We find privacy policy pages hard to understand, too. That’s why we’ve written ours in a way that you can scan the subtitles and get the gist of it. 

Last updated: 29th March 2021.

By using this website, you’re OK with this Privacy Policy

It’s important for you to know that using this website means that you have read, understood, and acknowledge this policy. We know this seems weird, but we have no way of knowing who reads it and who doesn’t, and who has what expectations about if and what we do with their information. And we’re not going to prevent entry to this website until you check a box saying you’ve read this whole page… that’d be dumb.

So, we just have to assume that you are OK with what’s on this page when you use our website, to ensure we don’t have any disputes based on unequal expectations.

Are you in the EU or UK? This part’s for you

Not going to lie, this part gets a bit hefty. It’s about if you’re accessing our website on your own behalf, or on behalf of your employer. For users based in the EU and the UK, we need to describe our role and our responsibility for your personal information using terms described by EU privacy law.

  • If you use our website for yourself, we are the “data controller”
  • If:

you use our website in connection with an agreement between your former, current, or  prospective employer (“Employer”) and Bright Pilots (the “Enterprise Agreement”), 

and your Employer remains the data controller for certain personal information you may need to provide in connection with using this website,

then the terms of that Enterprise Agreement shall apply with respect to the processing of any personal information. In these instances, we act as a “data processor”. This means that we process your personal information to provide a service to your Employer, and we do so at their direction. If you have any questions about specific privacy practices in connection with using our website through your Employer, please contact your Employer.

  • If you access and use our website in connection with an Enterprise Agreement between your Employer and Bright Pilots, and your Employer is not designated as the data controller with respect to any of your personal information, then Bright Pilots will be the data controller.

Here’s what we collect and store about you

Website visits

We use the Plausible website analytics platform to collect the following information about visitors to this website:

  • How many people visit our website
  • Which website led them to our website
  • Which pages they visit
  • What device they use
  • What browser they are using
  • Which country they are connecting from

Newsletter subscriptions

If you have subscribed to our newsletter, you have provided your:

  • Email address
  • First name
  • Last name

This information is captured using MailerLite, and you can read their privacy policy here. 

Individual emails

Sometimes people email us with specific requests for information, feedback, or actions to do with classes, or to give us presents and compliments (hey, we can dream, right?). Those emails are stored in Gmail. Our Gmail email accounts are kept secure with two-factor authentication, and Gmail offers secure encryption to keep your data safe. You can read Google’s privacy policy here.

Online class surveys

We use Paperform to collect and store information for research surveys, class preparation surveys and class feedback surveys. You can read Paperform’s privacy policy here. The surveys ask questions about:

  • Name
  • Experiences about work and work-related topics (e.g. meetings)
  • Self-reported levels of confidence and competence in work-related skills (e.g. running meetings)
  • Preferences for training formats
  • Preferences for training times and days 
  • What people want to learn about
  • Feedback about our training

We will never ask for information regarding gender, place of employment, salary, location, marital status, or dependents.

We don’t use cookies. We might eat them, though.

We don’t like those ‘Accept cookies’ pop-ups either. We prefer to honour your privacy. That’s why our website doesn’t use cookies. All the website measurement is carried out absolutely anonymously, and there are no persistent identifiers, or cross-site / cross-device tracking. 

Here’s how we use the information we collect

We use the information captured from our website analytics platform (above) to learn what seems to resonate with people, what doesn’t, and to guide our decisions about what content to provide you, to maximise its value to you. All of that information is anonymous and we can’t access details on individual visitors.

We use newsletter subscribers’ names and email addresses solely to send emails that people agreed to subscribe to, through a dual authentication pathway (i.e. you subscribed, and then you confirmed your subscription in a follow-up request email from us). We don’t use this information for any other purpose than for what you signed up for, in accordance with the General Data Protection Regulation (GDPR). This means that the emails we send you are only about the class(es) and topics you’ve asked to be notified about, and we don’t add any other type of content that you didn’t ask for.

We can access all of the names and email addresses, stored in our MailerLite account, but we rarely look at individual records. Our primary concern is whether the content we’re sending is of interest. This means we tend to only look at the aggregate campaign information, like the percentage of subscribers who have opened emails, and clicked on links in the emails.

We use online survey results to learn about and better understand what interests people the most about the topics for which we provide training, and how to improve the topic choices, structure, content, and delivery of our training classes. We access the survey results in Paperform in an aggregate report form, and very rarely look at whole individual records. A lot of the information is in a free-text form (e.g. feedback about a class), so we’ll read the individual responses for specific questions like this, but we very rarely then look at names attached to the free-text information. Sometimes, we will export survey results as a CSV file to then open and sort and filter using Google Sheets, which is captured and stored securely. If we do this, we delete the CSV file so that there is no information left outside of a secure cloud-based application. 

In case you’re wondering:

  • We never pass on any of the information we collect (including your email address) to any third party
  • We never download the information in a portable unsecure format and leave it lying around

What if we want to change how we use your information?

We will only use your personal information for the purposes included in this Privacy Policy (above), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. 

If that ever happens, we’ll contact you using the email address for you that we have stored, and we’ll explain the legal basis which allows us to do this.

Keeping your information secure is a team sport

We’ve implemented appropriate physical, technical, and administrative measures designed to secure your personal information from accidental loss and unauthorised access, use, alteration, and disclosure. We also limit access to this information to only those employees, agents, contractors, and other third parties who really need to have access to such information for the operation of our business, including the operation of this website. They will only access and use your personal information on our instructions, and they are subject to a duty of confidentiality.

That said, the safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password to access certain parts of our website, you are responsible for keeping this password safe and confidential. Please don’t share your password with anyone, and be careful about giving out information in public areas (physical or digital), because others might see it and use it without your knowledge or authorisation.

Unfortunately, no digital data transmission or storage of information can be guaranteed to be completely secure or error-free. We cannot warrant or guarantee the security of any personal information transmitted using our website, or any of the other applications we use (above). Any transmission of personal information is at your own risk.

When you leave our website, you’re with someone else’s privacy policy

This website may contain links to other (external) websites. Be aware that clicking on those links or enabling those connections may allow third parties to collect or share data about you, and we have no control over that, nor responsibility for that. You should carefully review the privacy policy of any such external/third-party website that you visit.

Your legal rights

Under the General Data Protection Regulation 2016/679 (the GDPR) and the California Consumer Protection Act (CCPA), if you are located in the EU, UK, and California, you have these rights (under certain circumstances):

  • To be provided with a copy of your personal information held by us
  • To request a correction to any of your personal information held by us
  • To request a restriction to the processing of your personal information (while we verify or investigate your concerns with this information, for example)
  • To object to any further processing of your personal information, including the right to object to marketing
  • To request any information you have provided be transferred to a third party
  • To withdraw consent, without detriment, where the basis of the processing of your personal information is based on consent
  • To request that we delete any of your personal information held by us (unless a legal exception applies)

In response to any of these requests, we may need to request specific information from you, so that we can confirm your identity and to ensure you have the right to access that information (or to exercise any of your other rights). This ensures that your personal information is not disclosed to anyone who does not have the right to receive it.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Making changes to our Privacy Policy

We may need to update our Privacy Policy from time to time. If that happens, we will notify you of any changes by posting updates in the newsletter (if you are subscribed to the newsletter). The date the Privacy Policy was last revised is at the top of this page.

Questions or concerns

If you have any questions or concerns regarding this policy, and our approach to your privacy, please contact us.