Brightpath Academy

Privacy Policy

Last Updated: March 20, 2026

At Brightpath Academy ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website your-domain.com and use our services.

Please read this privacy policy carefully. By accessing or using our website, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy and our Terms of Service.

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account or enroll in our programs
  • Fill out forms on our website
  • Subscribe to our newsletter or marketing communications
  • Contact us via email, phone, or contact forms
  • Participate in surveys or promotions

Personal information may include:

  • Name and contact details (email address, phone number, mailing address)
  • Student information (age, grade level, educational background)
  • Parent/guardian information
  • Payment and billing information
  • Account credentials (username and password)
  • Any other information you choose to provide

1.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing activity, including:

  • IP address and geographic location
  • Browser type and version
  • Operating system
  • Referring website addresses
  • Pages viewed and time spent on pages
  • Date and time of visits
  • Device identifiers and mobile network information

1.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your browsing behavior and preferences. For more details, please see our Cookie Policy section below.

2. How We Use Your Information

We use the collected information for various legitimate purposes, including:

  • Service Delivery: To provide, maintain, and improve our educational services and programs
  • Communication: To respond to inquiries, send administrative information, and provide customer support
  • Enrollment Processing: To process registrations, enrollments, and payments
  • Personalization: To customize your experience and deliver relevant content
  • Marketing: To send newsletters, promotional materials, and information about our programs (with your consent)
  • Analytics: To analyze website usage, monitor trends, and improve our services
  • Security: To protect against fraud, unauthorized access, and other security risks
  • Legal Compliance: To comply with legal obligations and enforce our terms and policies
  • Research: To conduct educational research and improve our curriculum

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:

  • Consent: You have given explicit consent for processing your personal data
  • Contract: Processing is necessary to fulfill our contractual obligations to you
  • Legal Obligation: We must process your data to comply with legal requirements
  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided your rights do not override these interests

4. Cookie Policy

We use cookies and similar tracking technologies to enhance your browsing experience. Cookies are small text files stored on your device that help us recognize you and remember your preferences.

4.1 Types of Cookies We Use

  • Essential Cookies: Required for website functionality and security
  • Performance Cookies: Help us understand how visitors interact with our website
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness

You can control cookie settings through your browser preferences. Note that disabling certain cookies may limit website functionality.

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our website and delivering our services, including:

  • Payment processors and financial institutions
  • Hosting and cloud storage providers
  • Email marketing and communication platforms
  • Analytics and performance monitoring services
  • Customer relationship management (CRM) systems

These service providers are contractually obligated to protect your information and use it only for specified purposes.

5.2 Legal Requirements

We may disclose your information when required by law or in response to:

  • Legal processes, subpoenas, or court orders
  • Requests from government authorities
  • Protection of our rights, property, or safety
  • Investigation of fraud or security issues

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity.

6. Third-Party Services and Links

Our website may contain links to third-party websites and integrate with third-party services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

Third-party services we may use include:

  • Google Analytics for website analytics
  • Social media platforms (Facebook, Twitter, LinkedIn)
  • Payment gateways (Stripe, PayPal)
  • Email marketing services (Mailchimp, SendGrid)
  • Video hosting platforms (YouTube, Vimeo)

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for data transmission
  • Secure server infrastructure and firewalls
  • Regular security audits and vulnerability assessments
  • Access controls and authentication procedures
  • Employee training on data protection practices
  • Encrypted storage of sensitive information

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law or for legitimate business purposes.

Our retention periods are based on:

  • The length of our relationship with you
  • Legal, regulatory, or contractual obligations
  • Statute of limitations periods
  • Operational and business needs

When personal information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policies.

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

9.1 GDPR Rights (EEA Residents)

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another service
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent at any time (where consent is the legal basis)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

9.2 CCPA Rights (California Residents)

  • Right to Know: Request information about data collection and sharing practices
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal data)
  • Right to Non-Discrimination: Equal service and pricing regardless of privacy choices

9.3 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within the timeframe required by applicable law (typically 30 days).

10. Children's Privacy

As an educational institution, we may collect information from children under the age of 13 (or 16 in the EEA) with verifiable parental consent as permitted by COPPA (Children's Online Privacy Protection Act) and GDPR.

Parents/guardians have the right to:

  • Review their child's personal information
  • Request deletion of their child's personal information
  • Refuse further collection or use of their child's information
  • Consent to collection and use without consenting to disclosure to third parties

We do not knowingly collect personal information from children without proper parental consent. If you believe we have collected information from a child without consent, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your jurisdiction.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield certification (where applicable)
  • Binding corporate rules
  • Your explicit consent

12. Marketing Communications

With your consent, we may send you marketing communications about our programs, services, and special offers. You can opt-out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in our emails
  • Adjusting your account preferences
  • Contacting us directly

Note that even if you opt-out of marketing communications, we may still send you essential service-related messages.

13. Do Not Track Signals

Some web browsers incorporate "Do Not Track" (DNT) features. Currently, no uniform standard exists for recognizing and implementing DNT signals. We do not currently respond to DNT browser signals, but we provide you with choices regarding the collection and use of your information as described in this policy.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the "Last Updated" date
  • Sending email notifications for significant changes
  • Displaying prominent notices on our website

We encourage you to review this Privacy Policy periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Brightpath Academy

Privacy Officer / Data Protection Officer

Email: [email protected]

Phone: +1 (555) 123-4567

Address: 123 Education Lane, Learning City, ST 12345, United States

Website: your-domain.com

For users in the European Economic Area, you may also contact your local data protection authority if you have concerns about our data processing practices.

16. Your Consent

By using our website and services, you consent to the collection, use, and processing of your personal information as described in this Privacy Policy. If you do not agree with this policy, please do not use our website or services.

This Privacy Policy is effective as of the date stated at the top of this page. This policy applies to Brightpath Academy and all services offered through our website your-domain.com.

For our Terms of Service, please visit our Terms and Conditions page.