Privacy
Last updated February 2023
PRIVACY POLICY
Bright River respects your privacy and this page informs you of our policies regarding the collection, use and disclosure of Personal Data we receive when you visit our website, create an account and make use of our services. By using our website or our services, you agree to the collection and use of information in accordance with this policy.
The security of your Personal Data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Personal Data
By using our website or our services you may leave certain information behind that may include Personal Data, such as your name and your email address.
We will only use your Personal Data needed:
- to provide the service;
- to manage your company’s account;
- to enable the processing of payments; and
- for marketing purposes and to inform you about developments and changes to our services / products.
We will not share Personal Data with third parties without your prior consent except where Bright River is required to do so by law or as is necessary to perform our services. If we process Personal Data on your behalf we strive to comply with all obligations under the EU General Data Protection Regulation and to ensure that our use complies with our commitments to you. Visual Content Inputs (e.g. image and video inputs) processed by the service are explicitly not considered as Personal Data within the meaning of this Privacy Policy. Nevertheless, we will explain below what you can expect from us with regard to Visual Content Data.
Visual Content Data
Bright River may store and use Visual Content Inputs (e.g. image and video inputs) processed by the service solely to provide and maintain the service and to improve and develop the quality of our machine-learning/artificial-intelligence technologies and the training of our designers. The use of your content is necessary for continuous improvement of our services, including the development and training of related services. Except for the features belonging to visual content (such as the models included in the visual content), we do not store or use any personally identifiable information that may be contained in your Visual Content Inputs.
Log Data
Like many site operators, we collect and use information that your browser sends whenever you visit our website (“Log Data”) that is not personally identifiable such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics, Google Tag Manager, Hubspot and Intercom that collect, monitor and analyze this. The information we share will not include Personal Data such as your name and your email address.
Third Parties
Bright River may engage its service network for the provision of its services. The service network Bright River has established consists of a number of carefully selected professional partners with which Bright River has agreements in place to guarantee the same level of protection you expect from us.
Our service network includes our production facilities that are located in Asia. We don’t share Personal Data such as your name and your email address with our production teams in Asia. However, our production teams may have access to the Visual Content Inputs you provided and use it to perform the required services. Besides our production facilities we also use companies like Google, Microsoft, Hubspot, Intercom, Atlassian, Adobe, Exact, Payt and Salesforce to provide our systems and services.
In case Personal Data nevertheless must be shared with our production facilities in order to perform our services, we commit ourselves to everything agreed in this agreement regarding the protection of your Personal Data and we regard the services of our production teams as part of our responsibility towards you.
Storage of Personal Data & Visual Content Inputs
We will keep your Personal Data, whether or not your account is active, as long as we need it for the purpose for which we received your data in the first instance or to comply with applicable laws, audit requirements, regulatory requests or court decisions.
After your first request to permanently delete your account, we will archive personally identifiable data, such as your name and your email address for two months. After this period has expired, your personally identifiable data such as your name and email address will be permanently deleted.
Non personally identifiable data, such as the materials created from the Visual Content Inputs you provide, will be kept for development and training purposes after you have uploaded the visual content.
Your rights concerning your Personal Data
Please be aware that you shall have the right to obtain confirmation as to what Personal Data is being processed and where that is the case and, if applicable, to rectify or to erase your Personal Data or to transmit those data to another controller. Besides this, you shall have the right to object, on grounds relating to your particular situation, at any time to processing of Personal Data that concerns you.
Security Measures to protect your Personal Data
We operate sufficient technical and organisational measures to protect your Personal Data against unlawful and unauthorised processing and against accidental loss, destruction or damage. In particular we take the following security measures to protect your privacy:
- We pseudonymise and encrypt Personal Data for our production teams outside the EU;
- Client accounts are encrypted ;
- Access to Personal Data is protected and limited to selected individuals;
- Secured connections for internal and external data transfers;
- Secured communication with the server (HTTPS / SSL);
- Data is stored on secured servers or secured cloud providers;
- Physical access to the servers and company premises where data is stored, is limited to authorized persons;
- We only use up-to-date licensed software and up-to-date (Internet) security software;
- For cloud solutions we have 2-factor authentication in use;
- To ensure the compliance to our security goals we or our technology partners conduct the following tests periodically:
- Regular vulnerability scanning;
- Periodic monitoring of data security protocol;
- Periodic monitoring of access control systems.
- Our Cloud and hosting technology partners handling Personal Data have up-to-date Information Security policies and certifications;
Changes to this privacy Policy
We may update this Privacy Policy from time to time, and when we do so, we will update the “last modified” date at the top of this Privacy Policy. By regularly checking this page, you always know what information we collect, how we use it and under what circumstances we share it with other parties.
Please keep in mind that if you enter your email address separately within the feedback button on our website, your email address might end up with parties that provide our cloud software such as Hotjar and might be used for further research purposes.
If you would like to view or contest the accuracy of the personal data we hold about you, please send us an email to privacy@bright-river.com..
Bright River BV
Hendrik Figeeweg 1H, 2013 BJ Haarlem Telephone +31 (0)23 542 1530 ABN AMRO 46.36.88.872 Account Bright River Iban NL33 ABNA 0463 6888 72 Swift ABNANL2A Chamber of Commerce 57217602 VAT NL852486911B01