instructions in the communications from us or by contacting us at [privacy@semrush.com]. Note that you might still receive essential service-related and non-marketing communications.
     

Advertising Practices

To support and maintain our Service, we may engage third-party Service Providers to display advertisements.

Google AdSense and DoubleClick Cookie

  • Google, acting as a third-party, utilizes cookies to deliver ads on our Service. The use of Google's DoubleClick cookie allows Google and its partners to present advertisements based on your visits to our Service and other websites on the Internet.
     

Email Marketing

Our approach to communication includes sending newsletters, marketing materials, and other relevant information that we believe might interest you.

  • Your personal data may be utilized for these communications. You have the option to opt out of any or all marketing communications from us by using the unsubscribe link in our emails or by directly contacting us.

  • We may employ the services of Email Marketing Service Providers to efficiently manage and send these emails to you.

 

Use of Cookies and Other Tracking Technologies

At BrightyAI, we implement cookies and similar tracking technologies to observe interactions on our Service and store specific information. These technologies, which include beacons, tags, and scripts, aid us in gathering data to enhance and analyze our Service. The types of technologies we utilize are as follows:
 

  • Cookies or Browser Cookies: These are small files placed on your device. You have the option to set your browser to reject all cookies or signal when a cookie is being sent. However, not accepting cookies may limit your ability to use certain aspects of our Service. If your browser settings are not adjusted to refuse cookies, our Service will deploy cookies as needed.

  • Flash Cookies: Our Service might use local stored objects (Flash Cookies) to gather and store data about your preferences and activities. These are managed differently than regular browser cookies. You can learn how to manage Flash Cookies by visiting Adobe's page on Disabling Local Shared Objects.

  • Web Beacons: Some parts of our Service and emails may include web beacons (clear gifs, pixel tags, single-pixel gifs) that enable us to count users who have visited specific pages or opened emails, among other statistical data.

    We use both "Session" and "Persistent" cookies:
     

    • Session Cookies are deleted once you close your browser, while 

    • Persistent Cookies remain on your device even after offline.


The purposes of using these cookies are:

  • Necessary/Essential Cookies (Session Cookies): These are crucial for providing services through our Website, such as authentication and fraud prevention.

  • Cookies Policy Acceptance Cookies (Persistent Cookies): These identify if users have agreed to the use of cookies on the Website.

  • Functionality Cookies (Persistent Cookies): They remember your settings and preferences for a personalized experience on our Website.

  • Tracking and Performance Cookies (Persistent Cookies, Third-Party): Used for gathering data on website traffic and user interaction, potentially identifying you indirectly.

  • Targeting and Advertising Cookies (Persistent Cookies, Third-Party): These track your browsing habits to display relevant advertisements based on your interests.
     

International Data Transfers

  • Cross-Border Transfers: Information we collect may be processed and stored in the United States or other countries which may have different privacy laws from your country of residence.

  • Data Transfer Mechanisms: When transferring data internationally, we use approved data transfer mechanisms, such as Standard Contractual Clauses (SCCs), to ensure that the data is protected according to the standards required within the European Union and other jurisdictions.

  • Data Transfer Implications: Users should be aware that data protection laws in the United States or other countries may not offer the same level of protection as in their home country. However, we take all reasonable measures to ensure that your data is treated securely and in accordance with this Privacy Policy.

  • Regular Policy Review: We regularly review our data transfer practices and policies to ensure compliance with the latest international data protection laws and standards.
     

Governing Law

  • Jurisdiction and Applicability: This Privacy Policy, along with our privacy practices, is governed by and construed in accordance with the laws of the United States. This means that the protection and handling of your personal data, as detailed in this policy, are subject to U.S. law.

  • Compliance with U.S. Regulations: BrightyAI is committed to complying with all applicable federal and state laws and regulations governing data privacy and protection in the United States. This includes, but is not limited to, regulations such as the California Consumer Privacy Act (CCPA), the Health Insurance Portability and Accountability Act (HIPAA), and other relevant data protection laws.

  • International Considerations: While BrightyAI operates under U.S. law, we recognize the global nature of the internet. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the U.S. The data protection and other laws of the U.S. and other countries might not be as comprehensive as those in your country.

  • Legal Disputes and Resolution: Any disputes arising from or in connection with this Privacy Policy will be resolved in the courts of the United States. Users agree to submit to the jurisdiction of these courts for the purpose of litigating any such disputes.

  • Modifications in Legal Landscape: We are aware that privacy laws are continually evolving. As such, we will regularly review and update our Privacy Policy to ensure compliance with current laws and best practices. We encourage users to periodically review this section to stay informed about our commitment to protecting your privacy and how the laws of the United States govern these terms.
     

GDPR Compliance Framework

Grounds for Processing Personal Data Under GDPR

BrightyAI processes personal data in accordance with GDPR under these circumstances:

  • Consent: We may process data if you have explicitly consented to its use for specified purposes.

  • Contractual Necessity: Personal data processing may be required to fulfill a contract with you or to take steps at your request prior to entering a contract.

  • Legal Compliance: We process personal data as necessary to comply with legal obligations.

  • Vital Interests: In certain situations, we process personal data to protect the vital interests of you or another individual.

  • Public Task: We might process personal data for tasks performed in the public interest or under official authority.

  • Legitimate Interests: Processing might be necessary for the legitimate interests pursued by BrightyAI, except where such interests are overridden by your data protection rights.

BrightyAI is committed to providing clarity regarding the legal basis for processing personal data, including whether it is a requirement for a contract or a legal obligation.

 

Rights of Data Subjects Under GDPR

As a data subject under GDPR, you are entitled to:

  • Access: You can request access to and obtain a copy of your personal data that we hold.

  • Rectification: You have the right to correct inaccurate or incomplete personal data.

  • Objection: You can object to processing based on legitimate interests or direct marketing.

  • Erasure: You may request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected.

  • Data Portability: You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

  • Withdraw Consent: If processing is based on consent, you have the right to withdraw consent at any time, affecting the future use of your data.

Exercising GDPR Rights

You can exercise your GDPR rights by contacting us directly. We may request verification of your identity for security purposes. We aim to respond promptly to your requests.

Should you have concerns about our data handling practices, you are entitled to lodge a complaint with a relevant Data Protection Authority, particularly if you are in the European Economic Area (EEA).
 

CCPA Privacy Rights

This section of our Privacy Policy is specifically tailored for California residents and supplements the main Privacy Policy, applying exclusively to visitors, users, and others residing in California.

 

Types of Personal Information We Handle

Under the guidelines of the CCPA, we have handled the following types of personal information from California residents in the past twelve months. It's important to note that not all categories may have been collected; this list reflects what we may have potentially gathered:

  • Identifiers: Such as names, email addresses, and other similar data.

  • California Customer Records Personal Information Categories: Including names, contact information, education, employment, and other financial details.

  • Commercial Information: Details about transactions and purchases.

  • Internet or Network Activity: Data regarding your interaction with our Service.

 

Note: Other categories like Protected Classification Characteristics, Biometric Information, Geolocation Data, Sensory Data, Professional or Employment-Related Information, Non-Public Education Information, and Inferences Drawn are not collected by us.

 

Additionally, we do not consider publicly available information, deidentified, or aggregated consumer information as

personal data under the CCPA.

How We Source Personal Information

The personal data we collect comes from various sources:

  • Directly from Users: For instance, data provided through forms on our Service or through direct interactions.

  • Indirect Observations: Such as observing user activities on our Service.

  • Automatic Collections: Through cookies or similar technologies as you navigate our Service.

  • Third-Party Service Providers: Such as vendors for analytics, marketing, and payment processing.

 

Usage and Disclosure of Personal Data

Our use and disclosure of personal information for business or commercial purposes align with CCPA guidelines:

  • We utilize personal data to operate and maintain our Service, respond to inquiries, process transactions, and comply with legal requirements.

  • For business or commercial purposes, we have disclosed categories like Identifiers, California Customer Records Personal Information Categories, Commercial Information, and Internet or Network Activity.

 

Sale of Personal Information

While we may share certain categories of personal information for valuable consideration, it is not necessarily in exchange for money. Categories that might have been shared include Identifiers, California Customer Records Personal Information Categories, Commercial Information, and Internet or Network Activity.

Our contracts with third parties who receive personal information stipulate the confidentiality and purpose limitation of such data.
 

BrightyAI respects the privacy of minors. We do not knowingly sell personal information of individuals under 16 years of age. If between the ages of 13 and 16, or if you are the parent or guardian of a child under 13, we require affirmative consent ("opt-in") before any sale of personal information. Consumers may rescind consent and opt out of future sales at any point. Please reach out to us to exercise these rights.

 

If you believe a child under 13 (or 16) has provided us with personal information, please inform us so we can take the necessary steps to remove this information.

Exercising CCPA Rights

As a California resident, you have specific rights under the CCPA, such as:

  • Right to Know: You have the right to know what categories of personal information we collect and the purposes for which we use it.

  • Data Access and Portability: You can request details about the personal information we have collected, including the sources, purpose of collection, and third parties with whom we share it.

  • Right to Opt-Out: You can direct us not to sell your personal information. Contact us for these requests.

  • Right to Deletion: You can request the deletion of your personal data, subject to certain conditions.

  • Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, please contact us directly. We may ask for verification of your identity before proceeding with your request.

CCPA “Do Not Track” Policy

Our Service does not specifically respond to "Do Not Track" (DNT) signals. However, you can set your browser to inform websites you do not wish to be tracked.

 

Shine the Light Law

Under California's Shine the Light law, California residents may request information about the sharing of their personal data with third parties for direct marketing purposes. Contact us for more information.

Privacy Rights for California Minors

California minors under 18 who are registered users of online services can request the removal of content or information they have publicly posted. To request removal, please contact us with the associated email address of your account.

Please note that removal requests do not guarantee the comprehensive removal of content or information posted online and may be subject to certain legal exceptions.

If you have concerns about our handling of your personal data, you have the right to contact a data protection authority in California.
 

External Links on Our Service

Our Service provides links to websites outside of our domain. These external sites are not under our management. When you follow a link to an external website, we recommend that you read their privacy policy to understand how they handle personal information.

Please be aware that BrightyAI does not have influence over, nor do we bear any responsibility for, the content, privacy policies, or practices of third-party websites or services.
 

Changes to This Policy

  • Updates: We may update this policy from time to time. We will notify you of any significant changes by posting the new policy on our website or through other communication channels.
     

Contact Us

  • If you have any questions or concerns about this policy or our practices, please contact us at support@brightyai.com.

Effective Date

  • This policy is effective as of January 1st, 2024.  

There Is Something for Everyone

Explore our versatile pricing options designed to accommodate every individual's budget and goals, ensuring you find the perfect match for your needs.

bottom of page