BRIGHTEDGE

PRIVACY POLICY

Effective May 23, 2018

 

Our Privacy Policy is intended to help you clearly and easily understand:

  • Who is collecting your information;
  • What information is being collected;
  • How your information is collected;
  • How your information will be used, processed, and shared;
  • Your personal information rights and how you can control your information; and
  • How long your information will be retained.

1. What This Privacy Policy Covers

This Privacy Policy covers how BrightEdge Technologies, Inc., a U.S. company, and the data controller or in some instances the data processor (“BrightEdge,” “we,” “us,” or “our”), treats information it collects and receives from its website located at www.brightedge.com, any mobile or localized version of the website, and any other BrightEdge owned sites (collectively, the “Site(s)”), products, or services that link to this Privacy Policy.  It also covers the use of information we may collect through content we make available on third-party sites or platforms.

By using or accessing the Site and Services, you are accepting this Privacy Policy, our Terms of Use, and all other policies or notices posted by us on the Site, and you consent to our collection and use of your information as described in this Privacy Policy, including that your information may be transferred to, and stored and processed in, the United States.

In addition to our Site, BrightEdge offers an integrated Search Engine Optimization (“SEO”) management technology platform that processes and indexes data to generate actionable insights for our customers to help improve website ranking and performance on search engines, along with associated products and services (collectively, the “Service”).  Our customer agreement may include specific information use provisions that are different from or more restrictive than those described within this Privacy Policy.  Please refer to your individual agreement with BrightEdge to check for any specific information privacy terms that may also apply to the information you provide to us by using the Service.

This Privacy Policy applies to personal data from the European Union and from Switzerland that is collected, used, retained, and processed by BrightEdge in the United States.

2. Types/Categories of Information We Collect

We collect the following types of information:

  • Your username, first and last name, email and/or postal address, telephone number or other information that, alone or in combination can be used to identify you (“Personal Information”) that you provide when you create an account or fill out a form on the Site; 
  • Usage, viewing and technical data automatically collected from your computer or device through cookies and other technologies (described below), such as your device identifier or IP address, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data;
  • Comments or other information you post on the Site;
  • Location information when you visit the Site, including location information provided by a computer or device interacting with the Site. Location information is only used for security, monitoring, and troubleshooting purposes (most devices allow you to turn off location services); and
  • Information we collect when you interact with our content on the Site or on third-party sites or platforms, such as social networking sites. This may include information such as “Likes”, profile information gathered from social networking sites or the fact that you viewed or interacted with our content.

Information from Other Sources. We might receive information about you from other sources and add it to your account information.  Such information may include contact information from business information database providers, which we use to update and correct our records, and search term and search result information from internet searches conducted by our data licensors.

Special Categories of Personal Data.  We do not collect from users or process (a) the special categories of personal data defined by the European Union (“EU”) General Data Protection Regulation (“GDPR”); or personal data relating to criminal convictions or offenses.  The Site and SEO Platform are not meant for the processing of sensitive Personal Information.  Please do not send us, and do not disclose, any sensitive Personal Information (such as information related to racial or ethnic origin, religion or other beliefs, health, criminal background or trade union membership) on or through the Site or otherwise, as BrightEdge has no intentions of processing such sensitive Personal Information. 

3. How We Collect Information

We and our third-party service providers who provide Service functionality, may collect information about you in the following ways:

  • When you request products, services, or information from us, fill out a form, or otherwise interact with us through the Site;
  • When you contact us separately by email or telephone;
  • From third-party sources, to update or supplement the information you provide or that we collect automatically, including utilizing business information databases and platforms for additional updated account information;
  • Automatically through technology such as cookies, Flash cookies, HTML5 local storage, pixel tags, web beacons, clear gifs, or other tracking/recording tools, including when you click on a link to visit the Site, interact with our ads or other content on the Site or on third-party sites or platforms, or open the emails we send. By using the Site or interacting with our content on third-party sites, you agree that we and our service providers may set cookies on your computer or device and use other tracking technologies described above. Please see the sections entitled “Explanation of Cookies and Other Technologies” and “Your Controls and Choices” for additional information regarding these tracking technologies and your choices.

4. Basis for Our Data Processing

BrightEdge processes Personal Information based on your consent and the necessity of such information for providing our Service.  If you do not consent to the processing of your Personal Information, please do not use the Service or engage with the Site. 

5. How We Use and Process the Information We Collect

We use and process your information in the following ways:

  • To provide, maintain and improve the Site and our products and services, including to operate certain features and functionality of the Site (for example, by remembering your information so that you will not have to re-enter it on subsequent visits, or to verify your identity);
  • To diagnose or fix technology problems;
  • To control unauthorized use or abuse of the Site and our products and services, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal;
  • To analyze trends, administer or optimize the Site, monitor usage or traffic patterns (including to track users’ movements around the Site) and gather demographic information about our user base as a whole; 
  • To enhance your experience as a user visiting the Site;
  • To allow us to better service you in responding to your customer service needs;
  • To communicate directly with you, including sending you newsletters, promotions and special offers or information about new products and services. Your opt-out options for promotional communications are described in “Your Controls and Choices” below; and
  • In the manner described to you at the time of collection or as otherwise described in this Privacy Policy or as authorized or required by applicable laws.

6. Sharing Your Information with Third Parties

BrightEdge may share information, including Personal Information, in the following circumstances:

  • With a third party if we have your consent to do so;
  • With third-party service providers to permit such parties to provide services that help us with our business activities, which may include assisting us with marketing, advertising our product/service offerings, fulfillment of orders, or providing, maintaining and improving the features and functionality of the Site. For example, we may provide Personal Information to our service providers for direct emailing of our newsletters or notifications of our product/service offerings.  We take reasonable steps to require that these third parties agree to process such information in accordance with our instructions and appropriate security protections.  In addition, these third parties are authorized to use your Personal Information only as necessary to provide services to us or as required by law. Acceptance of this Privacy Policy and use of our Service is your consent to the data processing by our service providers. You can withdraw your consent at any time by following the process in Section 9.
  • With our parent companies, subsidiaries and affiliates (and they may use your information in the same way we can under this Privacy Policy);
  • When we have a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, including lawful requests by public authorities, for example to meet national security or law enforcement requirements, (b) enforce our Terms of Use or other applicable policies or agreements governing your use of the Site, including investigation of potential violations thereof, or (c) protect against imminent harm to the rights, property or safety of BrightEdge, its users or the public as required or permitted by law;
  • With third parties (including our service providers and government entities) to detect, prevent, or otherwise address fraud, security or technical issues; and
  • As we continue to develop our business, we may also sell all or part of our business. In such transactions, Personal Information you have shared with us is generally one of the business assets that will be transferred.

We may also share aggregated information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information we collected through our technology. If we are required under applicable law to treat such information as Personal Information, then we will only disclose it as described above. Otherwise we may disclose aggregated, non-identifiable information for any reason.

If you post comments on the Site, any Personal Information you post is publicly available, can be read, collected, or used by other visitors to the Site.  Please be mindful of the information that you may choose to post in open forums or other similar mechanisms on the Site.  See our Terms of Use for more information and the guidelines for posting content on the Site.

7. International Data Transfer

We may from time to time transfer or disclose your Personal Information to recipients in other countries outside the United States and make it accessible to our parents, subsidiaries, affiliates and third party service providers internationally in the circumstances described in “Sharing Your Information with Third Parties” above. By using the Site or otherwise providing Personal Information to us, you are consenting to have your Personal Information transferred to and processed in the United States or any other country in which BrightEdge or its parents, subsidiaries, affiliates and service providers maintain facilities.

EU - U.S. Privacy Shield. BrightEdge participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. BrightEdge is committed to subjecting all personal information (i.e. Personal Data) received from EU member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. BrightEdge has certified it adheres to the Privacy Shield Privacy Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. By using the Service, you consent to having your personal data transferred to and processed in the United States.

Swiss - U.S. Privacy Shield. BrightEdge complies with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from Switzerland to the United States. BrightEdge has certified to the Department of Commerce it adheres to the Privacy Shield Principles. By using the Service, you consent to having your personal data transferred to and processed in the United States. 

If there is any conflict between this Privacy Policy and the EU – U.S. or Swiss – U.S.  Privacy Shield Principles, the Privacy Shield Principles shall govern.  You can find BrightEdge’s Privacy Shield certification here. You can also learn more about Privacy Shield at https://www.privacyshield.gov.

Transfer and Enforcement Mechanisms for EU - U.S. and Swiss – U.S. Privacy Shield. BrightEdge may be accountable for the processing of personal data it receives, under the Privacy Shield Framework, and may subsequently transfer data to a third party acting as an agent on its behalf in the circumstances described in “Sharing Your Information with Third Parties” above.  If the agent processes personal data in a manner inconsistent with the Privacy Shield Principles, we are responsible if it does so and for the harm caused. BrightEdge complies with the Privacy Shield Principles for all onward transfers of personal data from the EU or Switzerland, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BrightEdge is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

In compliance with the Privacy Shield Principles, BrightEdge commits to resolve complaints about our processing of your personal data. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact BrightEdge as indicated in “Contact Information” below.  When you contact us with a complaint, please include contact information and clearly describe your complaint.  We will respond to your request or complaint within a reasonable time and will let you know next steps in resolving your complaint. 

As part of our participation in the Privacy Shield Framework, BrightEdge will resolve your dispute regarding our privacy policies and practices through JAMS, an alternative dispute resolution provider located in the United States. If you still have privacy or data use concerns that we have not addressed satisfactorily, please contact JAMS (free of charge) directly at https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. If your complaint is not resolved through these channels, under certain circumstances a binding arbitration option may be available before a Privacy Shield Panel, as described in Annex I to the Privacy Shield Principles (please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction). Additionally, as part of the Privacy Shield Framework, the U.S. State Department Senior Coordinator serves as the Ombudsperson to facilitate the processing of requests relating to national security access to data transferred from the EU to the U.S. or Switzerland to the U.S.

8. Your Controls and Choices

Opt-OutsWe may provide you with the opportunity to “opt-out” of (a) disclosing your personal information to third parties, except to a third party that is acting as an agent to perform tasks on our behalf and under our instructions as described in “Sharing Your Information with Third Parties” above; (b) using your personal information for a purpose that is materially different from the purpose for which it was originally collected or that you authorized. If you decide to opt-out, we may not be able to provide certain features of the Site to you.

Communication Preferences. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in such communications or on the Site. Please note, however, that even if you opt-out of promotional communications, we may still send you certain service-related communications.

Blocking CookiesYou can remove or block certain cookies using the settings in your browser but the Site may cease to function properly if you do so.

Controlling Flash Cookies. To manage the Flash cookie settings and preferences for your computer, please click here and you will be directed to the Settings Manager on Adobe's website. You may also be able to manage Flash cookies from your browser, depending on the version of your browser.

Deleting Other Browser Information.  Many Internet browsers allow you to disable HTML5 local storage or delete information contained in HTML5 local storage using browser controls. 

9. Your Personal Information Rights

Pursuant to the Privacy Shield Principles, the EU GDPR, and other applicable privacy laws, you have the right to:  

  • Know what Personal Information BrightEdge has about you;
  • Ensure your Personal Information is accurate and relevant for the purposes for which BrightEdge collected it;
  • Make your Personal Information portable to another data controller;
  • Withdraw your consent to BrightEdge processing your Personal Information; and
  • Have your Personal Information erased.

If you would like to review, correct, receive a copy of, or erase the Personal Information we have about you or withdraw your processing consent, please send us your request using the “Contact Information” below.  Unless a legal exemption applies, we will respond to all such requests within thirty (30) days.  If we refuse your request, we will notify you of our reasons for the refusal to the extent required and how you may complain about the refusal. 

We ask individual users to identify themselves and to specify the information requested to be accessed, corrected, or erased before processing such requests, and we may decline to process requests that are unreasonably repetitive and vexatious, require disproportionate technical effort (for instance, requests concerning information residing on backup tapes), jeopardize the privacy of others, or would be extremely impractical, or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.  However, we will not charge you for the making of the request or to correct, update, or erase your Personal Information.

10. Data Retention, Storage, and Security

We hold your Personal Information in a combination of hard copy and electronic files for the period necessary to support the Site, comply with our legal obligations, resolve disputes, or otherwise fulfill the purposes outlined in this Privacy Policy.  Even after you cancel your account, copies of some information from your account may remain viewable in some circumstances where, for example, you have shared information with social media or other services.  We may also retain backup information related to your account on our servers for some time after cancelation for fraud detection or to comply with applicable law or our internal security policies.  We do not always remove or delete all of your non-personally identifiable account information for a number of reasons including due to technical and systems constraints, contractual, financial or legal requirements.

The security of your Personal Information is important to us.  We use physical, electronic, and procedural safeguards to protect your Personal Information.  We have implemented information security best practices throughout our organization, and we are ISO 27001 certified.  When you enter confidential information (such as your password), we may encrypt that information using secure socket layer technology (SSL-encryption).  To learn more about such technology, go to http://en.wikipedia.org/wiki/Secure_Sockets_Layer.  However, no method of transmission over the Internet, method of electronic storage, or other data security methods are one hundred percent secure and we cannot guarantee the security of the information you provide.

If BrightEdge learns of a security breach that may affect your data, we will notify you electronically so that you can take appropriate protective steps.  We may communicate with you electronically regarding security, privacy, and administrative issues related to your use of the Site.  Depending on where you live, you may have a legal right to receive notice of a security breach in writing.  If you are a EU resident, you will receive, without undue delay, a Personal Information breach notification if such breach is likely to result in a high risk to the rights and freedoms of natural persons, or as otherwise required under EU GDPR.  To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice) please email privacy@brightedge.com.

11. Children’s Information 

This Site is not intended for use by anyone under the age of 13 nor does BrightEdge knowingly collect or solicit Personal Information from anyone under the age of 13.  In the event we confirm that we have collected Personal Information from someone under the age of 13, we will delete that information.  If you believe we have any information from a child under 13, please contact us using the contact details in “Contact Information” below.

12. Third Party Sites

The Site may also contain links to third party websites.  This Privacy Policy applies solely to information collected by BrightEdge.  Even if the third party is affiliated with us through a business partnership or otherwise, we are not responsible for the privacy practices of other websites.  If you submit Personal Information to any third party site, your information is governed by that site’s privacy policy.  We encourage you to familiarize yourself with the privacy policies of such websites to determine how they handle any information separately collected from you.  Please be aware that we do not warn you when you have chosen to click through to another website or property when using the Site.

13. Explanation of Cookies and Other Technologies

This section provides more information about some of those technologies used on our Site and how they work.

Cookies. A cookie is a small text file stored on a user’s computer or device for record-keeping purposes. Cookies may be used for various purposes, such as to confirm that users are logged in.  BrightEdge uses cookies for validating authenticated users and tracking a user’s application session information in order to improve user experience, as well as prevent any unauthorized access and to maintain security.

Pixel Tags and Similar Technologies. Pixel tags, web beacons, and clear gifs can be embedded in web pages, videos, or emails and allow a web server to read certain types of information from your browser, check whether and when you have viewed a particular web page or email message, and determine, among other things, the IP address of your computer and the URL of the web page from which the pixel tag was viewed.

Flash Cookies. A “Flash Cookie” (also known as Local Shared Object) is a data file stored on a computer or device by the websites that you visit (click here for more details). From time to time, the Site may use Flash Cookie(s), for example, to enable or control Flash-based content.  Flash Cookies provide similar functionality as the cookies discussed above but are based on different technology.

HTML5 Storage. HTML5 local storage is similar to the cookies discussed above in that it is stored on a computer or device and can be used to store certain information about your activities and preferences. However, these objects are stored in different parts of your computer or device from ordinary browser cookies.

14. Terms of Use, Notices, and Revisions

Please also see our Terms of Use, which describe the restrictions, disclaimers, indemnification and limitation of liability governing the use of the Site. 

We reserve the right to revise, modify, or update this Privacy Policy at any time.  We encourage you to refer to this Privacy Policy on an ongoing basis so that you understand our current privacy practices.  Unless stated otherwise in a separate agreement or privacy statement, this Privacy Policy applies to all information that we have about you.  We may also issue specific information collection and/or privacy notices from time-to-time relating to particular products or services. 

15. Notice to California Residents: Your California Privacy Rights

California Civil Code Section 1798.83 permits customers who are California residents to request that BrightEdge not share their personal data with third parties for such parties’ direct marketing purposes.  To make such a request, please send an e-mail with “California Privacy” in the subject line to privacy@brightedge.com or write to us at the address listed below.  Please note that even if you do choose to opt-out, we may still share your personally identifiable information with third-parties for purposes other than direct marketing, such as for completing a requested transaction or any other non-direct marketing purposes permitted under this Privacy Policy.

16. Contact Information

Our Privacy & Data Protection Officer is available to our customers, business partners, vendors or others who may have questions concerning this Privacy Policy or BrightEdge’s data practices. If you have questions or suggestions about this Privacy Policy, or to make any request described above, please feel free to contact us by email at privacy@brightedge.com or by mail/fax directed to:

Privacy & Data Protection Officer
BrightEdge Technologies, Inc.
989 East Hillsdale Boulevard, Suite 300
Foster City, California 94404 USA

Fax: (650) 763-3894

EU – GDPR Contacts.

BrightEdge Technologies Limited
Company Number 08858492
1st Floor, The Cursitor Building
38 Chancery Lane
London WC2A 1LF
Attention: EU Data Representative

EU residents may lodge a data complaint about BrightEdge with this Data Protection Authority:

Information Commissioner’s Office
Wycliffe House                                                       
Water Lane
Wilmslow, Cheshire SK9 5AF UK

Telephone: 0303 123 1113 or 01625 545 745
Fax: 01625 524 510

17.  Change Log:

Sections 1, 2, 4, 7, 9, & 10.  Modified or added language to comply with GDPR.

Section 16.  Updated contact information to include contact information for BrightEdge’s UK office and GDPR required lead data protection authority.

Miscellaneous changes were made to make the Privacy Policy easier to read and understand.