Bright

Privacy Policy

Effective Date: December 10, 2025

This Privacy Policy explains how Bright Worldwide, LLC ("Bright", "we") collects, uses, and protects your information when you use the Bright service ("Service").

1. Summary

Bright helps you understand how you spend your time and who you spend it with. To provide insights, we read certain Google Calendar and Google Contacts data and store limited metadata. We aim to keep this policy clear and simple.

2. Data We Collect

Data You Connect via Google OAuth

When you sign in with Google, we request permission to read:

  • Calendar event metadata (titles, attendees, timestamps)
  • Contact data (names, email addresses, phone numbers)

Bright is read-only. We never write to or modify your Google data.

We do not access:

  • Your Google password
  • Email contents
  • Files, documents, or photos

Data Bright Stores

To operate the Service, we store:

  • Event metadata
  • Contact fields (name, email, phone)
  • Your Bright account profile
  • Email logs for notifications
  • Basic analytics data (page views, device type, etc.)

Data We Do Not Collect

  • Email contents
  • Calendar attachments or meeting bodies
  • Location data
  • Sensitive personal data categories

3. How We Use Your Data

We use your data to:

  • Provide insights about your time and relationships
  • Send daily summaries or reminders
  • Maintain and improve the Service
  • Ensure security and fix bugs

We do not sell your personal data or share it for advertising purposes.

4. Third-Party Service Providers

We use trusted providers to operate Bright:

Purpose Provider
Hosting & infrastructure Heroku
Email delivery Mailgun
Analytics Google Analytics
Error tracking Rollbar

5. Security

We use industry-standard measures to protect your data, including HTTPS, OAuth authentication, encryption in transit, and limited employee access. No system is perfectly secure, but we work hard to safeguard your information.

6. Data Retention

We retain your data only as long as needed to provide the Service. If you delete your account, we will remove your stored data within 30 days, except where retention is legally required.

7. Your Rights

You may:

  • Request a copy of your data
  • Request deletion of your data
  • Revoke Google OAuth access at any time
  • Unsubscribe from non-essential emails

For any requests, contact us at [email].

8. Children’s Privacy

Bright is not intended for individuals under 18. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this Privacy Policy over time. If changes are significant, we will notify you via email or inside the app.

10. Contact

If you have questions, contact us at privacy@bright.io.

Terms & Conditions Privacy Policy