Service Related Privacy Policy

At Inhavo Software Ltd. (DBA BrightInfo and/or Softlib) we recognize that our Customers and visitors to their sites value their right to privacy and want to be assured that any personal information they provide us is accurate and will be used only in accordance with their wishes. We are committed to ensuring that you are fully informed as to what information we collect about you, how we collect that information and keep it safe and how and for what purpose we use and share the information.

This Privacy Policy applies to our collection, use, retention and disclosure of the information of the following categories of individuals:
Customers: Those who register on their own or on behalf of an entity or organization to use the Service (as defined below), including administrators on a Customer account.
End Users: Individuals who visit our Customers’ websites and whose information we process in order to provide the Service to our Customers pursuant to our agreements with them.
This Privacy Policy does not apply to our Customers’ websites, which must have their own terms and privacy policies. Our Customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, including those relating to the collection of personal information in connection with the use of the Service by End Users with whom our Customers interact.
The Service which we provide to Customers (the “Service”) consists of tailoring content displayed on Customer’s websites to specific End User’s interests.


Generic Information
By default, our widgets which run on Customers websites do not collect any personally identifiable information about End Users. Our system logs only basic and generic information about End Users who visit our Customer’s websites required to perform various aggregate reports for internal analysis and external reports, research and monitoring purposes, and to help us develop and enhance the Service for our Customers. The reports generated as part of the Service contain only aggregated general information without any personal reference or identifiable information. More specifically, the information we generally collect for each End User visitor to a Customer’s website consists of: browser type, operating system, device type, a general estimate of the geographic region associated with the End User’s IP address, the page served, the time, referring URLs and other generic information normally transmitted in HTTP requests.
Based on this information we generate aggregated reports that present information for groups of visitors coming from the same general location or using the same type of device etc. This statistical data provides us with information about the use of the Service, such as how many visitors visit a specific page on which the Service is installed, how long they stay on that page, the type of content on that page, which hyperlinks, if any, they “click” on and how they generally engage with that page. This information helps us to keep the Service fresh and interesting to our users and tailor content to each End User’s interests.

Personal Information
In certain specific instances we may collect limited personal information.
  • Customer Personal Information: we retain personal information (including contact information, job title…) regarding our Customers, as required to allow us to provide the Service, to maintain contact with our Customers with regard to the Service and to provide our Customers with occasional product and marketing updates and communications. Customers may opt-out of receiving marketing updates and communications here
  • End User Personal Information: as part of the Service, upon a Customer’s specific request we may occasionally collect additional personal information about End User site visitors. Based on the Customer’s internal policies and website structure, this personal information may include: email, name, phone number, company position and other personally identifiable information.
    It should be clarified that:
    • We will never secretly collect End User personal information. Any End User personal information we collect is provided to us by End Users via electronic forms and questionnaires accessed through our Customers’ websites. Furthermore, the Customer for whom the information is collected is required, prior to our collection of any personal information, to inform the End Users of the purpose of the collection, duration of retention of information, and uses and disclosures, and is further obliged to obtain all legally required consents from the End Users.
    • Our sole purpose in this collection of End User personal information is to provide the Service as specifically requested of us by the Customer, and to collect and transmit the personal information to the Customer or to the Customer’s third party marketing automation system (as further described below), and prepare any reports requested by the Customer, all pursuant to the Customer’s specific request.
    • We make no use of End User personal information other than the specific performance of the Service for our Customers as provided herein. Specifically, we do not sell, trade or rent such personally identifiable information to other parties in any way.
    • We do not retain End User personal information beyond the limited time required to complete such collection, transmission and reporting, as specifically requested of us by the Customer.
    • Personal information is encrypted from collection and through transmission using industry standard encryption algorithms (as further described below).


We will never sell, trade or rent personally identifiable information about our Customers or End Users to other parties in any way.
We may on the other hand share generic non-personally identifiable information and aggregated reports. However, in no event will any personal information or personally identifiable information be included in such shared information or reports.
As part of the Service, at Customers’ specific behest, we may provide integration between the information that we collect on their behalf and their third party Marketing Automation systems. The Customer will dictate which information we share with such third party Marketing Automation systems and is solely responsible to obtain from End Users all consents, and provide to End Users all notices, as required under applicable laws. Information shared with third party Marketing Automation systems as Customer’s requests shall be subject to the terms of such the privacy policies of such systems.
While we require of our Customers to fully inform End Users of the terms governing their personal information, for your convenience below are links to the third party Marketing Automation systems that we are most often requested to integrate information with:

Hubspot -

Marketo -

Pardot -

Uberflip -

Google Analytics -

MailChimp -


We collect and use Customer information for:
  • Sales and Service related communications (personal emails and phone calls, event invitations etc.)
  • Practical considerations such as, but not limited to, sending order confirmation emails, and to process your transactions if applicable
  • Customer service improvement (your information helps us to respond more efficiently to your customer service requests and support needs) and provide technical assistance, answer questions or provide specific information, as requested
  • Administering contests, promotions, surveys or other site features
  • Sending periodic emails (information and updates including news, updates, related product or service information etc.)
We collect and use End User information to:
  • Personalize End Users’ experience (the information helps us better respond to End Users’ individual needs and present End Users with more relevant options and opportunities)
  • Improve the Service provided on Customers’ websites (we continually strive to improve our offerings based on the information received from End Users)
  • To, at a Customer’s specific request, integrate the information, statistics and activity information with information from other sources like Marketing Automation systems.

We have a legitimate interest in using your information in these ways in order to comply with our contractual obligations to our Customers. The above use of your information is fundamental to the nature of the Service we provide and to make it relevant and personal to you. We also have a legitimate interest to improve the Service and our Customers’ websites and to maintain our relationship with our Customers, and protect our Customers and End Users.


All information we collect on our Customers and End Users is stored on Microsoft Azure based servers. The information is kept encrypted and highly secured using top industry standards and Microsoft Azure mechanisms.
We implement a variety of security measures throughout each step of End Users’ interactions with our widgets and/or their providing us with personal information and/or retaining it, to maintain the safety of any personal information, including when entering, submitting, or accessing personal information. These security measures include physical, electronic and procedural measures. Among other things, we offer HTTPS secure access to all areas on our Service; the transmission of sensitive payment information (such as a credit card number) through our designated purchase forms is protected by an industry standard SSL/TLS encrypted connection; and we regularly maintain PCI DSS (Payment Card Industry Data Security Standards) certification. We also regularly monitor our systems for possible vulnerabilities and attacks, and we will promptly notify our Customers upon learning of any data breach (our Customers will then be obligated to notify any affected End User). We also regularly seek new ways and third party services for further enhancing the security of the Service and protection of our Customers’ and End Users’ privacy. It is important to note though that, despite our greatest efforts, no security measures are completely fool-proof. We therefore encourage you to avoid providing us with any sensitive information which you believe its disclosure could cause you substantial or irreparable harm. Furthermore, because e-mail and instant messaging are not recognized as secure forms of communications, we request and encourage you not to share any such sensitive information via any of these methods. Although we adhere to industry standard practices to protect your personal information and confidential data, we cannot ensure that such information and data will never be disclosed in ways not otherwise described in this Privacy Policy.


Cookies are small text files placed on a device when the device is used to visit a website or engage with the Service. We may place cookies or similar files on your device for security purposes, to facilitate site navigation and to personalize your experience while using the Service, including by better tailoring internal recommendations and promoted content to your preferences over time. For example, we may use your web browsing information to try to show you specific content recommendations from Customer’s website that we think will be of particular interest to you. Cookies allow us to collect technical and navigational information, such as browser type, time spent on the Service and pages visited. Cookies may include a device identifier along with information about the particular type of content in which you have shown interest. Cookies also allow us to select which content is most likely to appeal to you and display that content while you are visiting our Customer’s website.
If you would prefer not to accept cookies, you can do this by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies, please be aware that some functions and features of the Service may not work properly because we may not be able to recognize you properly. In addition, we may not be able to tailor our recommendations as well as we would be able to if you had not blocked the cookies.

We use several types of cookies to serve these purposes:
bi-exitimage-shown - indicates our popup is already shown for this visitor
bi-sid-v2 – our visitor id
bi-thirdPartyCookieCheck - used for multibrowser support (IE)
bi-vamp-v3 – configuration settings for visitor

End Users may read more about the cookies that will be placed on their device when visiting a Customer website by checking the Cookies Use Policy of the applicable site.


All links we offer in our widgets are links to internal site content and are controlled by our Customers. These links will never show any external information or information that didn’t pass our Customers’ verification process.


Our widgets are designed for general audience sites which are neither designed nor intended to collect personal information from children who are under the age of 13. In order to ensure compliance with the provisions of the Children's Online Privacy Protection Act, children under the age of 13 should not provide any personal information to this site. We ask that parents supervise their children while online.


It is important to us that the personal information we retain about Customers and End Users is accurate, complete, and current, and we take reasonable steps to ensure that the information that we receive from you is accurate and kept up to date.
You have the right to access your information to verify the information that we have collected in respect of you. You also have the right to request that your information be modified or deleted, including any changes to any consent that you may have given in respect of the collection or use of your information.
End Users will never receive communications from us, however, if you are or were a Customer, you may also ask at any time that your preferences as to the type of communications that you receive from us are modified in order to stop receiving them or to be added to or removed from our mailing list.
In the case of information of End Users gathered as part of Service to a Customer, in addition to the above rights to turn to us directly, an End User may also elect to make any of these requests of the applicable Customer for whom the Service is provided. The Customer must pass on the request to us, and we will comply with your request.
A Customer or End User may further request that all of the information regarding it (with the exception of any information we may retain under applicable law) be forgotten by sending an email to
We will endeavor to deal with all the above mentioned requests in a timely manner.


We will retain your information for a reasonable time to permit us to use it for the purposes that we have communicated to you above, and as may be legally required and permitted. We may use the services of third party companies to physically collect and store your information on our behalf. Any such companies will have to comply with the terms of all applicable laws and regulations and will be obligated to incorporate adequate security measures include physical, electronic and procedural measures to protect your information.
In the event of termination of Services with respect to any Customer, or in any event upon Customer request all End User information collected on behalf of the Customer (with the exception of any information we may retain under applicable law) may be deleted within 4 business hours.


We may amend this Privacy Policy from time to time. If we decide to make substantial changes in our policies towards collection or use of personal information, we will post the changes on this website. Changes in our privacy practices may be applied to all information we have about you at the time the revised Privacy Policy takes effect.


The information that we collect is considered to be an asset. In the event that we are acquired by another company, such information may be one of the transferred assets. We will take reasonable steps to place a notification of such a transfer on our website.