logoLexington, Buena Vista and Rockbridge Countylexingtonvirginia.com
Scenic Lexington, Buena Vista and Rockbridge County
logoLexington, Buena Vista and Rockbridge Countylexingtonvirginia.com
__logo__
Loading

Privacy Policy

Last Updated: 6/26/2026

Welcome, and thank you for your interest in the Brightr Travel platform (“Brightr Travel”), operated by Beacon Mobile, Inc. (“Beacon Mobile,” “we,” “us,” or “our”), our website at www.brightrhq.com (the “Site”), and all related websites, white-label applications, SMS messaging services, and other services provided by us on which a link to this Privacy Policy is displayed (collectively, together with the Site, our “Platform”).

This Privacy Policy (“Policy”) describes the information we collect on or through the Platform, how we use and disclose such information, and the steps we take to protect it. By visiting the Site, using the Platform, creating an account, making a purchase, or opting in to our SMS Program, you accept the privacy practices described in this Policy.

This Policy is incorporated into, and subject to, the Beacon Mobile Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the Terms of Service.

1. Our Role; Partners as Data Controllers

1.1 How the Platform Works. The Brightr Travel Platform is licensed to community organizations, destination marketing organizations, Main Street programs, municipalities, and other partners (each, a “Partner”) who use it to deliver consumer-facing experiences — including event listings, digital passport programs, scavenger hunts, ticket sales, and rewards — to residents and visitors in their communities.

1.2 Partner as Data Controller. When you interact with a Partner’s branded experience on the Platform (for example, completing a passport program, buying a ticket for a Partner’s event, or checking in at a Partner’s location), the Partner determines what data is collected and how it is used in connection with its program. In that context, the Partner acts as the data controller, and Beacon Mobile acts as the data processor, processing your data on the Partner’s behalf to deliver the Platform’s features. The Partner is responsible for providing you with notice about how it uses your data in connection with its programs, and for complying with applicable data protection laws regarding that use.

1.3 Beacon Mobile as Data Controller. For data that Beacon Mobile collects for its own purposes — such as account registration information, Platform usage analytics, SMS Program opt-in data, and data collected through features that Beacon Mobile operates directly — Beacon Mobile acts as the data controller.

1.4 Questions About Partner Data Use. If you have questions about how a specific Partner uses your data collected through its programs on the Platform, please contact that Partner directly. If you are unsure how to reach the Partner, contact us at support@brightrhq.com and we will direct you.

2. Information We Collect

2.1 Account Information. When you create an account, we collect your name and mobile phone number. Your phone number is collected for account identification and login purposes only. Account creation does not enroll you in any SMS messaging program.

2.2 Program Activity Data. When you participate in digital passport programs, scavenger hunts, challenges, milestones, and rewards programs, we collect data about your activity, including: (i) check-in events (location name, date, and time of each check-in); (ii) stamps and badges earned; (iii) passport progress and completion status; (iv) scavenger hunt checkpoint completions; (v) milestones achieved; and (vi) rewards earned or redeemed. Check-ins are recorded when you actively scan a QR code or manually confirm a check-in within the Platform. The Platform does not passively track or record your geographic location, GPS coordinates, or continuous location data.

2.3 Transaction and Payment Data. When you purchase a ticket or make a payment through the Platform, we collect: (i) the items purchased and transaction amount; (ii) the date and time of the transaction; and (iii) the Partner associated with the purchase. Payment card information (card number, expiration date, and security code) is collected and processed directly by our third-party payment processor, Stripe, Inc. (“Stripe”). Beacon Mobile does not receive, store, or have access to your full payment card information. We receive from Stripe a confirmation of the transaction, a transaction identifier, and limited card details (such as the last four digits of your card number and card brand) for recordkeeping and customer support purposes. Stripe’s collection and use of your payment data is governed by Stripe’s own privacy policy, available at stripe.com/privacy.

2.4 SMS Program Opt-In Data. When you opt in to the Brightr SMS Program, we collect and store: (i) your mobile phone number; (ii) a timestamp recording when you opted in; (iii) the exact consent language displayed to you at the time of opt-in; (iv) the event or community context associated with your opt-in; and (v) the source URL or method through which you opted in (for example, the web form at ask.brightrhq.com/signup or a text-keyword opt-in at an event). For keyword opt-ins, we also retain the content of the confirmation message sent to you, your affirmative reply, and the associated timestamp. This information constitutes your consent record and is retained as described in Section 12.

2.5 Automatically Collected Information. When you use the Platform, we may automatically record certain information from your device using cookies, clear gifs, web beacons, and similar technologies. This information may include: (i) IP address or other device identifier; (ii) web browser and device type; (iii) the web pages or sites visited before or after using the Platform; (iv) pages or content you view or interact with on the Platform; (v) dates and times of access; and (vi) information regarding your interaction with email messages we send, such as whether you open, click on, or forward a message.

2.6 User-Submitted Content. If you submit content to the Platform (such as reviews, photos, or other materials), we collect and store that content along with your account information.

2.7 Integrated Services. You may access or register for the Platform using credentials from third-party services (each, an “Integrated Service”), such as your Google account. By authorizing us to connect with an Integrated Service, you authorize us to access and store the information that the Integrated Service makes available to us and to use and disclose it in accordance with this Policy.

3. How We Use Information

3.1 Operations. We use account information, Program Activity Data, and transaction data to operate, maintain, and provide all features of the Platform, to respond to your questions and requests, and to provide support.

3.2 Partner Program Delivery. We process Program Activity Data and transaction data on behalf of our Partners to deliver the passport programs, scavenger hunts, rewards, and ticket purchases that you participate in. This data is shared with the Partner that administers the applicable program, as described in Section 4.

3.3 SMS Communications. We use your mobile phone number and related opt-in data to send you messages through the SMS Program, including informational, transactional, and occasional promotional messages as described in the Terms of Service. We use your consent record to document and verify your opt-in.

3.4 Other Communications. We may use your email address, phone number, or other contact information to contact you: (i) for administrative purposes, such as customer service or account security; or (ii) with updates on promotions, events, and services offered by us or by Partners. You may opt out of promotional communications as described in Section 6.

3.5 Improvements and Analytics. We use information to understand and analyze usage trends and preferences, to improve the Platform, and to develop new products, services, features, and functionality. When we use Program Activity Data or transaction data for these purposes, we use it in anonymized or aggregated form.

3.6 Cookies and Tracking Technologies. We use automatically collected information and cookies to: (i) personalize the Platform; (ii) provide customized content and information; (iii) monitor and analyze the effectiveness of the Platform; (iv) monitor aggregate usage metrics; and (v) track your entries, submissions, and status in promotions or other activities.

4. Disclosure of Information

Except as described in this Policy, we will not intentionally disclose your Personal Data to third parties without your consent. We may disclose information in the following circumstances:

4.1 Partners. When you participate in a Partner’s program (passport, scavenger hunt, rewards, ticket purchase) on the Platform, we share your Program Activity Data and, where applicable, transaction data with that Partner so they can administer their program, fulfill your purchase, deliver rewards, and communicate with you about their events and community. The Partner’s use of your data is governed by the Partner’s own privacy policy, not this Policy. We encourage you to review the privacy practices of any Partner whose programs you participate in.

4.2 Payment Processor. When you make a purchase, your payment card information is collected and processed by Stripe. Beacon Mobile does not control Stripe’s use of your data. See Stripe’s privacy policy at stripe.com/privacy.

4.3 Service Providers. We work with third-party service providers who provide hosting, development, maintenance, messaging, analytics, and other services for us. These providers may process Personal Data as part of providing those services. We limit the information provided to what is reasonably necessary and require them by contract to maintain its confidentiality.

4.4 Non-Personally Identifiable Information. We may make aggregated or non-personally identifiable information available to third parties for purposes including compliance with reporting obligations, business or marketing purposes, and understanding usage patterns.

4.5 Law Enforcement and Legal Process. We may disclose Personal Data if required by law or in the good-faith belief that disclosure is necessary to: (i) comply with applicable laws or respond to a valid court order, subpoena, or warrant; (ii) take precautions against liability; (iii) protect ourselves or others from fraudulent, abusive, or unlawful activity; (iv) investigate and defend against third-party claims; (v) protect the security or integrity of the Platform; or (vi) protect our property, enforce our contracts, or protect the rights, property, or safety of others.

4.6 Change of Ownership. Information about users, including Personal Data, may be disclosed and transferred to an acquirer, successor, or assignee as part of any merger, acquisition, sale of assets, or similar transaction, or in the event of an insolvency or bankruptcy, provided that the recipient commits to a privacy policy with terms substantially consistent with this Policy.

5. Mobile Messaging / SMS Data Practices

5.1 No Sharing for Marketing. Mobile phone numbers and consent records collected for the SMS Program will not be sold, rented, or shared with third parties or affiliates for their marketing or promotional purposes. Information obtained as part of the SMS opt-in process — including your phone number, your consent, and the associated opt-in data described in Section 2.4 — will not be shared with third parties for their marketing purposes.

5.2 Limited Disclosure. We may share SMS-related data with service providers who assist in delivering messages (such as our messaging platform provider), subject to the same confidentiality and use restrictions described in Section 4.3.

5.3 Opt-Out. You may opt out of the SMS Program at any time as described in the Terms of Service. Upon opt-out, we will cease sending you messages. We will retain your consent record as described in Section 12.

6. Your Choices

6.1 Access, Correction, Deletion. You may access, update, correct, or delete your account information by contacting us at support@brightrhq.com. At your request, we will delete or block any reference to you in our database, subject to our right to retain information for backups, fraud prevention, legal obligations, or where we have a legitimate reason to do so. Regarding Personal Data processed on behalf of a Partner (such as Program Activity Data collected through a Partner’s program): requests for access, correction, or deletion of that data should be directed to the applicable Partner, as the Partner is the data controller for that information. If the Partner directs us to delete or modify your data, we will comply within thirty (30) days.

6.2 SMS Opt-Out. You may opt out of the SMS Program at any time as described in Section 8 of the Terms of Service.

6.3 Commercial Communications. If you receive promotional emails from us, you may unsubscribe by following the instructions in the email or by emailing support@brightrhq.com. It may take up to ten (10) business days for us to process your request. Even after opting out of promotional communications, you will continue to receive administrative messages regarding the Platform (such as transaction confirmations and account security notices).

6.4 Data Protection Rights. At any time, you may object to the processing of your Personal Data on legitimate grounds, except where otherwise permitted by applicable law. If you believe your privacy rights have been infringed, please contact us at matt@brightrhq.com. You also have the right to lodge a complaint with applicable data protection authorities.

7. Your California Privacy Rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”):

7.1 Right to Know. You have the right to request that we disclose the categories and specific pieces of Personal Data we have collected about you, the categories of sources from which the data was collected, the business or commercial purposes for collection, and the categories of third parties with whom we share your Personal Data.

7.2 Right to Delete. You have the right to request that we delete Personal Data we have collected from you, subject to certain exceptions permitted by law.

7.3 Right to Correct. You have the right to request that we correct inaccurate Personal Data we maintain about you.

7.4 Right to Opt Out of Sale or Sharing. We do not sell your Personal Data. If we share Personal Data for cross-context behavioral advertising, you have the right to opt out of such sharing.

7.5 Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA/CPRA rights.

7.6 How to Exercise Your Rights. To exercise any of the rights described above, please contact us at matt@brightrhq.com or by mail at Beacon Mobile, Inc., ATTN: Matt Mason, 41 University Drive, Suite 400, Newtown, PA 18940. We will verify your identity before processing your request and respond within the timeframes required by applicable law.

8. Cookies and Tracking Technologies

8.1 Types of Cookies. The following types of cookies are used on the Platform: (i) strictly necessary cookies, which are essential to enable you to use the Platform and its features; (ii) performance cookies, which collect aggregated, anonymous information about how visitors use the Platform; (iii) functionality cookies, which allow the Platform to remember your choices and provide enhanced features; and (iv) advertising cookies, which are used to deliver advertisements more relevant to your interests and to measure the effectiveness of advertising campaigns.

8.2 Third-Party Cookies. We allow third parties with which we have a separate agreement to use cookies and similar technologies to collect information about your use of the Platform. These third parties include business partners and advertising networks. We do not share with these third parties information that would readily identify you (such as your email address), though they may have access to information about your device (such as IP or MAC address).

9. Interest-Based Advertising

We may work with third parties such as advertising networks, attribution partners, and business partners to understand the profiles of individuals who may be interested in our products or services and to measure the effectiveness of advertisements. We may use cookies, beacons, pixels, tags, mobile advertising IDs, and similar technologies for these purposes. You may opt out of receiving interest-based advertising by visiting www.aboutads.info/consumers and www.networkadvertising.org. These opt-out features will remove you from many, but not all, interest-based advertising activities.

10. Do Not Track

Some browsers include a Do Not Track feature that sends a signal to the websites you visit indicating that you do not wish to be tracked. Because there is not yet a common understanding of how to interpret Do Not Track signals, we do not currently respond to them. You may opt out of interest-based advertising as described in Section 9.

11. Third-Party Services

The Platform may contain features or links to websites and services provided by third parties, including our Partners’ own websites and services. Information you provide on third-party sites or services is subject to those parties’ own privacy policies. We are not responsible for the privacy and security practices of third-party sites or services. We encourage you to review their privacy policies before providing them with information.

12. Data Retention

We retain Personal Data for as long as your account is active or as long as we need it to fulfill the purposes for which it was collected, unless otherwise required by law.

12.1 SMS Consent Records. We retain SMS opt-in consent records (including your phone number, opt-in timestamp, the consent language displayed, event context, source URL, and for keyword opt-ins, the confirmation message content and affirmative reply) for the duration of the messaging relationship and for four (4) years after opt-out or the end of the messaging relationship, whichever is later, in order to document compliance with applicable law.

12.2 Transaction Records. We retain transaction records (purchase details, amounts, dates, and Partner association) for as long as needed to comply with applicable legal, accounting, and tax obligations and to resolve disputes or enforce our agreements.

12.3 Program Activity Data. We retain Program Activity Data for as long as your account is active. Upon account deletion, Program Activity Data is deleted or de-identified within a reasonable period, except where retention is required for legal, accounting, or fraud-prevention purposes, or where a Partner directs otherwise in its capacity as data controller.

12.4 Account Data. The contents of closed accounts are deleted within a reasonable period after closure. Backups are retained for a limited period.

12.5 Deletion. When Personal Data is no longer required, we take reasonable steps to delete or de-identify it.

13. Children’s and Minors’ Privacy

13.1 Under 13. Our Platform is not directed to children under the age of thirteen (13), and we do not knowingly collect Personal Data from children under thirteen (13). If you are under thirteen (13) years of age, do not use or access the Platform or provide any personal information through it. If we learn that Personal Data has been collected from a person under thirteen (13) without verifiable parental consent, we will take appropriate steps to delete that information. If you are a parent or guardian and discover that your child under thirteen (13) has provided us with Personal Data, please contact us at support@brightrhq.com.

13.2 Ages 13 to 17. Individuals between thirteen (13) and seventeen (17) years of age may create an account and participate in Programs (passport programs, scavenger hunts, challenges, and rewards) with their parent’s or legal guardian’s permission. We collect the same account information (name and phone number) from these users as from adult users. Individuals between thirteen (13) and seventeen (17) may not: (i) make purchases or provide payment information; or (ii) opt in to the SMS Program. If we learn that a person under eighteen (18) has made a purchase or opted in to the SMS Program, we will take appropriate steps to reverse the transaction or unenroll them and delete the associated data.

14. Data Security

We follow generally accepted industry standards to protect the information submitted to us, both during transmission and after receipt. We maintain appropriate administrative, technical, and physical safeguards to protect Personal Data against accidental or unlawful destruction, loss, unauthorized alteration, disclosure, access, or misuse. This includes firewalls, password protection, access and authentication controls, and encryption of data during transmission using SSL/TLS technology. However, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee the security of any information you transmit to us or store on the Platform. If we learn of a security breach, we will inform you and the relevant authorities in accordance with applicable law.

15. International Users

The Platform is directed to users in the United States and is hosted in the United States. If you access the Platform from outside the United States, please be aware that your information may be transferred to, processed, and stored in the United States, which may not have the same data protection laws as your country of residence. By using the Platform, you consent to the transfer of your information to the United States.

16. Changes to This Policy

We may update this Policy from time to time. If we modify this Policy, we will post the revised version on the Platform and update the “Last Updated” date above. Your continued use of the Platform after the revised Policy becomes effective indicates that you have read, understood, and agreed to the current version.

17. How to Contact Us

For general questions, support, or to exercise your choices under this Policy: support@brightrhq.com

For legal notices, privacy rights requests, or data protection inquiries: matt@brightrhq.com

Beacon Mobile, Inc., ATTN: Matt Mason, 41 University Drive, Suite 400, Newtown, PA 18940