1. Introduction

Welcome to BrightLog. We respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information when you use our Service.

2. Data We Collect

We collect and process the following types of data:

Account Data: Name, email address, and profile information (provided directly or via Google Sign-In)
Work Entry Data: Volunteer hours, work history, employer/organization names, dates, and descriptions you submit
Signature Data: Digital signatures for verification purposes
Payment Data: Stripe customer ID and subscription status (Stripe securely handles actual payment card information)
Affiliate Data: Referral codes, earnings, and payout information for affiliate program participants
Usage Data: How you interact with our Service, pages visited, features used

3. How We Use Your Data

We use your data to:

Provide and maintain the Service
Process payments and manage subscriptions
Generate reports and documentation for your records
Send verification requests to your employers/organizations
Process affiliate commissions and payouts
Communicate important updates about your account
Improve our Service through analytics

4. Cookies and Tracking

We use the following cookies and tracking technologies:

Session Cookies: Essential for authentication and keeping you logged in
Affiliate Tracking Cookie (bl_aff): Tracks referral attribution for 60 days when you visit via an affiliate link
Analytics (PostHog): We use PostHog to understand how users interact with our Service and improve the experience

5. Third-Party Services

We share data with the following third-party services as necessary to provide our Service:

Stripe: Payment processing and affiliate payouts. Stripe may collect payment information directly. See Stripe's Privacy Policy
Google: Authentication via Google Sign-In. See Google's Privacy Policy
PostHog: Product analytics. See PostHog's Privacy Policy
Brevo: Transactional emails. See Brevo's Privacy Policy
MongoDB Atlas: Database hosting (data stored securely in the US)

6. Affiliate Program Data

If you participate in our affiliate program:

We share necessary data with Stripe Connect to process your payouts
Stripe may issue tax documents (1099s) as required by law
We track referrals and commissions associated with your affiliate code

7. Data Security

We implement industry-standard security measures including:

Encryption in transit (HTTPS/TLS)
Secure password hashing
Access controls and authentication
Regular security reviews

However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide you services. Work entry data is retained to support your scholarship documentation needs. You may request deletion of your account and data by contacting us.

9. Your Rights

You have the right to:

Access your personal data
Correct inaccurate data
Request deletion of your data
Export your data

To exercise these rights, contact us at support@brightlog.app

10. Children's Privacy

BrightLog is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If we learn we have collected data from a child under 13, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or prominent notice on the Service. Your continued use after changes constitutes acceptance.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: support@brightlog.app