Brightful’s mission is to enable everyone to connect with their loved ones in meaningful ways everyday. One of our most important responsibilities is to make sure your data is safe. Below is an explanation of the security measures we have in place.

Data in transit

All data transmitted between Brightful clients and the Brightful service is done so using strong encryption protocols. Brightful supports the latest recommended secure cipher suites to encrypt all traffic in transit, including the use of TLS 1.2 protocols, AES256 encryption, and SHA2 signatures, whenever supported by the clients.

Data at rest

Data at rest in Brightful’s production network is encrypted using FIPS 140-2 compliant encryption standards, which applies to all types of data at rest within Brightful’s systems—relational databases, file stores, database backups, etc.

Each user’s data is hosted in our shared infrastructure and logically separated from other users’ data. The Brightful service is hosted in data centers maintained by industry-leading service providers, offering state-of-the-art physical protection for the servers and infrastructure that comprise the Brightful operating environment.