BrightCanary logo

Privacy Policy

TACITA, INC.
PRIVACY STATEMENT

Last Updated: March 13, 2026

Your privacy is important to us. This privacy statement explains our collection, use, and disclosure of personal data, which is data linked or reasonably linkable to an identified or identifiable individual (“Personal Data”). This privacy statement applies to Tacita, Inc. and to our controlled affiliates and subsidiaries (“BrightCanary”). References to our “Services” in this statement include our websites, apps, devices, and other products and services. This statement applies to our Services that display or reference this statement, but it does not apply to any Services that display or reference a different privacy statement. Terms used but not defined in this privacy statement have the meaning given to them in our Terms of Use.

BrightCanary is designed to help parents and guardians better understand potential online risks affecting their children while respecting family privacy.

BrightCanary is built to protect families — not to monetize children’s data.

OUR PRIVACY COMMITMENTS

BrightCanary is designed to help parents protect their children online while respecting family privacy. Our approach to data privacy is guided by the following principles:

  • We never sell personal data, including data relating to children.
  • We collect only the data necessary to operate the Service, consistent with our data minimization philosophy.
  • The Service is designed exclusively for parents or legal guardians, and children cannot create accounts.
  • Parents control their family’s data, including the ability to request deletion of their own or their child’s data at any time.

DATA MINIMIZATION PHILOSOPHY

BrightCanary operates under a data minimization philosophy. We collect and process only the Personal Data that is reasonably necessary to operate, maintain, and improve the Services. We do not request or retain information that is not required for the functioning of the Services.

PERSONAL DATA WE COLLECT

The Personal Data we collect depends on how you interact with us, the Services you use, and the choices you make.

We collect information about you from different sources and in various ways when you use our Services, including information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.

Information you provide directly.

We collect Personal Data you provide to us, including when you register for an account to use the Service. For example:

Name and contact information. We collect name, username or alias, and contact details such as email address, postal address, and phone number of parents .
Demographic data. In some cases, we request that you provide age, gender, marital status, and similar demographic details.
Payment information. If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.
Content and files. We collect the photos, documents, or other files you upload to our Services; and if you send us email messages or other communications, we collect and retain those communications.

Information we collect automatically.

When you use our Services, we collect some information automatically. For example:

Identifiers and device information. Our servers automatically log your IP address and information about your device, including device identifiers (such as MAC address), device type, and your device’s operating system, browser, and other software details.
Usage data. We automatically log your activity on our websites, apps, and connected products, including UUIDs for push notifications, referring URLs, pages viewed, time spent on pages, access times, and other usage metrics.
Linked online accounts. When you link a social media or other third-party account to our Services, we automatically collect certain information about that account, which may include Personal Data about the Child whose accounts you link. Any information this privacy statement says we may collect about you may also be collected about that Child. Parents or guardians are solely responsible for ensuring they have the legal authority to provide any account credentials and authorize monitoring of the associated account.

Information we create or generate.

We infer new information from data we collect, including using automated means to generate information about likely preferences or characteristics (“inferences”). For example, we generate content scores for URLs of videos, images, and text to provide parental alerts. We may develop inferences using artificial intelligence (“AI”) technologies, and we may use any information to train and operate those technologies.

Information obtained from third-party sources.

We collect and analyze information from third-party applications associated with you or your Child’s account using the credentials you provide. These sources include:

  • Third-party apps and platforms such as Google, iMessage, Instagram, Snapchat, TikTok, and YouTube
  • Co-branding or marketing partners
  • Service providers supporting geolocation, analytics, or other functions
  • Public sources such as government databases

We do not collect Personal Data directly from your Child. 

You may decline to provide Personal Data, and you can use browser or device settings to limit certain types of automatic data collection. However, if you do so, some Services or features may not function properly.

COOKIES, MOBILE IDs AND SIMILAR TECHNOLOGIES

We use cookies, web beacons, mobile analytics IDs, and similar technologies to operate our websites and Services and to collect Personal Data.

What are cookies and similar technologies?

Cookies are small text files placed by a website and stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.

Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages or newsletters to tell us if you open and act on them.

Mobile analytics and advertising IDs are generated by operating systems for mobile devices (iOS and Android) and can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our third-party analytics and advertising partners to access these mobile IDs.

How do we and our partners use cookies and similar technologies?

We, and our analytics and advertising partners, use these technologies in our websites, apps, and online Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our Services, including personal information about your online activities over time and across different websites or online Services. This information is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site or app, develop inferences, combat fraud, and fulfill other legitimate purposes. We and/or our partners also share the information we collect or infer with third parties for these purposes. The third-party analytics and advertising providers we use on our Services include, for example:

Company/ServicePurpose(s)Privacy Notices
AdobeAdvertising, analyticshttps://www.adobe.com/privacy/policy.html
AmplitudeAnalyticshttps://amplitude.com/privacy
AppsFlyerAnalyticshttps://www.appsflyer.com/legal/privacy-policy/
Google/DoubleclickAdvertisinghttps://policies.google.com/privacy?hl=en
Google AnalyticsAnalyticswww.google.com/policies/privacy/partners
Facebook

Advertising,

analytics

https://www.facebook.com/privacy/policy

https://www.facebook.com/policies/cookies/

LogRocketAnalyticshttps://logrocket.com/privacy/

To learn about their privacy practices and how to opt-out from their use of cookie data for targeted advertising purposes, click on the links above. You may also use the advertising and cookie controls described below.

What controls are available?

  • Advertising controls. Our advertising partners may participate in associations that provide simple ways to opt out of ad targeting, which you can access at NAI (http://optout.networkadvertising.org) and DAA (http://optout.aboutads.info/). These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.
  • Browser cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or Services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
  • Mobile advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the advertising IDs.
  • Email web beacons. Most email clients have settings which allow you to prevent the automatic downloading of images, including web beacons, which prevents the automatic connection to the web servers that host those images.
  • Do Not Track. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control Personal Data collection and use, including the cookie controls and advertising controls described above.

OUR USE OF PERSONAL DATA

We use Personal Data for the following purposes:

  • Product and service delivery
  • Analyze potential online safety risks
  • Communicate with parents and guardians about safety insights
  • Business operations
  • Product improvement and research
  • Personalization
  • Customer support
  • Communications
  • Marketing
  • Comply with legal obligations

We combine Personal Data across sources to give you a consistent and personalized experience.

Use of Artificial Intelligence

BrightCanary may use automated systems, including artificial intelligence and machine learning technologies, to analyze and categorize online content for the purpose of identifying potential safety concerns.

These systems are used solely to provide and improve the Services.

Personal Data, including information associated with a Child’s monitored accounts, is not sold and is not used to train third-party artificial intelligence models.

Aggregated and De-Identified Data

BrightCanary may create aggregated or de-identified data that does not reasonably identify an individual parent or child. Such data may be used to improve the Services, develop new safety features, and better understand online safety trends.

​​The insights and alerts provided by BrightCanary are intended to assist parents and guardians in understanding potential online safety concerns. The Service is not intended to replace parental judgment, supervision, or communication with a child.

CHILDREN’S DATA

The Services are intended only for use by parents or legal guardians age 18 or older who have legal authority to provide their Child’s account credentials so that their Child’s online activity can be monitored.

Children may not create accounts, access the Services, or provide Personal Data directly to BrightCanary. The Service is designed to be used exclusively by parents or guardians.

By using the Services, you represent and warrant that you are the parent or legal guardian of the Child and that you are authorized to provide the Child’s account credentials and consent to the processing of information associated with the Child’s accounts.  We may collect the same categories of Personal Data about your Child that we may collect about you

BrightCanary operates as a parent-directed service. Parents or legal guardians choose whether to connect accounts associated with their child and control how the Service is used. BrightCanary does not independently initiate monitoring of children’s accounts.

OUR SHARING OF PERSONAL DATA

BrightCanary does not sell Personal Data, including Personal Data relating to children.

We do not share Personal Data with third parties except as described in this Privacy Policy and as necessary to provide the Services, including with:

  • Service providers
  • Financial institutions and payment processors
  • Affiliates
  • Parties to corporate transactions
  • Legal and law enforcement entities
  • Parties necessary for security, fraud prevention, and rights protection

Third-party analytics and advertising companies also collect Personal Data via our Services.

BrightCanary requires service providers and technology partners that process Personal Data on our behalf to use such data solely for the purpose of providing services to BrightCanary and not for their own commercial purposes, including the training of independent artificial intelligence models, except as expressly authorized by BrightCanary.

We may also share de-identified information in accordance with applicable law.

RETENTION OF PERSONAL DATA

We retain Personal Data as long as necessary to provide Services, meet legal obligations, resolve disputes, enforce agreements, and achieve other legitimate business purposes. Retention periods vary depending on data type, user expectations, sensitivity, and legal requirements.

LOCATION OF PERSONAL DATA

The Personal Data we collect may be stored and processed in your region or in countries where we or our service providers maintain facilities, primarily the United States.

All Personal Data processed by the AI Component of the app is stored exclusively in the United States on cloud servers.

We take steps to ensure Personal Data is processed according to this privacy statement and applicable law regardless of location.

Parents or guardians may request deletion or destruction of Personal Data relating to themselves or their Child by contacting our Data Privacy Officer. We will process verified deletion requests in accordance with applicable law.

SECURITY OF PERSONAL DATA

We take reasonable and appropriate steps to help protect Personal Data from unauthorized access, use, disclosure, alteration, and destruction.

Personal Data processed by the AI Component of the app is stored using secure storage technologies, including encryption at rest.

We recommend that you use strong passwords and avoid reusing passwords across accounts.

COMPLIANCE WITH LAW

Tacita complies with all applicable federal and state privacy, data protection, and consumer protection laws in the jurisdictions where our Services are used. We maintain compliance as laws evolve and as new requirements become applicable to our operations.

CHANGES TO THIS PRIVACY STATEMENT

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date at the top of the policy.

Your continued use of the Services after changes become effective indicates your acceptance of the updated policy.

HOW TO CONTACT US

If you have a privacy concern, complaint, question, or request regarding Personal Data, you may contact our Data Privacy Office at:

privacy@brightcanary.io

You may also contact us to:

  • Stop collection of Personal Data, including data about your Child
  • Review Personal Data we hold about your Child
  • Request deletion of your Child’s Personal Data

Mailing address:
Tacita Inc.
999 N. Northlake Way
Seattle, WA 98103
USA

 

Instagram logo iconFacebook logo icontiktok logo iconYouTube logo iconLinkedIn logo icon
Be the most informed parent in the room.
Sign up for digital parenting updates.
APA Labs Digital Badge
We've earned the APA Labs Digital Badge
BrightCanary is honored to earn this designation from the American Psychological Association (APA). This APA Labs Digital Badge reflects alignment with APA Labs criteria for scientific principles, safety, ethical use, and usability. It is not an endorsement nor guarantee of effectiveness. APA Labs does not independently test products.
Mom's Choice Awards Honoring Excellence
Excellence in online safety
The Mom’s Choice Awards evaluates products and services created for children, families, and educators. The program is globally recognized for establishing the benchmark of excellence in family-friendly media, products and services. BrightCanary was recognized for our excellence in family-friendly online safety.
@2026 Tacita, Inc. All Rights Reserved.