Brightlines Privacy Policy

Last Updated: December 2022

This privacy policy applies to information that Brightest Lines, Inc., (“Brightlines,” “we,” “our,” “us” ) collects when you use the Brightlines service. This policy is meant to help you understand what data we collect, why we collect it, what we do with it, and your options regarding our collection and use of that data.

Updates to our privacy policy

From time to time, we may update this privacy policy if we make changes to our practice. Anytime we revise this policy, we will update the contents of this page and the date at the top of this page. Your continued use of the service following such changes affirms your agreement to any changes we make to this privacy policy with regard to information collected from you in the past and in the future.

Your data

We only collect information from you that is necessary to provide the Brightlines service. However, for our services that's a lot of data, and it includes information you're often told not to share. We have robust internal processes and policies in place to ensure that your personal data remains secure, and is only used as needed to perform services related to your Brightlines subscription. 

It’s our business to take your privacy seriously. That includes helping you scrub your personal information and data available online - and safeguarding it as we do so.

Information we collect

Contact information we use to communicate with you, such as email address and phone number.

  • Personal information you provide during our intake process.

  • Payment information, including your credit card or bank account information.

  • Google email and name if you choose to use Google's sign on to access our services. 

  • Hardware and software information, such as device and application data, used when accessing our website, via Google reCAPTCHA APIs.

  • Website logs and cookies, including IP address, browser and device type, operating system, referring web page, the date and time of page visits, and the pages accessed on our websites.

  • Feedback that you may provide us.

How we use this information

  • Contact information is only used to communicate with you, such as updates on your case, notifications of the availability of a new report in the portal, or to set up a call to gather feedback. Your contact information is not used for marketing purposes without your permission.  

  • Personal information is only accessed by Brightlines team members who are researching YOU, and access to it is restricted to our research team. All team members sign non-disclosure agreements agreeing to protect your data, follow robust device and data security measures to make sure data cannot be hacked, and receive tools and guidance for handling sensitive data, avoiding social engineering, and other non-technical attacks. Upon completion of your Brightlines subscription, your personal data is scrubbed from our systems.  

  • Payment information is used only for billing purposes. Online payments are processed by our bank and/or accounting platform, and check payments are processed by our accredited accounting firm. 

  • Google account information is solely used to access your account via Google Single Sign On, and only if you choose to login using it. 

  • Hardware and software information. We use the Google reCAPTCHA APIs as part of our services to help protect our clients and our systems from cyber spam and abuse. The reCAPTCHA API works by collecting hardware and software information, such as device and application data, and sending this data to Google for analysis. The information collected in connection with your use of the service will be used for improving reCAPTCHA and for general security purposes. It will not be used for personalized advertising by Google. You can find further details via this link.

  • Website logs and cookies are used to monitor metrics about our site such as the number of visitors and pages viewed, for internal diagnostic and analytic purposes, and to improve our website and the services we provide.

    • Cookies: This website is hosted by Squarespace. Squarespace collects personal data when you visit this website, which may include, but is not limited to, information such as web pages visited before and after visiting the website, date and time, logs, type of mobile device you use, links you click on within the website, interactions with an advertisement delivered by us or a third party advertising technology vendor, and other communication data regarding the resources you access and use on this website. Squarespace also collects your IP address, which is a unique identifier that certain electronic devices use to identify and communicate with each other on the Internet. Squarespace needs the data to run this website, and to protect and improve its platform and services. Squarespace analyzes the data in a de-personalized form.

    • Web beacons: We may collect information using “web beacons” (also referred to as clear gifs, pixel tags, and single-pixel gifs). Web beacons are electronic images that may be used on our site. We use web beacons to deliver cookies, count visits to pages on our website, understand usage and campaign effectiveness.

    • Analytics tools: We use the third-party service Squarespace Analytics to help analyze how users interact with our website. Squarespace Analytics uses cookies to collect information about your use of the website, including your IP address; information about your browser, network, and device; web pages you visited prior to coming to this website; and details about your use of this website, including clicks, internal links, pages visited, scrolling, searches, and timestamps. We share this information with Squarespace, our hosting platform and website analytics provider, to learn about site traffic and activity. Squarespace analyzes this data in a de-personalized form.

    • IP Addresses and log files: We log your IP address for systems administration and troubleshooting purposes. We also use page hits in the aggregate to track the popularity of pages that people visit in order to improve the quality of the site. There is no personal identifiable information collected in our log files.

  • Feedback we use to improve the services we provide to you and all our clients.

Your choices

Email subscription: If you submit your email address anywhere on this website, your email address may be added to the Brightlines email list to receive periodic updates from Brightlines by email. You may opt out of receiving future information via email by using the “unsubscribe” link included in each email. Please allow us a reasonable period of time to fulfill your request to unsubscribe, as some planned emails may already be in process.

Disabling cookies: Most Web browsers are set to accept cookies by default. The “Help” tab of most browsers will tell you how to prevent your browser from accepting cookies, how to have the browser notify you when you receive cookies, and how to disable cookies. Please note that if you reject or block cookies, it may affect your ability to access some of the features and content of our website. For help locating cookies on your device, visit your browser's documentation:

Web beacons: Unlike cookies, you cannot decline web beacons. However, setting your browser to decline cookies or to prompt you for a response will keep web beacons from tracking your activity.

Google Analytics: You may opt out of use of your information by Google Analytics by using the Google Analytics Opt-out Browser Add-On.

Advertising: We, along with our third party service providers, may use non-personally identifiable information to provide more relevant advertising and content. If you prefer to opt out of the use of third-party cookies on our website that may be used to obtain this information, you can do so by visiting the Network Advertising Initiative opt out page.

Data security

At Brightlines our mission is security - and that includes securing your data and privacy. 

Clients receive a Client ID upon signing up for our services and are not discussed, orally or in writing, by name or organization. We also restrict access to your personal information to those employees and contractors who need that information to provide services to you. All our team members sign non-disclosure agreements agreeing to protect your data and keep it confidential. Additionally any sensitive communication is shared via Signal or other secure means. 

Our team members must adhere to our strict security protocol, which includes securing all devices with full-disk encryption and strong passcodes, and all accounts with 2FA and password manager-generated passwords. We prevent harmful trackers from being added to browsers, and ensure that data will be sent on a secure, encrypted, and user-controlled connection. We use virtual private networks (VPN) when connecting to WiFi networks in airports, air planes, coffee shops, and hotels, as well as privacy screens.

We use Secure Sockets Layer (SSL) software, which encrypts information you input and allows you to view your information securely. We store the personal information we collect from you behind a secure firewall and place the transaction site on a secure cloud server. 

We do our best to ensure that your data and information is treated as securely as possible, and require our third-party service providers and partners to have appropriate safeguards as well, in accordance with this Privacy Policy. That said, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure.

By using our services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our services. If we learn of a security system’s breach, we will be in touch.

Data retention and deletion

While you’re using the Brightlines services, we retain your personal data on our secure internal systems and limit access to it to only Brightlines team members working on your behalf and on secured devices. 

Within 90 days of completing your subscription, your personal information is deleted from our internal systems. This includes the personal information provided during the intake process and the PII we found throughout the duration of our time working together. 

We may retain your contact information, as well as your reports and other deliverables, in an anonymized format and in an encrypted archive, to facilitate renewal of services. We will delete all of this data within one year of your completing the subscription.

Notice for parents

We strongly encourage parents and guardians to supervise their children's online activities and talk to their children about keeping their personal information safe and secure.

Brightlines does not knowingly collect, use or distribute personally identifiable information from children under age 13. To respect the privacy of children and to comply with the Children’s Online Privacy Protection Act, children under the age of 13 should not provide any personal information on our website.

If we learn we have collected or received personal information from a child under 13, we will delete that information as soon as reasonably possible. If you have questions or concerns about your child's information, or if you believe we might have collected any information from or about a child under 13, please contact us at hello@brightlin.es

Your California privacy rights

California Civil Code Section § 1798.83 allows website visitors who are California residents to request certain information regarding our disclosure of personal information to third parties for marketing purposes.

To make such a request, please send an e-mail to hello@brightlin.es

Like many other websites and online services, Brightlines does not currently alter its practices when it receives Do Not Track signals because there is no consensus among industry participants as to what “Do Not Track” means in this context. To find out more about “Do Not Track,” you may wish to visit https://allaboutdnt.com.

Visiting our site from outside the United States

If you are visiting our website from outside of the United States, please be aware that your information may be transferred to, stored or processed in the United States, where our servers are located and our central database is operated. United States data protection laws may differ from those in your country. By using our website, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this privacy policy.

Contacting us about privacy

If you have any questions, comments or concerns about our privacy policy or our data practices, or if you have corrections to the information we have collected from you online, please send us an email at hello@brightlin.es