Privacy Policy

Learn how we collect, use, and protect your information.

Last updated: 16 Jan, 2025

1. Introduction

At Brightly Mentor, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services (collectively, the "Platform").

Please read this Privacy Policy carefully. By accessing or using our Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Platform.

2. Information We Collect

We collect several types of information from and about users of our Platform:

2.1 Personal Data

Personal data refers to any information that identifies you as an individual. We may collect the following personal data:

  • Contact Information: Name, email address, postal address, phone number
  • Account Information: Username, password, account preferences
  • Profile Information: Educational background, professional experience, profile picture
  • Payment Information: Credit card details, billing address (note: payment information is processed by secure third-party payment processors)
  • Identity Verification Information: In some cases, we may need to verify your identity through government-issued identification

2.2 Usage Data

We automatically collect certain information about how you interact with our Platform:

  • Learning Activity: Courses accessed, progress, completion status, quiz results, assignments submitted
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device information
  • Usage Patterns: Time spent on Platform, features used, content viewed, clickstream data, page response times

2.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect and track information about your browsing activities on our Platform. For more information about our use of cookies, please see our Cookie Policy.

3. How We Collect Information

We collect information through various methods:

  • Direct Interactions: Information you provide when you register an account, purchase a course, complete a form, participate in discussions, or contact us
  • Automated Technologies: As you navigate through our Platform, we automatically collect usage data through cookies, web beacons, and other tracking technologies
  • Third Parties: We may receive information about you from third parties, such as business partners, social media platforms, and identity verification services

4. How We Use Your Information

We use the information we collect for various purposes, including:

Purpose Types of Data Legal Basis (EU/EEA)
To provide and maintain our Platform Personal Data, Usage Data Performance of a contract
To process and manage your payments, subscriptions, and refunds Personal Data, Payment Information Performance of a contract
To personalize your experience and deliver relevant content Personal Data, Usage Data Legitimate interests
To communicate with you about updates, support, and administrative messages Personal Data Performance of a contract
To send marketing communications (with your consent) Personal Data Consent
To improve our Platform and develop new features Usage Data Legitimate interests
To detect, prevent, and address technical issues, fraud, and security breaches Personal Data, Usage Data Legitimate interests, legal obligation

5. How We Share Your Information

We may share your information with the following categories of recipients:

  • Service Providers: Third-party companies that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting, customer service, and marketing assistance
  • Business Partners: Educational institutions, content creators, and other partners with whom we collaborate to offer certain courses or features
  • Legal Requirements: When required by law or in response to valid requests by public authorities
  • Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets
  • With Your Consent: In other cases where we have your explicit consent

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

6. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and whether we can achieve those purposes through other means.

In some circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

7. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, damage, or destruction. These measures include:

  • Encryption of sensitive data
  • Regular security assessments and penetration testing
  • Access controls and authentication procedures
  • Regular backups and disaster recovery planning
  • Staff training on data protection and security practices

While we take reasonable steps to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

8. International Data Transfers

We are based in Finland and process data primarily within the European Economic Area (EEA). However, some of our service providers may be located outside the EEA. When we transfer personal data outside the EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:

  • Transferring data to countries recognized by the European Commission as providing an adequate level of protection
  • Using specific contracts approved by the European Commission (Standard Contractual Clauses)
  • For transfers to the US, working with providers certified under the EU-US Privacy Shield (where applicable)

9. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal data:

For Residents of the European Economic Area, UK, and Similar Jurisdictions:

  • Right to Access: You can request a copy of your personal data
  • Right to Rectification: You can request correction of inaccurate or incomplete data
  • Right to Erasure: You can request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: You can request restriction of processing in certain circumstances
  • Right to Data Portability: You can request a copy of your data in a structured, commonly used, machine-readable format
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing
  • Rights Related to Automated Decision-making: You can request human intervention for decisions based solely on automated processing

For California Residents:

Under the California Consumer Privacy Act (CCPA), you have rights regarding your personal information, including:

  • The right to know what personal information we collect, use, disclose, and sell
  • The right to request deletion of personal information
  • The right to opt-out of the sale of personal information
  • The right to non-discrimination for exercising your rights

To exercise any of these rights, please contact us at [email protected]. We may need to verify your identity before responding to your request.

10. Children's Privacy

Our Platform is not directed to children under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us, and we will take steps to delete such information from our systems.

11. Third-Party Links and Services

Our Platform may contain links to third-party websites, applications, or services that are not operated or controlled by us. This Privacy Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services you access through our Platform.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]