Privacy Policy

BRIGHTPATH INNOVATIONS, LLC 

Privacy Policy

BrightPath Innovations (“BrightPath,” “we,” “us,” or “our”) respects our clients' privacy and is committed to protecting personal information with the seriousness expected in regulated industries, including banking, financial services, and enterprise technology. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you interact with our website, services, communications, demonstrations, and related offerings.
This Privacy Policy is intentionally conservative and risk-aware. If you have questions, contact us using the information in Section 19.

1. Scope
This Privacy Policy applies to:

• Our websites, landing pages, and portals that link to this Privacy Policy (the “Site”);

• Communications with us, including email, phone, web forms, and messaging;

• Sales discussions, demonstrations, evaluations, proof-of-concepts, and pilot programs where this Privacy Policy is referenced;

• Marketing, informational, and educational materials distributed by BrightPath.

This Privacy Policy does not apply to third-party websites, products, or services, even if they are linked to or integrated with the Site.

2. Definitions

• “Personal Information”: Information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an individual or household.

• “Sensitive Personal Information”: Categories defined by applicable law (e.g., precise geolocation, government identifiers, health data).

• “Processing”: Any operation performed on Personal Information, including collection, use, storage, disclosure, or deletion.

• “Controller” / “Business”: BrightPath’s role in determining the purposes and means of Processing, where applicable.

​

3. Information We Collect

A. Information You Voluntarily Provide

You may provide:

• Identifiers (name, email address, phone number);

• Professional details (company, job title);

• Content of inquiries, messages, or requests;

• Information voluntarily shared during demos, evaluations, or support interactions.

You may browse the Site without providing Personal Information; however, certain features may require it.

B. Information Collected Automatically

When you access the Site, we may collect:

• IP address and approximate location (city/state level);

• Browser type, operating system, device identifiers;

• Log data (timestamps, pages viewed, referring URLs);

• Performance and diagnostic data;

• Security and fraud-prevention signals.

​C. Cookies and Similar Technologies

We may use cookies and similar technologies for:

• Essential site functionality;

• Security and abuse prevention;

• Aggregate analytics and performance monitoring.

We do not engage in cross-site behavioral advertising as a business practice.
You can control cookies via browser settings, though disabling cookies may impact functionality.

D. Sensitive Personal Information

BrightPath does not intentionally collect Sensitive Personal Information through the Site unless:

• You explicitly provide it; and

• It is necessary for a legitimate and lawful purpose.

Please do not submit sensitive information unless specifically requested.

4. How We Use Information

We process Personal Information to:

• Respond to inquiries and requests;

• Operate, secure, and maintain the Site;

• Provide demonstrations and business communications;

• Monitor and improve performance and reliability;

• Detect, prevent, and investigate fraud or misuse;

• Comply with legal and regulatory obligations;

• Enforce agreements and policies.

We do not sell, rent, or commercially monetize Personal Information.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where applicable, we process Personal Information based on:

• Consent (where explicitly provided);

• Contractual necessity or pre-contractual steps;

• Legitimate interests, including security, fraud prevention, and business communications, balanced against individual rights;

• Legal obligations.

​

6. Automated Decision-Making

BrightPath does not use Personal Information collected via the Site to make decisions that produce legal or similarly significant effects solely through automated processing, within the meaning of GDPR Article 22.
Where AI-assisted tools are used, they are designed to support human judgment, not replace it.

7. Data Minimization & Confidentiality

BrightPath applies:

• Data-minimization principles;

• Role-based access controls;

• Internal confidentiality obligations;

• Vendor confidentiality and security requirements.

Client and confidential information is not used to train public AI models.

8. Disclosure of Information

A. Service Providers

We may share information with vetted service providers who perform services on our behalf (e.g., hosting, analytics, communications). These providers are contractually restricted from using information for any other purpose.

B. Legal, Regulatory, and Safety Disclosures

We may disclose information when we believe disclosure is reasonably necessary to:

• Comply with applicable law, regulation, or legal process;

• Protect the rights, safety, or property of BrightPath or others;

• Prevent or investigate fraud, abuse, or security incidents;

• Enforce agreements and policies.

​C. Corporate Transactions

Information may be disclosed in connection with a merger, acquisition, financing, restructuring, or sale of assets, subject to appropriate confidentiality protections.

9. International Data Transfers

If Personal Information is transferred internationally, BrightPath uses reasonable safeguards designed to ensure appropriate protection, which may include contractual protections and vendor assessments.

10. Data Retention

Personal Information is retained only as long as reasonably necessary for:

• Business operations and communications;

• Security and fraud prevention;

• Legal, regulatory, or contractual obligations;

• Dispute resolution and enforcement.

When no longer required, information is deleted, anonymized, or aggregated.

11. Security Measures

BrightPath implements reasonable administrative, technical, and organizational safeguards.
However, no system is completely secure, and we cannot guarantee absolute security.

12. Do Not Track Signals

Some browsers transmit “Do Not Track” signals.
Because there is no uniform industry standard, BrightPath does not currently respond to such signals.

13. Your Choices

You may:

• Control cookies via browser settings;

• Opt out of non-essential communications;

• Request access, correction, or deletion where legally required.

​

14. California Privacy Rights (CCPA / CPRA)

California residents may have rights to:

• Know, access, correct, or delete Personal Information;

• Opt out of the sale or sharing of Personal Information (BrightPath does not sell or share Personal Information as defined by law);

• Limit the use of Sensitive Personal Information (where applicable);

• Non-discrimination for exercising rights.

Requests are subject to identity verification and lawful exceptions.

15. Additional U.S. State Privacy Rights

Residents of certain U.S. states (including Virginia, Colorado, Connecticut, and Utah) may have similar rights under applicable laws. BrightPath honors such rights as required by law.

16. EEA / UK Rights

Individuals in the EEA or UK may exercise rights to access, correction, deletion, restriction, objection, portability, and withdrawal of consent, subject to applicable law.

17. Children’s Privacy

The Site is not directed to children under 13. We do not knowingly collect Personal Information from children under 13.

18. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates will be reflected by the “Last Updated” date above. Continued use of the Site constitutes acceptance of the revised policy.

19. Contact Us

For privacy questions or rights requests:
BrightPath Innovations
Email: info@brightpathinnovationsai.com
Website: www.brightpathinnovationsai.com
January 2026

​

​