Privacy Policy

What we collect, why, and your choices.

Last updated: June 2026

This Privacy Policy explains how ShineBrightWeb ("we," "us," "our") collects, uses, shares, and protects personal information when you use our website and services. We serve clients in many countries, and we aim to handle your information responsibly wherever you are. "Personal information" means information that identifies or relates to an identifiable person.

1. Who we are

ShineBrightWeb is a registered business that builds websites and apps and provides an AI Customer Service (AI receptionist), Care Plans, and related add-ons. For any privacy question or request, contact us through our contact form.

2. Information we collect

3. How we use information

4. Legal bases (EEA/UK visitors)

Where the GDPR or UK GDPR applies, we process personal information based on: performance of a contract (to provide services you request), our legitimate interests (to run and improve our business and secure our services), your consent (where required, such as certain cookies or marketing), and compliance with legal obligations.

5. Cookies & similar technologies

We use essential cookies and local storage to run the site (including your accessibility preferences and the client portal) and may use privacy-respecting analytics to understand usage. Where a consent prompt is shown, we default to the most privacy-preserving option. You can control or clear cookies and local storage through your browser settings.

6. How we share information

We do not sell your personal information. We share it only with service providers that help us operate, under appropriate agreements, and only as needed — for example: website hosting and form handling (Netlify), payment processing (Stripe / PayPal), client-portal sign-in (Supabase), our customer records and workflow tools, email delivery, and the AI and telephony providers that power the optional AI Customer Service. We may also disclose information if required by law, or in connection with a business transfer (such as a merger or sale), under equivalent protections.

7. AI Customer Service data

If you subscribe to AI Customer Service, your customers' messages and call details may be processed by third-party AI and telephony providers to generate responses and book appointments. This data is used to operate the feature, not to sell. For this data, you (the business) are the controller of your customers' information and are responsible for providing any required notices to your customers and obtaining any required consent (including for call recording and messaging), and we act as your processor.

8. Data retention

We keep personal information only as long as needed to provide the services, run our business, and meet legal obligations — then we delete or anonymize it. You can ask us to delete your information (see Your rights).

9. Security

Our site is served over encrypted HTTPS/SSL, and we apply reasonable technical and organizational safeguards to protect your data. No method of transmission or storage is 100% secure, but we work to protect your information and limit access to it.

10. Your rights & choices

Depending on where you live, you may have the right to access, correct, delete, port, restrict, or object to the processing of your personal information, and to withdraw consent. Under U.S. state laws such as the CCPA/CPRA, you have the right to know what we collect and to request deletion — and we do not sell or "share" personal information for cross-context behavioral advertising. To exercise any right, contact us through our contact form; we will respond within the time required by law. EEA/UK residents may also lodge a complaint with their local data protection authority.

11. International transfers

We and our providers may process your information in the United States and other countries, which may have different data-protection laws than yours. Where required, we use appropriate safeguards for these transfers.

12. Children

Our services are intended for businesses and are not directed to children, and we do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

13. Third-party links

Our site may link to third-party websites or services we do not control. This policy does not apply to them; please review their privacy policies.

14. Changes & contact

We may update this policy; the "last updated" date reflects the current version. Questions or requests? Reach us through our contact form.