This policy does not apply to any website, product or service of any third-party company even if the website or application links to (or from) the Service. Bright Hat does not operate those websites, products, or services – please always review the privacy practices of a company before deciding whether to provide any information to them.
Information We Collect
In general, we collect information in a number of ways, including (i) when a client or end-user provides it directly to us via the Website and/or Service, (ii) when we obtain end-user information through trusted third parties including financial institutions, (iii) through your continued access of the Service, including data passively collected through technology such as “cookies”. The types of information we collect and our use of that information will depend on whether you are a Website Visitor, Client, or End-User.
Cookies and IP Addresses
We automatically receive and record information from your web browser when you interact with the Service, including your IP address and cookie information. This information is used for fighting spam/malware and also to facilitate collection of data concerning your interaction with the Service (e.g., what links you have clicked on). Generally, the Service automatically collect usage information, such as the number and frequency of visitors to the Site. We may use this data in aggregate form, that is, as a statistical measure, but not in a manner that would identify you personally. This type of aggregate data enables us and third parties authorized by us to figure out how often individuals use parts of the Service so that we can analyze and improve them. We may also receive a confirmation when you open an email from us. We use this confirmation to improve our customer service.
To simply browse our Website, you are not required to provide any Personal Information. However, we may gather non-personally-identifiable information, as described directly above, just for the purposes of monitoring and improving our Website and the Service. We will not share this information with third parties except as a necessary part of providing our Website and the Service, nor will we use it to target any advertisements to you. Of course, if you sign up with or use any of our services, more information is shared.
When you use Bright Hat’s services as a client, whether paid or unpaid, we will gather and store your name, company name, email address, phone number, billing address, and any other relevant information that you provide directly to us. Any and all test and/or live users that sign up as an end-user of your services fall under the end-user category. If you sign up for a paid account, we will also store the relevant data required to complete your transaction, including but not limited to your financial information, bank account numbers, routing numbers, billing address and company name. We may also rely on a third-party payment processor to complete transactions, and all data shared with them falls under their own privacy policies. Further, we will collect and associate all relevant end-user data with your client account, including but limited to end-user names, email addresses, billing addresses and financial information. We may additionally collect information on the IP addresses, devices, and locations used to access Bright Hat, which may be linked to your account for fraud detection and prevention purposes. Finally, we may collect additional data for identity verification on an as-needed based determined at our own sole discretion.
As an end-user of any application that utilizes the Service, whether via a client or other third-party, directly via use of our API or other services, or through an application built by us directly, you are agreeing to share financial information with us including, but not limited to, your account credentials, transactional histories, account numbers, and balances/limits as well as general identity data including names and addresses of all account holders. You are enabling us to interact with and through your financial institutions on your behalf and with your consent. We may also retrieve information pertaining to usage of our client applications and other general activity that comes through use of the Service.
We collect statistical information about how both unregistered and registered users, collectively, use the Service (“Aggregate Information”). Some of this information is derived from Personal Information. This statistical information is not Personal Information and cannot be tied back to you, your Account or your web browser.
How We Use Personal Information
Bright Hat uses your Personal Information as follows:
- To operate and maintain the Service (such as, overall operating and maintenance, providing customer service, fixing malfunctions, testing our security systems, etc.).
- To provide you with the features, functions and benefits of the Service (such as, displaying to information regarding your financial accounts).
- To enhance, improve, add to and further develop the Service (such as, creating new features or functions, refining or personalizing the user experience, increasing Service technical performance, etc.).
- We will use your contact information (such as, your email address or phone number) to provide you with Service notifications.
- To help personalize the Service experience for you (such as, remembering your information so you will not have to enter it each time you use the Service or providing you with offers, advertisements or features you may like).
- And for the other purposes referenced in the “Sharing and Disclosure” section below (such as, for the purposes of legal compliance).
Sharing and Disclosure
Bright Hat does not sell or rent any personal information to marketers or third parties that have not been explicitly authorized (e.g., in the case of a client).
We may share your Personal Information with trusted third parties who are integral to the operation of our Website and the Service, including but not limited to financial institutions, payment processors, verification services and credit bureaus, as well as any third parties that you have directly authorized to receive your Personal Information. We may store your Personal Information in locations outside the direct control of Bright Hat, for instance, on servers or databases co-located with hosting providers.
We will only disclose your Personal Information in response to such a request if we believe in good faith that doing so is necessary to comply with applicable law or a legal obligation to which we are bound. If we receive such a request, we will use reasonable efforts to give you prompt notice, so that you may contest it if you choose. We will not provide you such notice if we determine in good faith that either (a) we are not permitted to provide it under applicable law, or (b) that doing so would result in an imminent risk of death, serious physical injury or significant property loss or damage to Bright Hat or a third party. In addition, in the event of a merger, acquisition, reorganization, bankruptcy, or other similar events, certain information in our possession may be transferred to our successor or assign.
We may occasionally email you with information about offers or new services. You can opt out of these email communications by replying with unsubscribe in the subject line, or via an unsubscribe link included in such communications. However, you will continue to receive certain email communications related to your account including information regarding transactions and your relationship with Bright Hat.
Protection Of Information
Although no data storage or transmission can be 100% secure, we take significant steps to protect user and account information to ensure that it is kept private. Bright Hat maintains strict administrative, technical, and physical procedures to protect information stored in our servers, which are located in the United States. Access to information is limited (though user and password credentials and software systems) to those employees who require it to perform their job functions. We use industry-standard Secure Socket Layer encryption to safeguard the account registration and sign-up information, along with the end-user sign-up process. Other safeguards include, but are not limited to data encryption, firewalls, and physical access controls to building and files.
Information From Children
We do not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not attempt to register for the Service or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please contact us at firstname.lastname@example.org.