Protecting Your Data, Earning Your Trust — UniBright Solutions
UniBright Solutions ("we," "us," or "our") operates the website unibrightsolutions.com and provides digital marketing, web and mobile application development, and AI automation services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with us in any capacity.
This policy applies to all users, clients, website visitors, and third parties who interact with our services, including but not limited to AI-powered marketing platforms, web development portals, and automated workflow systems.
By accessing our website or using our services, you consent to the data practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please discontinue use of our website and services immediately.
We may collect personally identifiable information that you voluntarily provide to us, including but not limited to:
In the course of providing AI automation and digital services to healthcare clients, we may process Protected Health Information (PHI) as defined under HIPAA. We process PHI only as a Business Associate under a signed Business Associate Agreement (BAA) and in strict compliance with HIPAA regulations.
PHI processed may include:
We automatically collect certain technical information when you visit our website or use our services:
When you use our AI automation solutions, we may collect:
We may receive information about you from third-party sources, including:
We use the information we collect for the following purposes:
For users in the European Economic Area (EEA) and United Kingdom, we process personal data under the following lawful bases:
Where we process data based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of prior processing. To withdraw consent, contact us at support@unibrightsolutions.com.
Depending on your location, you may have the following rights regarding your personal data:
To submit a data rights request, email support@unibrightsolutions.com with the subject line "Data Rights Request." We will verify your identity and respond within 30 days (or 45 days for complex requests with written notice). There is no charge for submitting a request.
We use cookies, web beacons, pixel tags, and similar tracking technologies to enhance your experience on our website and to analyze performance.
You can manage or disable cookies through your browser settings or via our cookie consent tool. Note that disabling certain cookies may affect the functionality of our website. For more information, visit allaboutcookies.org.
UniBright Solutions operates in the United States and may transfer your personal data to, or process it in, countries outside your jurisdiction — including countries that may have different data protection standards.
When we transfer data from the EEA, UK, or Switzerland to the United States or other countries, we rely on:
Our delivery operations are supported by VJ Overseas, a contracted team based in India. All personnel are bound by confidentiality agreements and data processing terms consistent with GDPR and applicable privacy regulations. PHI and sensitive client data are handled in compliance with our BAA and least-privilege access controls.
We implement industry-standard and enterprise-grade security measures to protect your information against unauthorized access, disclosure, alteration, and destruction.
While we strive to protect your personal information using industry best practices, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach affecting your rights and freedoms, we will notify affected parties as required by applicable law.
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements.
| Data Category | Retention Period | Basis |
|---|---|---|
| Client project data | Duration of engagement + 3 years | Contract / Legitimate interests |
| Marketing analytics data | 26 months | Google Analytics default alignment |
| Financial and billing records | 7 years | Tax compliance (IRS / GAAP) |
| Protected Health Information (PHI) | Minimum 6 years from creation or last effective date | HIPAA 45 CFR §164.530(j) / BAA terms |
| Website server logs | 12 months | Security monitoring |
| Cookie data | Varies by cookie type | See Cookie Policy (Section 6) |
| Marketing email lists | Until unsubscription or 3 years of inactivity | Consent / Legitimate interests |
| AI model training data | Duration of client engagement + 1 year | Contract / Service improvement |
Upon expiration of the applicable retention period, data is securely deleted using industry-standard data destruction methods or irreversibly anonymized so it can no longer be associated with an individual.
We do not sell your personal information. We may share your information with the following categories of third parties:
Cloud hosting (AWS, Google Cloud), payment processors (Stripe), email platforms (Mailchimp, SendGrid), analytics tools, and CRM systems. All service providers are bound by data processing agreements and are required to maintain confidentiality and security standards consistent with this policy.
Google Ads, Meta/Facebook, LinkedIn, and other advertising networks for campaign execution on behalf of our clients or for our own marketing purposes. These partners may use cookies and tracking technologies subject to their own privacy policies.
We may disclose your information when required by law, subpoena, court order, or government request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
In connection with a merger, acquisition, restructuring, or sale of assets, your information may be transferred to successor entities. We will notify you of any such transfer and any choices you may have.
When specifically instructed by clients for campaign or project requirements, we may share data on their behalf with designated third parties as part of contracted service delivery.
Our services are not directed to individuals under the age of 16 (or 13 where applicable under COPPA — the Children's Online Privacy Protection Act). We do not knowingly collect, maintain, or use personal information from children under these age thresholds.
If we learn that we have collected personal information from a child under the applicable age threshold, we will delete it promptly and take appropriate steps to prevent further collection. If you believe a child has provided us with personal information, please contact us immediately at admin@unibrightsolutions.com.
We reserve the right to update or revise this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. When changes are made:
Your continued use of our website or services after the posting of changes constitutes your acceptance of the revised Privacy Policy. If you do not agree to the updated terms, please discontinue use of our services and contact us to discuss your options.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through any of the following channels:
We aim to respond to all privacy-related inquiries within 5 business days. For data rights requests (access, deletion, portability), we will respond within 30 days as required by applicable law.
Digital Marketing Consultant
