Privacy Policy

1. Who we are

Brightnest is a private communication and learning-management platform for schools in the Philippines. References to Brightnest, we, us, or our in this policy refer to the operator of the brightnest.app service.

Schools that subscribe to Brightnest are the data controllers for the personal data of their staff and students. Brightnest acts as the data processoron the school’s behalf.

2. Children and minors

Brightnest is designed to be used inside schools, including by students who are minors. Accounts are created and managed by the school. The school is responsible for obtaining the consent of parents or legal guardians where required by Philippine law, including the Data Privacy Act of 2012 (RA 10173) and any school policy applicable to the student.

We do not knowingly collect personal data directly from minors outside of an authenticated school account. If you believe a minor has provided us data outside this context, contact us at hello@brightnest.app and we will remove it.

3. Data we collect

The data we hold falls into a small number of categories:

• Account data— full name, school-issued email address, role (Super Admin, School Head, Teacher, Student), school assignment, and an optional profile (avatar image, birthday, address, optional Facebook URL) that the user can edit.
• User content— posts, comments, replies, reactions, messages, message attachments, AI-assisted draft inputs and outputs, and uploaded media (images and documents).
• Activity logs— an audit trail of security-relevant events such as logins, failed logins, lockouts, post creation, and similar actions. Used for school admin visibility and incident response.
• Diagnostic data from in-app reports— when a user submits a Report from inside the app, we store the user’s message plus minimal context: their role, their school, the relative path they were on (with query strings and hash fragments stripped to remove tokens), the previous two relative paths in that session, viewport size, user agent, and an optional Sentry event ID. We do not capture screenshots, form values, message bodies, uploaded files, cookies, tokens, or session storage.
• Operational telemetry— technical metadata such as request paths and error stack traces necessary to keep the service running, surfaced to our error-monitoring tooling.

We do not collect biometric data, health data, financial account data, or government identifiers beyond what a school may choose to record inside a profile field at its discretion.

4. How we use data

• To operate the core product (feeds, classes, messaging).
• To authenticate users and protect accounts (login, password reset, rate-limiting, abuse detection).
• To provide AI-assisted writing tools when staff invoke them. Prompts and responses are processed by our AI subprocessor (see §5) and are not used by us for model training.
• To diagnose issues, respond to in-app Reports, and improve reliability.
• To comply with legal obligations and respond to lawful requests.

5. Subprocessors

We use the following third-party services to operate Brightnest. Each is bound by its own contractual data-processing terms and only receives the minimum data necessary for its function.

• Supabase— authentication, database, and real-time message delivery. Holds account data, content, and activity logs.
• Bunny.net— storage and CDN for uploaded media (avatars, post images, attachments).
• Sentry— error monitoring. Receives technical error events and a Sentry event ID that we may correlate to a Report.
• Plunk— transactional email delivery (login, password reset, exports, system notifications).
• OpenAI— processes AI-tool prompts (post helper, message draft, conversation/feed summaries, policy and event/activity generators) under terms that prohibit using prompts to train OpenAI’s general models.

We will update this list when subprocessors change. A copy of the current list is also maintained in our product documentation.

6. Data retention

• Account and content dataare retained for the duration of the school’s subscription. When a school is offboarded, data follows the approved offboarding lifecycle: export window, then deletion of records and stored media.
• Activity logsare retained as long as the school’s account is active to support security review.
• In-app Reports are retained for diagnostic history during the pilot. A draft retention target of 12 months from resolution is under DPA review; until that is finalized, reports are retained indefinitely and may be manually purged on request.

7. Your rights

Under the Data Privacy Act of 2012 (RA 10173) and applicable regulations, data subjects have rights including access, correction, deletion, objection, and data portability. To exercise these rights:

• Staff and students should contact their school’s School Head first, since the school is the data controller.
• If the school cannot fulfill the request, or the request is about Brightnest’s own processing, email hello@brightnest.app.

School Heads can request a data export covering their school via the in-app export flow. Super Admin support is available for account-level deletion.

8. Security

• All traffic is served over HTTPS.
• Passwords are stored as hashes by our authentication provider; we never see plaintext passwords.
• Authenticated API access goes through a server-side authorization layer with role-based access control; the database denies access by default and only the server can read sensitive tables such as user reports.
• We apply per-user rate limits on AI-assisted endpoints to deter automated abuse.
• We use error monitoring with sensitive-data scrubbing to protect against accidental leakage in logs.

9. Changes to this policy

We may update this policy as the product evolves. Substantive changes will be communicated to onboarded schools at least 30 days before they take effect, except where a shorter timeline is required by law.

10. Contact

Questions about this policy can be sent to hello@brightnest.app. Brightnest is based in the Philippines.