Privacy Policy

BrightDove AI Solutions (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard information when you use our website, platform, and AI services. It is designed to comply with the EU General Data Protection Regulation (GDPR).

1. Data We Collect

• Account Information: name, email address, company details, password (hashed), and billing details.
• Usage Data: IP address, device/browser data, time zone, pages viewed, product interactions, referral sources, and error logs.
• Content/Data You Provide: prompts, messages, files, knowledge-base content, and configuration you upload to our AI tools.
• Payment Data: handled by our payment processor (e.g., Stripe). We do not store full card details.
• Cookies & Similar Tech: session cookies, analytics, and preference cookies (see Cookie Policy).

2. How We Use Your Data

• To provide, operate, and improve our services and features.
• To authenticate users, secure the platform, and prevent misuse or fraud.
• To process payments, subscriptions, and invoicing.
• To provide customer support and communicate important service updates.
• To conduct analytics and develop new features.
• To comply with legal obligations and enforce our Terms.

3. Legal Bases for Processing (GDPR)

• Contractual necessity (Art. 6(1)(b)) to deliver the services you request.
• Legitimate interests (Art. 6(1)(f)) for security, improvement, and communications related to service use.
• Consent (Art. 6(1)(a)) for optional cookies/marketing where required.
• Legal obligation (Art. 6(1)(c)) for record-keeping and compliance.

4. Sharing of Data

We do not sell or rent personal data. We may share limited data with:

• Service providers (e.g., hosting, analytics, email, payments) under data processing agreements.
• Professional advisers (legal, accounting) under confidentiality.
• Authorities where required by law.
• Business transfers (e.g., merger, acquisition) subject to appropriate safeguards.

5. International Data Transfers

Your data may be processed outside the EEA. Where applicable, we use appropriate safeguards (such as the EU Standard Contractual Clauses) to protect personal data during transfers.

6. Security

We implement technical and organizational measures appropriate to the risk, including encryption in transit, access controls, least-privilege principles, logging, and regular reviews. No method of transmission or storage is 100% secure.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Policy, to resolve disputes, enforce agreements, and as required by law (e.g., tax records). You may request deletion (see “Your Rights”).

8. Your Rights (GDPR)

You have the right to:

• Access your personal data and obtain a copy.
• Rectify inaccurate or incomplete data.
• Erase your data (“right to be forgotten”) where applicable.
• Restrict or object to processing in certain circumstances.
• Data portability to another provider where technically feasible.
• Withdraw consent for processing based on consent.

To exercise these rights, contact us at support@brightdove.co.uk. We may need to verify your identity and will respond within the timeframes required by law.

9. Cookies

We use cookies and similar technologies for essential functionality, preferences, and analytics. For details and choices, please see our Cookie Policy and cookie consent banner.

10. Children’s Privacy

Our services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us to request deletion.

11. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices. We encourage you to review their policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify you via email or an in-app notice. The “Effective date” above reflects the latest version.

13. Contact Us

14. Data Processing Agreement (DPA)

If we process personal data on your behalf (as a processor), our Data Processing Agreement forms part of our contract and describes security measures, subprocessors, and data subject assistance.