Effective May 23, 2018
- Who is collecting your information;
- What information is being collected;
- How your information is collected;
- How your information will be used, processed, and shared;
- Your personal information rights and how you can control your information; and
- How long your information will be retained.
2. Types/Categories of Information We Collect
We collect the following types of information:
- Your username, first and last name, email and/or postal address, telephone number or other information that, alone or in combination can be used to identify you (“Personal Information”) that you provide when you create an account or fill out a form on the Site;
- Usage, viewing and technical data automatically collected from your computer or device through cookies and other technologies (described below), such as your device identifier or IP address, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data;
- Comments or other information you post on the Site;
- Location information when you visit the Site, including location information provided by a computer or device interacting with the Site. Location information is only used for security, monitoring, and troubleshooting purposes (most devices allow you to turn off location services); and
- Information we collect when you interact with our content on the Site or on third-party sites or platforms, such as social networking sites. This may include information such as “Likes”, profile information gathered from social networking sites or the fact that you viewed or interacted with our content.
Information from Other Sources. We might receive information about you from other sources and add it to your account information. Such information may include contact information from business information database providers, which we use to update and correct our records, and search term and search result information from internet searches conducted by our data licensors.
Special Categories of Personal Data. We do not collect from users or process (a) the special categories of personal data defined by the European Union (“EU”) General Data Protection Regulation (“GDPR”); or personal data relating to criminal convictions or offenses. The Site and SEO Platform are not meant for the processing of sensitive Personal Information. Please do not send us, and do not disclose, any sensitive Personal Information (such as information related to racial or ethnic origin, religion or other beliefs, health, criminal background or trade union membership) on or through the Site or otherwise, as BrightEdge has no intentions of processing such sensitive Personal Information.
3. How We Collect Information
We and our third-party service providers who provide Service functionality, may collect information about you in the following ways:
- When you request products, services, or information from us, fill out a form, or otherwise interact with us through the Site;
- When you contact us separately by email or telephone;
- From third-party sources, to update or supplement the information you provide or that we collect automatically, including utilizing business information databases and platforms for additional updated account information;
- Automatically through technology such as cookies, Flash cookies, HTML5 local storage, pixel tags, web beacons, clear gifs, or other tracking/recording tools, including when you click on a link to visit the Site, interact with our ads or other content on the Site or on third-party sites or platforms, or open the emails we send. By using the Site or interacting with our content on third-party sites, you agree that we and our service providers may set cookies on your computer or device and use other tracking technologies described above. Please see the sections entitled “Explanation of Cookies and Other Technologies” and “Your Controls and Choices” for additional information regarding these tracking technologies and your choices.
4. Basis for Our Data Processing
BrightEdge processes Personal Information based on your consent and the necessity of such information for providing our Service. If you do not consent to the processing of your Personal Information, please do not use the Service or engage with the Site.
5. How We Use and Process the Information We Collect
We use and process your information in the following ways:
- To provide, maintain and improve the Site and our products and services, including to operate certain features and functionality of the Site (for example, by remembering your information so that you will not have to re-enter it on subsequent visits, or to verify your identity);
- To diagnose or fix technology problems;
- To control unauthorized use or abuse of the Site and our products and services, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal;
- To analyze trends, administer or optimize the Site, monitor usage or traffic patterns (including to track users’ movements around the Site) and gather demographic information about our user base as a whole;
- To enhance your experience as a user visiting the Site;
- To allow us to better service you in responding to your customer service needs;
- To communicate directly with you, including sending you newsletters, promotions and special offers or information about new products and services. Your opt-out options for promotional communications are described in “Your Controls and Choices” below; and
BrightEdge may share information, including Personal Information, in the following circumstances:
- With a third party if we have your consent to do so;
- With third parties (including our service providers and government entities) to detect, prevent, or otherwise address fraud, security or technical issues; and
- As we continue to develop our business, we may also sell all or part of our business. In such transactions, Personal Information you have shared with us is generally one of the business assets that will be transferred.
We may also share aggregated information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information we collected through our technology. If we are required under applicable law to treat such information as Personal Information, then we will only disclose it as described above. Otherwise we may disclose aggregated, non-identifiable information for any reason.
7. International Data Transfer
We may from time to time transfer or disclose your Personal Information to recipients in other countries outside the United States and make it accessible to our parents, subsidiaries, affiliates and third party service providers internationally in the circumstances described in “Sharing Your Information with Third Parties” above. By using the Site or otherwise providing Personal Information to us, you are consenting to have your Personal Information transferred to and processed in the United States or any other country in which BrightEdge or its parents, subsidiaries, affiliates and service providers maintain facilities.
EU - U.S. Privacy Shield. BrightEdge participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. BrightEdge is committed to subjecting all personal information (i.e. Personal Data) received from EU member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. BrightEdge has certified it adheres to the Privacy Shield Privacy Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. By using the Service, you consent to having your personal data transferred to and processed in the United States.
Swiss - U.S. Privacy Shield. BrightEdge complies with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from Switzerland to the United States. BrightEdge has certified to the Department of Commerce it adheres to the Privacy Shield Principles. By using the Service, you consent to having your personal data transferred to and processed in the United States.
Transfer and Enforcement Mechanisms for EU - U.S. and Swiss – U.S. Privacy Shield. BrightEdge may be accountable for the processing of personal data it receives, under the Privacy Shield Framework, and may subsequently transfer data to a third party acting as an agent on its behalf in the circumstances described in “Sharing Your Information with Third Parties” above. If the agent processes personal data in a manner inconsistent with the Privacy Shield Principles, we are responsible if it does so and for the harm caused. BrightEdge complies with the Privacy Shield Principles for all onward transfers of personal data from the EU or Switzerland, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BrightEdge is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
In compliance with the Privacy Shield Principles, BrightEdge commits to resolve complaints about our processing of your personal data. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact BrightEdge as indicated in “Contact Information” below. When you contact us with a complaint, please include contact information and clearly describe your complaint. We will respond to your request or complaint within a reasonable time and will let you know next steps in resolving your complaint.
As part of our participation in the Privacy Shield Framework, BrightEdge will resolve your dispute regarding our privacy policies and practices through JAMS, an alternative dispute resolution provider located in the United States. If you still have privacy or data use concerns that we have not addressed satisfactorily, please contact JAMS (free of charge) directly at https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. If your complaint is not resolved through these channels, under certain circumstances a binding arbitration option may be available before a Privacy Shield Panel, as described in Annex I to the Privacy Shield Principles (please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction). Additionally, as part of the Privacy Shield Framework, the U.S. State Department Senior Coordinator serves as the Ombudsperson to facilitate the processing of requests relating to national security access to data transferred from the EU to the U.S. or Switzerland to the U.S.
Opt-Outs. We may provide you with the opportunity to “opt-out” of (a) disclosing your personal information to third parties, except to a third party that is acting as an agent to perform tasks on our behalf and under our instructions as described in “Sharing Your Information with Third Parties” above; (b) using your personal information for a purpose that is materially different from the purpose for which it was originally collected or that you authorized. If you decide to opt-out, we may not be able to provide certain features of the Site to you.
Communication Preferences. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in such communications or on the Site. Please note, however, that even if you opt-out of promotional communications, we may still send you certain service-related communications.
Blocking Cookies. You can remove or block certain cookies using the settings in your browser but the Site may cease to function properly if you do so.
Controlling Flash Cookies. To manage the Flash cookie settings and preferences for your computer, please click here and you will be directed to the Settings Manager on Adobe's website. You may also be able to manage Flash cookies from your browser, depending on the version of your browser.
Deleting Other Browser Information. Many Internet browsers allow you to disable HTML5 local storage or delete information contained in HTML5 local storage using browser controls.
9. Your Personal Information Rights
Pursuant to the Privacy Shield Principles, the EU GDPR, and other applicable privacy laws, you have the right to:
- Know what Personal Information BrightEdge has about you;
- Ensure your Personal Information is accurate and relevant for the purposes for which BrightEdge collected it;
- Make your Personal Information portable to another data controller;
- Withdraw your consent to BrightEdge processing your Personal Information; and
- Have your Personal Information erased.
If you would like to review, correct, receive a copy of, or erase the Personal Information we have about you or withdraw your processing consent, please send us your request using the “Contact Information” below. Unless a legal exemption applies, we will respond to all such requests within thirty (30) days. If we refuse your request, we will notify you of our reasons for the refusal to the extent required and how you may complain about the refusal.
We ask individual users to identify themselves and to specify the information requested to be accessed, corrected, or erased before processing such requests, and we may decline to process requests that are unreasonably repetitive and vexatious, require disproportionate technical effort (for instance, requests concerning information residing on backup tapes), jeopardize the privacy of others, or would be extremely impractical, or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. However, we will not charge you for the making of the request or to correct, update, or erase your Personal Information.
10. Data Retention, Storage, and Security
The security of your Personal Information is important to us. We use physical, electronic, and procedural safeguards to protect your Personal Information. We have implemented information security best practices throughout our organization, and we are ISO 27001 certified. When you enter confidential information (such as your password), we may encrypt that information using secure socket layer technology (SSL-encryption). To learn more about such technology, go to http://en.wikipedia.org/wiki/Secure_Sockets_Layer. However, no method of transmission over the Internet, method of electronic storage, or other data security methods are one hundred percent secure and we cannot guarantee the security of the information you provide.
If BrightEdge learns of a security breach that may affect your data, we will notify you electronically so that you can take appropriate protective steps. We may communicate with you electronically regarding security, privacy, and administrative issues related to your use of the Site. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. If you are a EU resident, you will receive, without undue delay, a Personal Information breach notification if such breach is likely to result in a high risk to the rights and freedoms of natural persons, or as otherwise required under EU GDPR. To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice) please email firstname.lastname@example.org.
11. Children’s Information
This Site is not intended for use by anyone under the age of 13 nor does BrightEdge knowingly collect or solicit Personal Information from anyone under the age of 13. In the event we confirm that we have collected Personal Information from someone under the age of 13, we will delete that information. If you believe we have any information from a child under 13, please contact us using the contact details in “Contact Information” below.
13. Explanation of Cookies and Other Technologies
This section provides more information about some of those technologies used on our Site and how they work.
Pixel Tags and Similar Technologies. Pixel tags, web beacons, and clear gifs can be embedded in web pages, videos, or emails and allow a web server to read certain types of information from your browser, check whether and when you have viewed a particular web page or email message, and determine, among other things, the IP address of your computer and the URL of the web page from which the pixel tag was viewed.
Flash Cookies. A “Flash Cookie” (also known as Local Shared Object) is a data file stored on a computer or device by the websites that you visit (click here for more details). From time to time, the Site may use Flash Cookie(s), for example, to enable or control Flash-based content. Flash Cookies provide similar functionality as the cookies discussed above but are based on different technology.
HTML5 Storage. HTML5 local storage is similar to the cookies discussed above in that it is stored on a computer or device and can be used to store certain information about your activities and preferences. However, these objects are stored in different parts of your computer or device from ordinary browser cookies.
15. Notice to California Residents: Your California Privacy Rights
Privacy & Data Protection Officer
BrightEdge Technologies, Inc.
989 East Hillsdale Boulevard, Suite 300
Foster City, California 94404 USA
Fax: (650) 763-3894
EU – GDPR Contacts.
BrightEdge Technologies Limited
Company Number 08858492
1st Floor, The Cursitor Building
38 Chancery Lane
London WC2A 1LF
Attention: EU Data Representative
EU residents may lodge a data complaint about BrightEdge with this Data Protection Authority:
Information Commissioner’s Office
Wilmslow, Cheshire SK9 5AF UK
Telephone: 0303 123 1113 or 01625 545 745
Fax: 01625 524 510
17. Change Log:
Sections 1, 2, 4, 7, 9, & 10. Modified or added language to comply with GDPR.
Section 16. Updated contact information to include contact information for BrightEdge’s UK office and GDPR required lead data protection authority.