Security & Privacy
Plain-language answers to what we do — and don't do — with your information. No jargon.
Compliant with the Australian Privacy Act 1988, UK GDPR / Children's Code, and general GDPR principles for children's data.
🇦🇺
Australian Privacy Act 1988
Australian Privacy Principles (APPs) · OAIC oversight
🇬🇧
UK GDPR
Data Protection Act 2018 · ICO oversight · Children's Code
🇪🇺
EU GDPR 2016/679
General Data Protection Regulation · local DPA oversight
If you discover a vulnerability in BrightPath, please tell us privately before disclosing it publicly. We take all reports seriously and will respond within 2 business days.
[email protected]Please include: what you found, how to reproduce it, and your contact details. We do not pursue legal action against good-faith researchers.