This RallyBright Privacy Policy (“Policy”) describes how RallyBright, Inc. and its related companies collect, use and share personal information of users of this website, RallyBright.com, (“Website”) and through our mobile applications (together, with the “Website”, the “Platform”). As the terms are used in this Agreement, “RallyBright,” “us” or “we” refers to RallyBright, Inc. and the term “you” refers to the end user of the Platform.
This is an important legal agreement between you and us. You agree to this Policy by using the Platform or providing your personal information (i.e., information that personally identifies you or other data that can be reasonably used to infer this information) to us. If you do not agree with any term in this Policy, please do not provide us your personal information or use the Platform.
OVERVIEW
At RallyBright, we value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect your data when you engage with our platform, assessments, and services. We follow Privacy by Design principles and comply with global data privacy frameworks, including the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF.
WHAT WE COLLECT
RallyBright only collects the minimum amount of personally identifiable information (PII) necessary to provide our services effectively. This may include:
We do not collect sensitive personal data, such as financial or health information.
HOW WE USE INFORMATION
We use your personal information as follows:
All personal data is processed in accordance with our strict security protocols, and we do not use your information for marketing purposes unless you have explicitly opted in.
SHARING OF PERSONAL INFORMATION
We may share personal information as follows:
NON-IDENTIFIABLE DATA
We may use and share non-identifiable data (i.e. non-personal, de-identified information that can’t be used to identify you) for any lawful business purpose without any obligation or accounting to you. When we do so, we will take reasonable measures to ensure that the non-identifiable data is not personally identifiable and cannot later be used to identify you.
COOKIES AND INTERNET ADVERTISING
DATA RETENTION AND DELETION
We retain personal data only as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations. You may request deletion of your personal data at any time by contacting privacy@www.rallybright.com. Upon receiving such a request, we will securely delete or anonymize your data in accordance with our data retention policies.
HOW WE PROTECT INFORMATION
We take reasonable steps to maintain the security of your personal information, however, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, we cannot ensure or warrant the security of any information that you transmit to us, so you do so at your own risk.
The security of your data is our top priority. RallyBright uses a combination of technical and organizational measures to safeguard your information, including Encryption (e.g., AES-256), Access Controls (e.g. SSO, MFA), Security Monitoring and Logging, Incident Response Policies and Protocols
YOUR RIGHTS AND CHOICES
You have the right to access, update, or delete your personal data, as well as to restrict or object to certain data processing activities. If you would like to exercise any of these rights, please reach out to our Data Protection Officer at privacy@www.rallybright.com.
Under applicable privacy laws, including GDPR, you have the following rights regarding your personal data:
To exercise these rights, please contact our Data Protection Officer at privacy@www.rallybright.com.
INFORMATION CHOICES AND CHANGES
Our marketing emails tell you how to “opt-out” from our marketing communications. If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you. We may continue to send you administrative emails including, for example, periodic updates to our Policy, even if you indicate that you no longer wish to receive promotional email from us.
You may send requests about personal information to our Contact Information below. You can request to change contact choices, opt-out of our sharing with others, and update your personal information. We may not be able to completely remove your personal information from our systems in certain circumstances. For example, we may retain your personal information for legitimate business purposes, if it may be necessary to prevent fraud or future abuse, if required by law, or as retained in our data backup systems or cached or archived pages. All of your personal information that we keep will continue to be subject to the terms of this Policy to which you have previously agreed.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83 permits users that are California residents to request certain information regarding our disclosures of personal information to third parties for such third parties’ direct marketing purposes. If you are a California resident and would like to make such a request, please contact us at support@www.rallybright.com.
LEGAL BASIS FOR DATA PROCESSING
If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions where the General Data Protection Regulation (GDPR) applies, RallyBright processes your personal data under the following legal bases:
If you have any questions about the legal basis on which we process your personal data, or if you would like to know more about your rights under GDPR, please contact our Data Protection Officer at privacy@www.rallybright.com.
CHILDREN’S PRIVACY
The Platform is not intended for use by children under the age of 16. RallyBright does not knowingly collect personal information from children. If we become aware that personal information has been collected from a child under 16 without verified parental consent, we will take immediate steps to delete such information. If you believe that we might have any information from or about a child under 16, please contact us at privacy@www.rallybright.com.
LINKS TO OTHER WEBSITES
The Platform may contain links to third party websites and may allow you to share information, including your personal information and allow it to be transmitted to third party websites (such as social networks). We are not responsible for the privacy practices of any third-party websites so we encourage you to read the privacy statement of each and every website that you send information to. This Policy applies solely to information we collect from you.
INTERNATIONAL DATA TRANSFERS
RallyBright is a U.S.-based company. If you access our services from outside the United States, your data may be transferred to and processed in the U.S. We ensure that such transfers are conducted in compliance with applicable privacy laws and are protected by appropriate safeguards.
COMPLIANCE WITH THE EU-U.S. DATA PRIVACY FRAMEWORK (DPF) AND UK EXTENSION
RallyBright, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the DPF, as established by the U.S. Department of Commerce. We have certified that we adhere to the EU-U.S. DPF Principles regarding the processing of personal data received from the European Union and the United Kingdom.
If there is any conflict between the terms of this policy and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework Program and view our certification, please visit the official DPF Program website.
COOPERATION WITH EU DATA PROTECTION AUTHORITIES (DPAS) AND THE UK ICO
In compliance with the EU-U.S. DPF and UK Extension, RallyBright, Inc. commits to cooperate and comply with the advice of the EU Data Protection Authorities (DPAs) and the UK Information Commissioner’s Office (ICO) for unresolved complaints regarding the handling of HR-related data under the DPF in the context of the employment relationship.
Affected individuals may access this recourse free of charge.
THIRD-PARTY DATA SHARING AND PURPOSES
We disclose personal information only to trusted third parties as necessary to provide and improve our services, comply with legal requirements, and support core business functions. This includes:
FTC INVESTIGATORY AND ENFORCEMENT POWERS
RallyBright, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC). This ensures that we adhere to applicable privacy frameworks, including the EU-U.S. Data Privacy Framework (DPF) and the UK Extension.
BINDING ARBITRATION OPTION FOR DISPUTE RESOLUTION
Under certain conditions, individuals may invoke binding arbitration to resolve complaints that remain unresolved through other channels.
To initiate arbitration, individuals must provide written notice to RallyBright, Inc. and follow the procedures and conditions outlined in Annex I of the DPF Principles. Once arbitration is invoked, RallyBright is committed to following the terms and conditions specified in Annex I.
LAWFUL REQUESTS BY PUBLIC AUTHORITIES
We may disclose personal information as required by law, including:
LIABILITY FOR ONWARD TRANSFERS
In cases where we transfer personal data to third-party processors, RallyBright, Inc. remains liable for ensuring that these parties process the data in compliance with the EU-U.S. DPF Principles. If a third party fails to meet these standards, we will be responsible unless we can demonstrate that we were not involved in the event causing the issue.
CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on our website, and where appropriate, we will notify you via email. We encourage you to review this policy periodically to stay informed about how we protect your information.
CONTACT INFORMATION
If you have any questions or concerns about this Privacy Policy or our data handling practices, please contact us at:
RallyBright, Inc.
Email: privacy@www.rallybright.com
Website: www.www.rallybright.com
RallyBright, Inc. is located at 7801 Lonesome Pine Ln, Bethesda, MD 20817.8