BrightLabs

Legal

Privacy Policy

Last updated: February 2026 · UK GDPR compliant

Who we are

BrightLabs is an AI-powered growth, automation and marketing agency based in Norwich, serving clients UK-wide. For data protection purposes, BrightLabs is the data controller for personal data collected through our website and services. Contact us at hello@brightlabs.live.

What we collect

  • Enquiries: name, business, email, phone, and any details you share when you book a discovery call, take the Growth Score quiz, or request a free audit.
  • Client account data: billing details (via Stripe — we never see your card), invoicing info, and the contact details needed to deliver services.
  • Website analytics: anonymous traffic data via privacy-friendly tools (page views, referrers, country-level location) — no personal profiles built.
  • Lead Engine (admin): public business information sourced from Google Places (business name, address, website, ratings) — used only internally for outreach.

How we use your data

  • Respond to your enquiry and follow up about our services
  • Deliver the services you've signed up for and manage your account
  • Send you transactional emails (welcomes, results, invoices, reminders)
  • Improve our website and offering through aggregated analytics
  • Comply with legal and accounting obligations

We will never sell your data, never share it with third parties for their own marketing, and never email you unsolicited promotions you didn't opt into.

Lawful basis (UK GDPR)

We rely on: contract (to deliver services you've requested), legitimate interest (to respond to enquiries and run our business), consent (for optional marketing — you can withdraw any time), and legal obligation (e.g. accounting records).

Tools we use

To deliver our services we rely on trusted, GDPR-compliant providers including: Stripe (payments), Zoho Mail (email), MongoDB Atlas (database, EU hosted), Google Cloud / Vercel (hosting), OpenAI / Anthropic / Google Gemini (AI features). Data is encrypted in transit and at rest.

How long we keep it

Enquiry data: up to 24 months unless you become a client (then kept for the duration of our engagement + 6 years for accounting). Marketing data: until you unsubscribe. We delete or anonymise data once it's no longer needed.

Your rights

Under UK GDPR you have the right to: access, correct, delete, restrict or object to processing of your personal data, request a copy in a portable format, and withdraw consent at any time. Email hello@brightlabs.live and we'll respond within 30 days.

If you're not happy, you can complain to the Information Commissioner's Office (ICO — ico.org.uk).

Cookies

Our website uses only essential cookies (to keep you signed in to the admin) and lightweight, anonymous analytics. We don't use third-party advertising or tracking cookies.

Contact

Privacy questions or data requests: hello@brightlabs.live · 01603 976281

BrightLabs · Based in Norwich · Serving UK-wide