Website Privacy/Cookie Policy

Mobile Solutions Services Holdings, LLC dba brightfin (“brightfin”) is committed to protecting your online privacy. We feel, it is important for you to know how we handle the information we receive from you via the Internet. This policy also applies to the processing of personal data that brightfin obtains from its customers in the European Union. In order to meet the requirements of the General Data Protection Regulation (“GDPR”), we would like to inform you in detail about the handling of your data and your associated rights.

  1. Controller

Regarding the processing of your personal data as described in sec. 3 hereinafter, brightfin serves as “controller” in the sense of Art. 4 No. 7 GDPR. Our contact details are

brightfin
8310 South Valley Highway, Suite 150

Englewood, CO 80112
United States of America
Phone:             +1 (801) 895-4180
Email:               privacy@brightfin.com

You can contact our data protection officer by sending an email to privacy@brightfin.com

Representative designated by brightfin pursuant to Art. 27 GDPR:

brightfin GmbH

Feringastrasse 6

85774 Munich Bayern

Deutschland

Our website may contain links to websites operated by third parties. Please be aware that we have no control over the privacy policies and practices of such third party sites and are not controller of those websites in the sense of Art. 4 No. 7 GDPR.

  1. Type and extent of data processing
  1. Website access

Generally, you can visit www.brightfin.com (our “Website”) without revealing any personal information. We use information referring to general traffic, site usage and length-of-stay in reports to advertisers and firms with which we have a business relationship. This sort of information is shared only in aggregated form and does not personally identify individuals. Additionally, we collect and log the IP address of all visitors of our Website. We collect this data, so we can properly administer our system and gather aggregate information about how our site is being used. This aggregate information may be shared with advertisers, sponsors and other businesses. To maintain your anonymity, we do not associate IP addresses with records containing personal information. The IP address, however, can be regarded as personal data itself, because under some circumstances, it allows for identifying the owner of the Internet connection. We will additionally use IP address information, to personally identify you in order to enforce our legal rights or when required to do so by law enforcement authorities. In any of these cases, we have a legitimate interest in the sense of Art. 6 (1) lit. f GDPR which derives from our need

  • to constantly improve our Website
  • to defend our Internet infrastructure against any attacks, to determine the origin of such attack, to be able to prosecute the responsible person under criminal and civil law and to effectively prevent further attacks and operate the Website without disruption.

We will delete your IP address within 6 months.

  1. Newsletter

On our Website we offer the opportunity to subscribe to a newsletter regarding products distributed and services provided by us or one of our subsidiaries sent by e-mail. To do so, we require you to provide a valid e-mail address. The provision of any other data, such as your name, is optional. If you decide to provide your name, we will use this data to personalize the newsletters sent to you. We may share this e-mail address and – if applicable – your name with our third party e-mail management vendor acting as a processor on our behalf solely for purposes of technically delivering our newsletter to you.  However, we do not share your e-mail address or name with third parties for any marketing purposes. The legal basis for this use of your personal data is your informed consent in the sense of Art. 6 (1) lit. a GDPR. You can revoke your consent for the future by unsubscribing from the newsletter at any time. In this case we will delete the data provided by you for this purpose as long as the deletion does not conflict with statutory retention requirements or we are authorized otherwise to store your data.

  1. Contact form and e-mail contact

You can voluntarily contact us through a contact form available on our website. If you do so, the data entered into that form will be transmitted and stored. In order for your inquiry to be answered, at least your e-mail address is required. Additional information, such as your name or your phone number may be given on a voluntary basis. Additionally, you can contact us by e-mail. In this case, the personal data you submit with the e-mail will be processed. In both cases, data processing is solely for the purpose of correspondence with you and in the limits you specify. The communication may be shared with a customer service representative, employee or agent that is most able to address your inquiry. We make every effort to respond in a timely fashion once communications are received. Once we have responded to your communication, it is discarded or archived, depending on the nature of the inquiry. The legal basis for data processing in connection with contacting us through our online contact form or by e-mail is your consent in the sense of Art. 6 (1) lit. a GDPR. In this case you have the right to withdraw your consent at any time. If you do so, all personal data processed in the course of the respective contact will be deleted. This can mean that the conversation with you might not be continued. Insofar as processing is necessary for the performance of a contract to which you are party, Art. 6 (1) lit. b GDPR serves as legal basis. The e-mail functionality on our site does not provide a completely secure and confidential means of communication. It’s possible that your e-mail communication may be accessed or viewed by another Internet user while in transit to us. If you wish to keep your communication private, do not use our e-mail.

  1. Live chat (Tawk.to)

You have also the option to contact us through a form that enables you to chat live with us. If you do so, the data entered into that form will be transmitted and stored during the live chat and for a period necessary to process your request. All the personal data you provide during live chat is given on the basis of your consent, Art. 6 (1) lit. a GDPR. If you are already a customer of brightfin and use the live chat for enquiries in connection with your contract with us, we process the respective personal data on the basis of performing this contract, Art. 6 (1) lit. b GDPR.

  1. Online application

We offer you the possibility to apply to brightfin online. If you do so, we collect the following data from you:

  • Name
  • E-mail
  • Phone number
  • Resume
  • any other application-related document provided by you

This data will only be used for the decision of whether or not entering into an employment relationship with you. It will internally only be forwarded to the appropriate contact person to decide on the occupation of the job you are applying for. This kind of data processing is in accordance with Art 6 (1) lit. b, Art. 88 GDPR in connection with the respective stipulations in the data protection laws applicable in the relevant EU member state. We will delete your data after completing the application process and after the expiration of the retention period required by the applicable law.

  1. Use of cookies

Cookies are small pieces of information or text that are issued to your computer when you visit a website and are used to store or track information about your use of our Website. brightfin uses cookies to collect certain information, enhance your browsing experience and make your interactions with our Website more meaningful. For example, we may use cookies to determine whether you have visited our Website before and inform us about site features in which you have interest, thereby permitting us to better tailor our Website content. This is in accordance with Art. 6 (1) f GDPR, since we have a legitimate interest in providing our Website in a way that attracts as many users as possible and to present particularly relevant content for the users. As a user you have full control over the use of cookies. In the settings of your Internet browser, you can restrict or completely deactivate the transmission of cookies. In the same way, you can delete cookies that are already stored on your computer at any time. However, if you reject cookies from our site, some parts of the site may not work properly for you. brightfin uses both session‑based and persistent‑based cookies. Session‑based cookies exist only during your web session and expire when you close your internet browser. Persistent‑based cookies are files that stay in one of your browser’s subfolders until you delete them manually or your browser deletes them based on the duration period contained within the persistent cookie’s file. brightfin uses the following cookies on our Website:

Cookie Name Primary Purpose Type / Duration
visitor_id309431-hash / VisitorTrack is a cookie used by a third party provider that helps us monitor site traffic and use. This process includes the collection of IP addresses and search-related data in order to evaluate visits to, and monitor use of, the site. Up to 24 months
FB_cookie fr These cookies are used to deliver advertisement more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. Up to 30 days
pardot lpv309431 visitor_id viditor_id_hash Pardot tracks visitor and prospect activities on your website and landing pages by setting cookies on their browsers. Cookies are set to remember preferences (like form field values) when a visitor returns to your site. Pardot also sets a cookie for logged-in users to maintain the session and remember table filters. Deleted after 24 months of inactivity
PHPSESSID PHPSESSID cookies contain a reference to a session stored on the web server. No information is stored in the user’s browser and this cookie can only be used by the current web site. Session
_ga Used to distinguish users and collect Google Analytics data Up to 24 months
_gid Used to distinguish users and journeys. Up to 1 day
rcc_accepted This cookie remembers your choice to click ‘Accept’ on our cookie policy banner which appears the top of the page. It has the purpose of preventing the cookies confirmation button from appearing in new sections of the same user. Until user clears browser’s cache
test_cookie DoubleClick uses cookies to serve adverts on third party websites. The DoubleClick cookie serves relevant ads to potential customers and gathers information about how or if you are interacting with these ads. This cookie tests for cookie setting permissions for Google Analytics and is used to check if the user’s browser supports cookies. Up to 1 day
BizoID LinkedIn Ad analytics. Comes from: LinkedIn insights and ads tags. The BizoID cookie stores a unique LinkedIn user ID. Note: The LinkedIn user ID does not contain personally identifiable information. This cookie is used to determine if there is Bizographic data attached to this visitor. Up to 6 months
UserMatchHistory Used for LinkedIn Ad analytics. Up to 6 months
lang Remembers the user’s selected language version of a website. Session
bscookie bcookie lidc Secure browser ID cookies. Used by LinkedIn for tracking the use of embedded services, including the Linkedin follow, sharering content, and apply within Linkedin features. These cookies include access to social networks in order to connect with and to share certain contents from the portal so that the user does not have to register whenever a connection is made. The information is only stored in the social networks. This is used for Sign-in with Linkedin. Up to 2 years or until user clears browser’s cache
  1. Use of Google Analytics

On this Website we make use of Google Analytics. Google LLC is Privacy Shield certified and offers reasonable guarantees to comply with European data protection law, especially meeting the requirements of the GDPR. Google Analytics uses cookies which obtain information about the use of our website. This information is transmitted and stored to a Google server in the United States. The information will be used by Google on our behalf to evaluate the use of our site by you, to compile reports on website activity, and to provide other services related to website activity and Internet usage to us. You can prevent the storage through your browser settings, e.g. by installing the plugin available under https://tools.google.com/dlpage/gaoptout?hl=en. Further information can be found under https://policies.google.com/technologies/ads?hl=en. The use of Google Analytics is based on our legitimate interest in accordance with Art. 6 (1) f GDPR, to constantly improve our website and to make it more user-friendly. The data will be deleted within 26 months.

  1. Ads by Google

Google also uses cookies to serve ads on our Website. Google’s use of the DART cookie enables it to serve ads to you based on your visit on our site and other sites on the Internet. No personally identifiable information is collected as part of Google’s process. You can opt out of the use the DART cookie by visiting Google’s privacy document.

  1. Data integrity and security

Brightfin uses reasonable efforts to maintain the accuracy and integrity of personal data and to update it as appropriate. Brightfin has implemented physical and technical security measures to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Brightfin also implements access restrictions, limiting the scope of employees who have access to personal data. Furthermore, brightfin uses secure encryption technology to protect certain categories of personal data.

  1. Your rights

In connection with the different types of processing, you have a number of rights described hereinafter. These rights can be exercised free of charge. However, where requests from a data subject are evidently unfounded or excessive, in particular because of their repetitive character, we may either

  • charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or
  • refuse to act on the request.
  1. Withdrawal of consent

You have the right to withdraw your consent to processing your personal data for the future at any time. The withdrawal will not affect the lawfulness of processing based on consent before your withdrawal (Art. 7 (3) GDPR).

  1. Right of confirmation and right of access

You have the right to obtain from us the confirmation as to whether or not personal data concerning you is being processed, and, where this is the case, access to the personal data and additional information under the conditions of Art. 15 GDPR.

  1. Rectification and erasure

You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you and the right to have incomplete personal data completed (Art. 16 GDPR). Further you have the right to obtain from the controller the erasure of personal data concerning you under the conditions of Art. 17 GDPR.

  1. Right to restriction of processing

You have the right to obtain from the controller restriction of processing under the conditions of Art. 18 GDPR.

  1. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Art. 6 (1) GDPR, including profiling based on those provisions. In this case, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

  1. Right to data portability

You have the right, to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us under the conditions of Art. 20 GDPR. This right, however, shall not adversely affect the rights and freedoms of others.

  1. Obligation to provide data

There is no obligation for you to provide your personal data. However, if you do not provide us with the data which is mandatory for certain services or features as named by this privacy policy, you will not be able to use that service or feature.

  1. Lodge of a complaint

If you believe that we are failing to properly comply with privacy obligations, you may lodge a complaint with a Supervisory Authority.

  1. Changes to this policy

This policy may be amended from time to time, consistent with applicable data protection and privacy laws and principles. We, therefore, recommend that you review these data protection notices regularly. The current version of this policy is indicated at the bottom of this page.

Version: November 2022