Bright Horizons Global Consumer Privacy Notice

Owner: Privacy Department
Approver: Global Privacy Officer
Version: January 2024
Last Review: January 2024

Introduction
Who does this notice apply to?
Who controls your personal information?
Why do we collect your personal information?
When do we collect your personal information?
What personal information do we collect and process?
Who do we share your personal information with?
Where do we process and store your personal information?
How long do we keep your personal information?
What rights do you have over your personal information?
How do we protect your personal information?
Will this Notice change?
Any questions?
COVID-19 Pandemic

Introduction

Around the globe, consumers trust Bright Horizons to provide high-quality education and care, operate with integrity, and empower them to thrive. Respecting the privacy rights of our consumers is an integral part of building and maintaining that trust. This Notice explains how Bright Horizons collects and uses its consumers’ personal information.

Who does this Notice apply to?

This Notice applies to any prospective, current or former consumers of Bright Horizons’ services, websites, apps and social media (Consumers). Bright Horizons’ services include child and adult care (e.g., in-home care, center care, information and resources), parental leave toolkit, coaching, consulting, educational advising and tuition assistance (Services).

This Notice covers our Services globally. Consumers can click on the links below for additional terms that apply to Consumers residing in certain regions or receiving Services in those regions. The region-specific terms only apply to the Services that operate in those geographic locations or as applicable law requires.

A separate Global Staff and Supplier Privacy Notice applies to prospective, current and former staff and suppliers (including employees, apprentices, agency workers and contractors).

For simplicity throughout this Notice, ‘we’, ‘us’ and ‘our’ means Bright Horizons and ‘you’ or ‘your’ means Consumer.

Who controls your personal information?

Bright Horizons is made up of a number of companies.  This section gives you the legal name of the Bright Horizons’ company responsible for processing your personal information.

Bright Horizons has a Global Privacy Officer (who also acts as its Data Protection Officer for the UK and the Netherlands) and can be contacted at dataprivacy@brighthorizons.com

Location of Services

Responsible Company

 

United States, Canada, India

 

 

Bright Horizons Family Solutions LLC

200 Talcott Avenue South, Watertown, Massachusetts, 02472, USA. This entity also includes services under our brand names Bright Horizons, Bright Horizons EdAssist Solutions and College Coach.

 

United Kingdom,

Ireland

 

 

Bright Horizons Family Solutions Limited (Co. No. 2328679)

Pioneer House, 7 Rushmills, Northampton, NN4 7YB, UK. This entity also includes services under our brand names Bright Horizons, Yellow Dot Nurseries, Asquith Nurseries, Magic Nurseries and My Family Care (MFC).

 

Netherlands

 

 

Kindergarden Nederland B.V. (Co. No. 33303797)

Herengracht 250, 1016 BV Amsterdam, Netherlands.

 

Why do we collect your personal information?

We limit the collection of your personal information to what is necessary.  We do not sell your personal information to any third parties.  Below we have highlighted the main reasons for collection:

  • Fulfill or meet the reason you provided the personal information to us.
  • Respond adequately to your requests for Services or information.
  • Provide Services to you and/or your dependents.
  • Personalise, enhance, and support your website experience and/or the Services.
  • Create, maintain, customise, and secure your account with us.
  • Facilitate and process purchases, financial transactions and payments.
  • Provide information regarding our Services and areas of interest to you.
  • Research and analyse existing Services for training and quality purposes and develop new Services.
  • If you receive our Services as an employee benefit, to aid your employer in the administration of the employee benefit.
  • Comply with laws, regulations and sector standards.
  • Protect the security of our technology and data.
  • Fulfil tax, reporting, and other financial requirements and obligations.
  • Prevent or detect unlawful acts.
  • As described to you when collecting your personal information.
  • Evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all assets of Bright Horizons, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.


Consumers receiving Services in the United Kingdom, Ireland, the Netherlands and any other country in the European Economic Area click here to read additional information that applies to you.

When do we collect your personal information?

There are a variety of contexts under which we will collect your personal information.

When you visit our websites or use our applications (apps) or social media, we collect your personal information from:

  • Monitoring your electronic visit and engagement with us.
  • The information you provide to us (for instance, by completing one of our webforms).
  • Learn more about how we use cookies and similar technologies by clicking here.

Our website is not intended for use by children under 16 years of age nor do we knowingly collect personal information from children under 16 through our website. If you are under 16, please do not use or provide any information on our website.

When you call our Contact Centers, we will collect your personal information from:

  • The information you provide to us.
  • Recording the calls, including the number you call from, for training and quality assurance purposes.


When you receive Services from us, we will collect your personal information from:

  • The information you provide to us.
  • Providing the Services to you such as completing forms, assessments and other documentation as part of the provision of Services.
  • Recorded images at locations with CCTV cameras.
  • Use of key fobs or swipe card to gain access to the Services.
  • If you receive Services as part of an employee benefit, we may receive your personal information from your employer on your eligibility to use the Services and other reporting identifiers
  • If you receive government funding, we may receive personal information from the government on your eligibility for the funding and other reporting identifiers.
  • Government agencies may provide us with personal information to support their regulatory obligations or investigations.
  • Third party marketing companies who provide us with contact details for individuals who have consented to receive marketing materials. You have the right to opt-out of these communications at any time.

What personal information do we collect and process?

If you are a prospective consumer, we will process:

  • The personal information you provide to us. This personal information may include health related information relevant to determine the suitability of Services.
  • Details of your visits to our websites, apps, and social media, as well as information we gather from the use of cookies. Learn more about how we use cookies and similar technologies by clicking here.
  • For locations with CCTV cameras, we may capture images.
  • Your contact details as provided to us by third party marketing companies (for individuals who have consented to receive marketing materials).You have the right to withdraw your consent at any time.


If you are a current or former consumer, we will process:

  • All personal information you provide to us.This personal information may include health related information relevant to the provision of Services.
  • Personalised registration username and passwords, and swipe card/key fob access records for Bright Horizons premises.
  • Details of your visits to our websites, apps, and social media, as well as information we gather from the use of cookies in your web browser. Learn more about how we use cookies and similar technologies by clicking here.
  • For locations with CCTV cameras, we may capture images.
  • Access information when using key fobs or swipe cards.
  • Care and service records that may include for example: notes from meetings/calls; observations and assessments of you or your dependent’s activities while we provide services to them (e.g., illnesses, sleep, diaper changes, meals, medication, learning, interactions with others, and accidents); review and feedback on your or your dependent’s education/school applications; photographs to share with you for communication purposes, learning records or identification purposes; and utilisation reports (including dates of service, user of service and reasons for service).
  • If you receive our service as part of an employee benefit, we may receive personal information from your employer on your eligibility to use the Services and other reporting identifiers.
  • If you receive government funding, we receive personal information from the government on your eligibility for the funding and other reporting identifiers.
  • Government agencies may provide us with personal information to support their regulatory obligations or investigations.
  • Other personal information provided to us by third parties in order to meet our legal obligations.
  • Personal information about you and/or your dependent as necessary to respond to and defend legal claims or to pursue legal claims.

Consumers receiving Services in the United Kingdom, Ireland, the Netherlands and any other country in the European Economic Area click here to read additional information that applies to you.

Who do we share your personal information with?

We consider your personal information confidential and do not share it with anyone else except as described in this Notice. There are limited circumstances that require us to disclose your personal information to others in order to deliver Services and meet our contractual/legal obligations or legitimate business interests. Examples include:

Bright Horizons’ Group Companies

We may share your personal information with our subsidiaries and affiliate/group companies as necessary to provide the Services.

Sub-contractors and Agents

We sometimes employ or contract with other companies and individuals to perform functions on our behalf. Depending upon the type of service they are providing, we may share personal and special category (sensitive) personal information only as appropriate and necessary. These parties are under contractual obligations to use your personal information only as directed by us and as needed to perform their functions. All are under a legal duty to handle such information in accordance with Bright Horizons’ information security, data protection and confidentiality standards, and this Notice. Some examples include our insurance brokers/provider, payment service providers, and IT developers.

Business Partners

If you utilise our child/adult care or coaching services, we may partner with a professional external provider (Business Partner) to arrange for them to deliver the Services to you or your dependent. You will have an independent relationship with our Business Partner. They may require personal information from you in order to deliver the Services to you in accordance with their own processes and obligations under the law.

In order to arrange the Services with the Business Partner, we may need to share personal and special category (sensitive) personal information as appropriate and necessary. We have contracts with the Business Partners that require them to use your personal information only as allowed under the contract, in compliance with all applicable laws and to meet appropriate standards of information security, data protection and confidentiality.

Employers

Your employer may make the Services available to you as an employee benefit. In order to meet our obligations to your employer, we provide details of your use of the Services, which may include your name, dates of use, reasons for use, and other employer requested utilisation information. We disclose only information relevant to the utilisation of the Services or necessary for their administration of the benefit.

Third Parties to Comply with Legal Requirements

We share personal information if required by law/regulations or as we reasonably determine to be necessary and as permitted by law to protect our rights or the rights of others, to prevent harm or damage to persons or property, to fight fraud, or to enforce our website terms of use or other contractual rights. For example, a government may require us to disclose personal information for law enforcement purposes; or require us to disclose personal information for safeguarding or government funding purposes; or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Business Transfers

As we continue to develop our business, we may sell or buy assets or entities. If any Bright Horizons business unit is sold, personal information relevant to the acquisition may be transferred as part of the transaction.

Where do we process and store your personal information?

Electronic Information

 

Some personal information may remain on electronic storage data systems in the country where we provide the service. However, our primary electronic storage facilities and contact centers are in the United States. Please note that we (or our Affiliates, service providers or agents) may process personal information in other countries, where your personal information may be subject to the laws of that jurisdiction, including laws regarding the disclosure of personal information to government authorities. We ensure appropriate safeguards are in place before we transfer personal information to any other country.

Consumers receiving Services in the United Kingdom, Ireland, the Netherlands and other country in the European Economic Area click here to learn more about how we safeguard your information and comply with privacy laws.

Hardcopy Information

The hardcopy of personal information we collect remains in the country where you receive the services or provide the information.

How long do we keep your personal information?

Whenever we collect or process your personal information, we’ll only keep it for as long as is necessary for the purpose for which it was collected and , as required under law and to defend legal claims.

What rights do you have over your personal information?

To ask for your information to be amended, please follow one of the steps below as applicable to the Services you receive:

  • If you have an online account, update the information directly online.
  • Call our contact center team to request the amendments.
  • Contact the location providing the Service to request the amendments.


To ask for direct marketing communications to stop,
 please follow the steps below:

  • Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails from that particular mailing list.
  • If you have an account, log in to your account and change your preferences.
  • In our apps, you can manage your preferences and opt out from one or all of the different notifications by selecting or deselecting the relevant options in the ‘Settings’ section.


Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

If you have any questions about your privacy rights, you can contact our Global Privacy Officer at dataprivacy@brighthorizons.com.

Residents of California click here to read additional information that applies to you.

Consumers receiving Services in the United Kingdom, Ireland, the Netherlands and any other country in the European Economic Area click here to read additional information that applies to you.

How do we protect your personal information?

We utilise appropriate technical, organisational, and physical safeguards to protect your personal information we process in both physical and electronic formats. We provide data protection, privacy and security training and conduct internal periodic quality assurance audits to ensure we maintain these standards.

Bright Horizons’ Information Security program is ISO 27001 certified and our Privacy program is ISO 27701 certified. Click here to view our applicable ISO certifications.   

However, please note that no computer system or information can ever be fully resilient against every possible hazard or risk.  We do maintain appropriate levels of security in accordance with data protection, privacy and security laws and regulations in the territories we operate and keep these under review.

You also play a valuable part in protecting the security of your personal information. You should never share with anyone your password to access any accounts that you created or which we created for you. When using a browser to access your account, after you have finished you should log out and exit your browser to prevent unauthorised users from returning to your account.

If you believe that someone has improperly used your account or provided information about you that you didn’t authorise, please contact us immediately at dataprivacy@brighthorizons.com.

Will this Notice change?

This Notice is subject to change in order to remain compliant with data protection and privacy laws in the territories in which we operate. Please check back periodically, especially before you provide any personal information. This Notice was last updated in January 2023.

Any Questions?

We hope this Notice has been helpful in setting out the way we process your personal information and how we do this in a transparent and accountable manner.

If you have any questions that haven’t been covered by this Notice, please contact our Global Privacy Officer at dataprivacy@brighthorizons.com.

COVID-19 Pandemic

In order to comply with our legal and regulatory obligations, we may need to collect personal information about you and individuals you have been in close contact with for COVID-19 related purposes.  We may use this personal information to determine your or your dependents’ access to our Services.  In addition, we may need to share this personal information with relevant government agencies.  We will process and protect all personal information we collect for COVID-19 related purposes in accordance with this Notice.

    ​​​​