PRIVACY POLICY

Last Updated: January 30, 2017.

Notice of material change in process: January 8, 2017.

Commitment to Privacy Protection

Brightbox commits to providing users of our charging units and our online visitors a convenient environment for using our services and goods. We respect our customers’ privacy and are committed to using best available commercial practices to help ensure that their personal information remains confidential and secure while using our charging units, on the Internet, and in all aspects of electronic commerce. For example, Brightbox collects information necessary for you to safely and securely obtain power from its charging units, and information that enables you to retrieve your device from our charging stations.  As a general matter, information Brightbox obtains is for the purpose of providing customer service and technical support, to protect customer privacy and security, to prevent fraud, and to ensure the safety and security of Brightbox’s operations and the safety and security of customer devices when they are being charged with our units.   Additional information about Brightbox’s policies and procedures can be found in its Terms of Use click here .

Any information you provide is kept confidential by Brightbox and will only be used to support your customer relationship with us. Unless instructed by you, disclosed to you in its website and charging station privacy policies, or required by law, Brightbox will not share your personal information with any outside organization for its use in marketing or solicitation without your consent.

Information Obtained

For each customer browsing our website, our web server automatically recognizes and stores certain industry standard data, including the visitor’s IP address (the Internet address of visitor’s computer) in order to determine the areas of our website that are most commonly visited and also the time spent in each area. Your computer provides this information automatically each time you log on, unless blocked by the web browser.   This information is for us to understand the visitor traffic patterns and also so that we may enhance the visitor’s experience on our website.

Cookies

Cookies are a kind of technology that website host computers use for communicating with the user’s browser, and it might store some information about the user’s computer.  For example, as part of any visit to Brightbox’s website, it may obtain and retain certain types of industry standard data, including your IP address, URL, browser type and operating system. Brightbox does this to help ensure basic functionality of its website and to better perform its services to you.  You can choose to set your browser to notify you when you receive a cookie, providing you with the choice of rejecting or accepting the cookie.  If you decide not to accept or to prevent a cookie from being placed, your experience of Brightbox’s website may be changed.

Database Security

In order to secure your privacy, all your data inside Brightbox’s web site utilizes industry standard protocols to protect customer information on our website.  Brightbox does not access and therefore does not store any data from customer devices in connection with use of Brightbox charging units.  Accordingly, Brightbox does not synch any data obtained on this website with data from any customer device that is connected to our charging units because Brightbox does not collect any information from your device when it is in the charging unit.  However, Brightbox cannot be responsible for protecting customer data on customer devices against all conceivable third parties who may seek to acquire or tamper with customer data.

Sharing Information

Generally:  Brightbox may share aggregated, anonymized information that does not contain any personally identifiable information of its customers.   The information Brightbox does obtain may be shared with its trusted third parties for the purpose of monitoring the security of its website, its customers, and for compliance with regulatory purposes or legitimate law enforcement matters that require mandatory compliance.

Personal Information:  You may decide in using Brightbox services to provide Brightbox with an SMS or email address.  If you do so, Brightbox may have certain information that could identify you.  However, as a general matter, Brightbox does not sell trade, or transfer to third parties any reasonably identifiable personal information and to the best of its reasonable knowledge, does not collect such information except to the extent any such information which could be used for such purposes is obtained incidentally and protected by best commercially available practices by Brightbox and its third party vendors as necessary for its operations and the safety and security of its customers.

Access/Security

Brightbox provides its customers with the following opt-in options to access our charging station:

  • Pin Code: user provides 2 personal codes (one is 10 up to 10 digits and one is 5 digits) which serve in combination  as a charging unit’s secure chamber key;
  • RFID: user presents unique RFID (Radio Frequency Identification) card or badge for use as secure chamber key;
  • Mag Stripe Card: user swipe unique financial or branded Magnetic Stripe Card for use as secure chamber key.

For each of these options, we obtain certain limited technical information regarding the identification of the specific mobile device being charged, for example, the serial number of the device and model type.  For example, if the Mag Strip Card option has been selected, Brightbox may use an encrypted card reader in connection with its credit card processor’s contractual services, including in connection with that vendor’s PCI DSS regulatory compliance obligations.  For all options, Brightbox may obtain limited technical information to help ensure security and protect the quality of the service.  But Brightbox will not use this information for marketing, except as described in its policies and terms of use or as permitted by applicable law.  

And for each of the above options for access to its services, Brightbox’s goal is to implement the best reasonable available charging unit industry administrative, technical and physical security standards to help protect its customers from unauthorized access to or use of Brightbox’s hardware, software, and any other operating equipment Brightbox uses to provide its services.

By using a Pin Code, RFID, or Mag Stripe Card option to opt in to using a Brightbox Charging Unit and the services Brightbox describes in this Privacy policy, you are opting in to providing Brightbox with the information that is described here.  If you do not opt in by using one of the three options, Brightbox cannot obtain any information from you except as otherwise stated if you visit its website.

Personal Information

In providing our charging service, we specifically do not access, collect, download or store any personal data that a customer stores on the device, nor does Brightbox collect or store personally identifiable information about its customers except as otherwise stated in its privacy policies and subject to best available industry standards for protection of any such information incidentally obtained. Brightbox may use and disclose anonymous aggregated information about the use of its services. Brightbox may also disclose information any other information it collects if required to do so by law, to prevent suspected or actual fraudulent or illegal conduct, or to protect, preserve, or enforce the legal rights and remedies of Brightbox or its customers.

Tracking of Information; Battery Charging

Brightbox monitors developments and security reports regarding battery status API and third party tracking of IP addresses. Brightbox reserves the right to adopt any measures it deems necessary under commercially reasonable practices consistent with its commitment to best available practices under its existing policies, procedures, practices and commitments.

Opt-In and Applicable U.S. and International Privacy Frameworks

In order to use its equipment, software and services, customers of Brightbox have the option to opt-in to all of these privacy policies. This provides you with the ability to determine in advance whether you wish to use Brightbox’s charging units and whether you agree to the policies.  If you decide to send an email, text or SMS message to Brightbox or to provide Brightbox or any of its third party customers with such information on its website or kiosks, you are communicating with Brightbox electronically.  If you decide to communicate with Brightbox electronically, you acknowledge that you are opting in and consent to receive communications from Brightbox Inc. and any of its third party customers electronically, and you agree that Brightbox Inc. or its thirty party customers may communicate with you by e-mail, text, SMS or by posting notices on the Site or on the Units, subject to applicable law and your opportunity to opt out of receiving any electronic communications from Brightbox by not using its Site or any of its services.  You agree that all agreements, notices, disclosures and other communications that Brightbox Inc. provides to you electronically satisfy any legal requirement that such communications be in writing.

Brightbox seeks to comply with all applicable regulatory frameworks domestic and foreign regulatory privacy frameworks through use of model contract provisions and other compliance procedures on an ongoing basis, and reserves the right to update its policies and procedures as necessary without further notice.  Updates to privacy policies regarding personal information practices will be noted periodically when made.

Minors and Child Protection

Brightbox does not knowingly collect personal information from children under the age of thirteen, and its terms of service require that a legally responsible parent, guardian, or authorized adult supervise any use of its charging stations by minors.  Brightbox also complies, to the best of its reasonable knowledge, with the Children’s Online Privacy Protection Rule (“COPPA”), 15 U.S.C. §§ 6501-6505.

HIPAA

Brightbox does not collect “Protected Health Information” (PHI) as defined under the Health Insurance Portability and Accountability Act, as amended and supplemented by the HITECH Act, and the Omnibus Act (“HIPAA”).  In that regard, and as further referenced in The Brightbox® Program Agreement which governs the provision of Brightbox “Equipment,” “Software,” and related Brightbox offerings, Brightbox charging stations are not, to the best of its reasonable knowledge, “Workstation(s)” as described in 45 CFR 164.310(c) and Brightbox is therefore not a “Business Associate” of a “Covered Entity” under HIPAA rules.  Accordingly Brightbox understands that it is in compliance with the Privacy, Security, Breach Notification, and Enforcement Rules of HIPAA, 45 CFR Part 160 and Part 164 (Privacy of Individually Identifiable Health Information).

Charitable Donations

 If any charitable donation option is available as an option on its charging unit, any such option shall be conditioned upon compliance with this Brightbox’s privacy policy and the terms and conditions for Brightbox.

Copyright 2016-17 Brightbox, Inc. All Rights Reserved

LET’S GET STARTED!