Privacy Policy

Our commitment goes beyond compliance. We design our systems with privacy in mind from the start, collecting only what's necessary to provide you with excellent learning experiences. As an educational platform, we recognize the special responsibility that comes with handling student data and take that obligation seriously.

Data We Collect About You

When you interact with Brightcore, we gather different types of information depending on how you use our platform. Some of this you provide directly when creating an account or enrolling in courses, while other data is collected automatically as you navigate through lessons and activities. Understanding what we collect helps you make informed decisions about using our services.

The information we collect falls into several categories, each serving specific purposes in delivering and improving your educational experience:

• Account and Profile Information includes your name, email address, username, password, date of birth, and profile photo if you choose to upload one. We need this basic information to create and maintain your account, verify your identity, and personalize your learning dashboard.
• Educational Data and Course Activity encompasses everything related to your learning journey — courses you enroll in, lessons you complete, quiz scores, assignment submissions, discussion forum posts, notes you take, and progress through learning paths. This data is essential for tracking your advancement and issuing certificates.
• Payment and Billing Information is collected when you purchase courses or subscriptions. This includes credit card details, billing address, transaction history, and payment method preferences, though sensitive financial data is handled directly by our payment processors rather than stored on our servers.
• Device and Technical Information is automatically gathered when you access Brightcore, including your IP address, browser type and version, operating system, device identifiers, screen resolution, and referring website. We also collect data about how you interact with our platform — pages visited, links clicked, time spent on different sections, and features you use most frequently.
• Communications and Support Data includes any messages you send us through contact forms, support tickets, email correspondence, chat interactions with our team, and feedback you provide through surveys. We keep these records to resolve your issues effectively and improve our service quality.
• Social Media and Third-Party Account Information may be collected if you choose to sign up or log in using services like Google or Facebook. This typically includes your public profile information, email address, and any other data you authorize those platforms to share with us.

How We Use Your Personal Data

Every piece of information we collect serves a purpose in making Brightcore work better for you. We don't gather data just to have it — each category supports specific functions that directly benefit your learning experience or help us run the platform effectively. Let me walk you through how we actually use this information in practice.

First and foremost, we use your data to deliver the core educational services you signed up for. This means giving you access to course materials, tracking your progress through lessons, grading your assignments, generating completion certificates, and syncing your learning across devices. Your account information lets you log in securely, while your course activity data ensures you can pick up right where you left off.

We also analyze usage patterns to make the platform better. By looking at how students interact with different course formats, which lessons cause confusion, and where people get stuck, we can redesign content for clarity and effectiveness. This isn't about watching individuals — it's about spotting trends across thousands of users that reveal opportunities for improvement. Sometimes what we learn surprises us and leads to features we hadn't even considered.

Personalization is another key use of your data. We want to recommend courses that match your interests and skill level, suggest learning paths based on your goals, and adjust content difficulty to your pace. Your browsing history and course completions help us understand what topics engage you most. Think of it like a study advisor who gets to know your learning style over time.

Communication is essential for any educational platform. We use your contact information to send important updates about courses you're enrolled in, notify you of new content from instructors you follow, respond to your support requests, and share platform improvements that might interest you. You control which of these messages you receive through your notification preferences.

Security and fraud prevention require us to monitor certain activities. We track login attempts, payment transactions, and account changes to detect suspicious behavior and protect both you and other users. If something looks unusual — like login attempts from multiple countries within minutes — we can flag it and verify it's actually you.

Legal compliance means we occasionally need to use your data to meet regulatory requirements, respond to valid legal requests, enforce our terms of service, or protect rights and safety. We keep these uses to the minimum required by law.

Third-Party Data Collection

Running a modern educational platform means working with specialized service providers who help us deliver features we couldn't build alone. These partners inevitably collect some information about you, though we're careful about who we work with and what access they have. Being upfront about these relationships is important because they affect your privacy too.

Our payment processors handle all financial transactions when you purchase courses. They collect your payment card details, billing address, and transaction information directly — this data never passes through our servers, which is actually safer for you. These companies are bound by strict financial regulations and use bank-level encryption.

Analytics providers help us understand how people use Brightcore. They collect technical data like page views, click patterns, session duration, and navigation flows. This aggregated information shows us which features are popular, where users struggle, and how to make the interface more intuitive. We configure these tools to respect your privacy settings wherever possible.

Video hosting services store and stream course lectures and tutorials. When you watch educational content, these providers collect data about playback quality, buffering events, and viewing completion — technical metrics that help us deliver smooth video experiences. They may also collect device and browser information to optimize streaming.

Email service providers manage our communication infrastructure. When we send you course notifications, newsletters, or account updates, these companies process your email address and track basic metrics like delivery success and open rates. This helps us know our messages are getting through and which content resonates with students.

Cloud infrastructure providers host our servers and databases. While they technically have access to the data we store, they're contractually prohibited from using it and face severe penalties for breaches. We choose providers with strong security track records and compliance certifications.

Customer support tools allow our team to help you efficiently. When you contact support, these platforms may collect conversation history, attachments you share, and basic account details visible to our agents. This context helps us resolve your issues faster without asking you to repeat information.

Cookie Technologies

Cookies are small text files that websites store on your device to remember information between visits. We use several types of cookies, each with different purposes and lifespans. Some are essential for the platform to function, while others enhance your experience or help us improve our services.

Essential cookies keep you logged in as you move between pages, remember items in your shopping cart, and maintain your language and accessibility preferences. Without these, basic features wouldn't work — you'd have to log in repeatedly or lose your course progress. These cookies don't track you across other websites.

Functional cookies remember your choices to make subsequent visits smoother. They store things like your preferred video playback speed, whether you've dismissed certain notifications, and your customized dashboard layout. These improve convenience but aren't strictly necessary — the platform works without them, just less conveniently.

Analytics cookies help us understand usage patterns by collecting data about which pages you visit, how long you spend on different sections, and where you click. This information is typically aggregated so we're looking at trends across all users rather than individual behavior. You can disable these through your browser settings, though it means we have less insight into what's working well.

Most browsers let you control cookie settings. You can block all cookies, accept only first-party cookies, or get notified whenever a site wants to set a cookie. Keep in mind that blocking essential cookies will break core functionality, making it difficult or impossible to use the platform properly. We respect your browser's "Do Not Track" signals where technically feasible.

Security of Your Information

Protecting your data is something we think about constantly, not just when writing policies. We've built multiple layers of security into our systems because no single measure is perfect — defense in depth means even if one barrier fails, others remain. That said, absolute security doesn't exist online, and we believe in being honest about both our protections and limitations.

Encryption is our first line of defense. All data transmitted between your device and our servers travels through encrypted connections using current TLS protocols. Sensitive information like passwords is hashed using strong one-way algorithms, meaning even our own staff can't read them. Payment details are tokenized so actual card numbers never touch our infrastructure.

Access controls ensure only authorized personnel can view user data, and even then, only the specific information needed for their role. Our engineers can't casually browse student records — systems log every access attempt and flag unusual patterns. We regularly review these permissions and revoke access immediately when team members change roles or leave the company.

Our infrastructure sits behind firewalls and intrusion detection systems that monitor for attack patterns. We scan for vulnerabilities regularly, patch systems promptly, and conduct periodic security audits with outside experts. Automated backups run continuously so we can restore data quickly if something goes wrong, and these backups are encrypted and stored separately from production systems.

Employee training matters because humans are often the weakest link. Our team learns to recognize phishing attempts, handle data responsibly, and report security concerns immediately. We enforce strong password policies, require two-factor authentication for system access, and limit what data can be downloaded or shared.

Despite all precautions, breaches can still happen — that's the uncomfortable reality of operating online. If we ever detect unauthorized access to user data, we'll notify affected individuals promptly and work with authorities as appropriate. We maintain an incident response plan and practice executing it so we're not improvising during a crisis.

You play a role in security too. Choose a strong, unique password for your Brightcore account. Enable two-factor authentication if we offer it. Don't share your login credentials or leave your account logged in on shared devices. Be skeptical of emails claiming to be from us — we'll never ask you to send passwords or payment information via email.

Your Rights and Choices

Your personal information belongs to you, and you have meaningful control over how we use it. We've built tools directly into the platform that let you manage your data without needing to contact support or wait for responses. Understanding these rights helps you take charge of your privacy.

You can access and download most of your data anytime through your account settings. This includes your profile information, course history, certificates earned, and forum contributions. If you need something we haven't made self-service yet, just ask and we'll provide it in a readable format within a reasonable timeframe.

Correcting inaccurate information is straightforward — edit your profile directly to update your name, email, or other details. If you spot errors in course records or other data you can't change yourself, reach out to support and we'll investigate. Keeping information accurate benefits everyone since it ensures certificates and transcripts are correct.

Deleting your account removes your profile and personal information from active systems, though some data may persist in backups or where required for legal purposes. Course activity data might be retained in aggregated form for analytics, stripped of identifying details. Deletion is permanent — you'll lose access to purchased courses, certificates, and learning history.

Managing communications gives you granular control over what messages you receive. You can unsubscribe from marketing emails while still getting important course updates, or adjust notification frequency for different activity types. We respect these preferences across all our communication channels.

If you believe we're processing your data inappropriately, you have the right to object or request restrictions. We'll evaluate these requests carefully and honor them unless we have compelling legitimate grounds to continue. You can also lodge complaints with data protection authorities in your jurisdiction if you're not satisfied with our response.

Data Protection Compliance

We design our privacy practices to meet or exceed requirements of major data protection frameworks around the world. While specific regulations vary by region, the principles underlying them are universal — transparency, purpose limitation, data minimization, and accountability. We apply these principles globally rather than maintaining different standards for different users.

When handling data from regions with strict privacy laws, we ensure appropriate safeguards are in place. This includes using standard contractual clauses with service providers, conducting data protection impact assessments for new features, and appointing personnel responsible for privacy oversight. We document our processing activities and maintain records that demonstrate compliance.

For users in certain jurisdictions, you may have additional rights beyond those described elsewhere in this policy. These might include the right to data portability, the right to restrict automated decision-making, or enhanced protections for sensitive information. We honor these rights where they apply, even if doing so requires extra effort on our part.

Links to Third-Party Websites

Throughout our platform, you'll occasionally encounter links to external websites — maybe an instructor sharing supplemental resources, or course materials referencing outside articles and tools. Once you click these links, you're leaving Brightcore and entering sites we don't control or monitor.

These third-party sites have their own privacy policies that may differ significantly from ours. They might collect different data, use tracking technologies we don't use, or have weaker security practices. We can't be responsible for their content, practices, or how they handle your information. Before sharing personal details on any external site, we encourage you to review their privacy policy and terms.

Privacy Policy Updates

We'll occasionally update this policy as our platform evolves, laws change, or we find better ways to explain our practices. Minor clarifications and wording improvements happen quietly, but if we make material changes that affect how we collect, use, or share your data, we'll notify you prominently — typically through email and a banner on the platform.

When significant updates occur, we'll give you time to review the changes before they take effect. Continuing to use Brightcore after the new policy goes live means you accept the updated terms. If you disagree with changes, you can close your account before they become effective, though we'd obviously prefer to address your concerns instead. We recommend checking back periodically even without notifications, as it's ultimately your responsibility to stay informed about our current practices.