Privacy Policy

Introduction

BrightOnLABS (“we”, “us” or “Company”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access or use our websites (e.g. brightonlabs.ai, brightonagentic.com), services, or other affiliated offerings (collectively, the “Services”).

By using the Services, you agree to the collection and use of information in accordance with this policy. If you disagree with any part, please do not use our Services.

This Privacy Policy is part of our Terms of Use and is incorporated by reference.

Types of Information We Collect

We may collect two broad categories of information:

A. Non-Personal Information

This is information that does not, on its own, identify a specific individual. Examples include:

  • Technical/usage data: browser type, device model, operating system version, language preference, pages visited, access times, referring site.
  • Aggregated or anonymized usage statistics about how features are used.
  • Log data and metrics collected automatically through analytics technologies (e.g. Google Analytics, internal telemetry).

B. Personal Information

This is information that identifies or can reasonably identify an individual. We collect this when voluntarily provided by you, such as:

  • Name, email address, company name, job title, contact information (phone, address)
  • Credentials and hashed passwords, API tokens, service account identifiers
  • Communications with us (support requests, feedback, forms)
  • Any additional information you opt to provide (e.g. during onboarding or surveys)

When non-personal and personal information are combined, they will be treated as personal information.

Cookies & Tracking Technologies

We use cookies, web beacons, local storage, analytics tools (e.g. Google Analytics or similar), and other tracking technologies to enhance and analyze our Services.

Purposes include:

  • Improving navigation and usability
  • Remembering preferences and session state
  • Measuring usage and traffic patterns
  • Detecting fraud or abnormal behavior

You may control or disable cookies via your browser settings, though doing so may limit certain features or functionalities of the Services.

We may use third-party analytics or tracking services. These third parties may place cookies on your device or collect information about your browsing behavior over time and across sites. The use of such analytics is subject to the provider’s terms and policies.

How We Use the Information

We use personal information (and aggregated data) for the following purposes:

  • To provide, maintain, and improve our Services
  • To communicate with you (e.g. service updates, billing, support)
  • To personalize your experience, tailor content, and suggestions
  • For internal analytics, diagnostics, and usage trends
  • To prevent fraud or security incidents, detect abuse, and enforce policies
  • To comply with legal obligations, enforce our rights, or respond to lawful requests
  • To send marketing communications (where permitted and with opt-out)

Disclosure & Sharing of Information

We do not rent, sell, or share your personal information with third parties except as described here:

  • Service Providers & Subcontractors: We may share information with vendors or partners who perform services on our behalf (hosting, analytics, email, support).
  • Affiliates & Subsidiaries: For internal business operations, consolidation, or shared services.
  • Legal & Compliance: In response to legal requirements (court orders, subpoenas), to enforce our policies, or to protect rights, property, or safety.
  • Business Transactions: In the event of a merger, acquisition, or sale, your information may be transferred to the acquiring entity under the same privacy terms.

We will require such third parties to adhere to confidentiality and security obligations consistent with this policy.

International Data Transfers

Since we operate globally, your information may be transferred to, stored in, or processed in jurisdictions other than where you reside. In such cases, we will ensure adequate protections (contractual clauses, standard data protection clauses, or other safeguards) to protect your personal data.

By using our Services, you consent to such transfers and processing.

Data Retention

We retain personal information only as long as necessary to:

  • Provide the Services and support customers
  • Comply with legal obligations
  • Resolve disputes, enforce our agreements, and protect our rights

We may anonymize or delete data when no longer needed. You may request deletion or correction of your personal data (subject to legal or contractual restrictions).

Your Privacy Rights

Depending on your jurisdiction (e.g. EU, Canada, California), you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction / Update: Request corrections to inaccurate or incomplete data
  • Deletion: Ask us to erase your personal data (subject to legal obligations)
  • Restriction / Objection: Limit or object to certain processing (e.g. marketing)
  • Data Portability: Receive your data in a structured, commonly used format
  • Withdraw Consent: If processing is based on consent, you may withdraw at any time (but it won’t affect lawful processing before withdrawal)

To exercise these rights, contact us at privacy@brightonx.ai. We may verify your identity before fulfilling such requests.

You may also have the right to lodge a complaint with your local data protection authority.

Security Safeguards

We take reasonable administrative, technical, and organizational measures to protect personal information from unauthorized access, alteration, disclosure, or destruction.

These may include:

  • Encryption in transit (TLS 1.2+ or higher)
  • Encryption at rest (AES-256 or equivalent)
  • Role-based access controls, least-privilege principle
  • Internal access logging, audit trails
  • Periodic security reviews, vulnerability assessments, penetration tests

However, no system is 100% secure. In the event of a data breach, we will comply with applicable notification laws and notify affected parties as required.

Marketing & Communications

We may use your personal information (e.g. email) to send promotional or informational communications about our Services. You may opt out of marketing at any time by clicking “unsubscribe” or contacting privacy@brightonx.ai.

Note: you cannot opt out of transactional or service-related communications (e.g. account notices, billing, legal updates).

Corporate & Business Transactions

In connection with a merger, acquisition, reorganization, or asset sale, we may transfer personal data as part of the transaction. The successor will maintain the same privacy commitments.

Minors

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that personal data of a minor has been collected, we will take steps to delete it.

Changes to This Privacy Policy

We may update or amend this Privacy Policy from time to time. When we make material changes, we will notify you (e.g. via email or in-app notice) and post the new version on our site with the new “Last Revised” date.

Your continued use of the Services after such changes constitutes acceptance of the revised policy.

Contact Information

If you have questions, concerns, or requests regarding your privacy or this policy, please contact us:

BrightOnLABS
Email: privacy@brightonx.ai