Version 3.1 Updated 31st May, 2022
In this section we outline the different types of personal data that we process and the purpose for doing so:
We need to share your details with a limited number of other organisations in order to effectively provide our applications and services to you. When we share your information, we only do so in accordance with our legal data protection and privacy obligations.
Your information may be disclosed to other people and organisations who help us provide our services to you, including:
The terms and privacy policies of these service providers may apply to you as well, depending on your usage of their services.
Any social media posts/comments or public reviews that you submit for either Asset Bank or Dash through third-party sites (e.g. via Facebook or Capterra) will be shared under the terms of the relevant platform and may be used in our marketing, if the third-party site allows. We do not control these platforms and we are not responsible for this kind of sharing. You are responsible for ensuring that any comments you make comply with any relevant policy on acceptable use of those services.
Our websites include hyperlinks to, and details of, third party websites. We have no control over, and are not responsible for the privacy policies and practises of third parties.
We’re based in the UK and use suppliers from many parts of the world to provide our applications and services to you. To allow us to run our business on this basis, the information we collect may on occasion be transferred to, stored and used at premises in other countries including the United States of America. We are committed to data protection and ensuring the security of your data, regardless of its location around the world. Where required by applicable data protection law, our supplier contracts include the European Commission-approved Standard Contractual Clauses in order to safeguard data that is transferred outside of the UK and EEA.
We do not knowingly collect any personal information from children under the age of 16 and would delete any such data upon becoming aware of it.
We take the security of your information very seriously. We use appropriate procedures and technical security measures (including encryption, anonymisation and archiving techniques) to safeguard your information. We use secure means to communicate with you where appropriate, such as https and other security and encryption protocols. Read more about our Security Policy. Our customers data is stored and managed by Amazon Web Services who provide details of their security policies and procedures here.
We only hold on to your information for as long as we need it for the purposes we acquired it for. In most cases, this means we will keep your information for as long as the organisation you represent continues to be our customer or use our services, and for a period following the end of that relationship. When you cease to be a customer or end your interactions with us, we will securely archive your data for reference purposes. Our standard data retention periods are as follows:
analytics data - up to 36 months following collection;
customer relationship data - a minimum of 6 years following the end of the end of the relevant customer relationship; thereafter, we will periodically review the retention of this data, and this data will be deleted if we determine that retention is no longer necessary or useful for the purposes of facilitating the provision or support of our applications or services, or for the purposes of our communications with customers or prospective customers;
enquiry data - a minimum of 6 years following the date of collection; thereafter, we will periodically review the retention of this data, and this data will be deleted if we determine that retention is no longer necessary or useful for the purposes of our communications with customers or prospective customers;
marketing data - 6 to 12 months following the last relevant marketing communication that we send to you (providing that, unless you instruct us otherwise, we will retain opt-out information indefinitely);
jobseeker data - with 6 months following the completion of the application process, unless: (i) if you consent to us retaining your information as part of our Total Talent programme, we will retain the jobseeker data for so long as that consent is valid; and (ii) if you become an employee, the jobseeker data will be retained in accordance with our employee privacy policies.
We provide ways for you to stop all marketing email communications you receive from us, by including the ‘unsubscribe’ link in each email we send to you. We need to send certain communications to our users and customers which are deemed necessary and cannot be opted out of, such as service and administrative emails. Please contact us at info@builtbybright.com.
Please notify us with any changes to your contact details, to ensure our records stay up to date.
You have the right to ask us what information we hold about you, to request a copy of that data, that your data be updated, corrected or deleted entirely. Any such request should be in writing and include reasonable details about the information you want to know.
We review the ways we use your information regularly and so may, from time to time, change this privacy policy to reflect our changing activities.
Whenever we make changes to this policy we will post an update on our websites and if appropriate, at our discretion, email you directly. Following updates, please check to see if you’re still happy with our latest policy.
CCTV is in operation at Bright’s offices. All CCTV footage is captured purely for your security and for the prevention and detection of crime. If you’d like to know more, please see our signage, or contact us using the details provided below.
We use cookies and other tracking tools to improve your experience of our websites, applications and services, and to improve the quality of our service delivery. Details of how we use cookies can be found in our the two cookie policies we maintain for our marketing sites - Bright and Dash.
Our full legal name is Bright Interactive Limited. We’re a public limited company incorporated in England and Wales. Our registered company number is 03865036 and our registered address is Ninth Floor, Tower Point, 44 North Road, Brighton, BN1 1YR.
We are registered with the Information Commissioner’s Office in the UK. Our registration number is ZA293316.
We process the personal data of individuals in the European Union (EU) and European Economic Area (EEA), in either the role of ‘data controller’ or ‘data processor’ and we have appointed DataRep as our Data Protection Representative for the purposes of GDPR.
If you are based in the EU or EEA and you’d like to exercise your rights under the GDPR you can choose to contact us via Data Rep and any of their 29 locations within the EU and EEA. Details of how to do this can be found on this information sheet.
Here is a link to our Representative contact summary 2021.
The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly. You can access them here.
Bright is the company behind Asset Bank and Dash. We are an established agile software company and Digital Asset Management (DAM) specialist. Established in 1999 and based in Brighton UK, we are proud to work with over 900 global clients including 20 FTSE 100.