Employee Performance Group B.V., trading under the name Bright Alley, is a company with limited liability established and existing under the laws of The Netherlands, having its registered office in Utrecht (3584 AA), the Netherlands, at Herculesplein 80, registered with the Dutch Chamber of Commerce in Utrecht, Netherlands with file number 09106850.
Bright Alley offers an adaptive online learning- and testing platform, which can be used to develop, to test and to maintain knowledge, in a fast and efficient way. Companies, organizations, educational institutions and individual users can upload teaching material available on the platform for their own use or use by trainees, students or others.
About the app
OnFire Onboarding brings your new employees quickly up to speed. Starting a new job is exciting, make sure you keep hold of that enthusiasm and motivation while setting clear expectations and creating a warm welcome. The most important information is right there in the OnFire app. We also offer OnFire as an Android and iOS app. Our mobile apps require no additional permissions to be able to use them.
You need an account to use OnFire. Your account can for you by your company, school, training institute or sports club (in each case, it is the sole responsibility of such company, school, training institute or sports club to comply with the applicable GDPR (in the Netherlands referred to as: AVG) requirements and their respective Privacy policies and statements). Bright Alley requires some personal information when creating an OnFire account to be able to provide its functionality and service. Personal information we process your:
o Email address
o First name
o Family name
o Employee number (if applicable)
o Department (if applicable)
o Avatar image (optional)
Please be advised that you can review the personal data that is stored in your OnFire account by going to the “Settings” → “Personal information” section in OnFire. Except for your profile photo, which is optional and can only be uploaded by you, you cannot amend your personal data yourself. Please consult your company, school, training institute or sports club to amend your data or delete your account.
Automated data collection
When using OnFire, OnFire servers automatically record certain information about your use of OnFire. Similar to other web services, information such as account activity (including storage usage, number of log-ins), data displayed or clicked on (including UI elements, links); and other log information (including browser type, IP address, date and time of access and cookie ID) is recorded. OnFire functions based on an algorithm that drives personalized learning. The mentioned information is used only to provide you with a correctly functioning adaptive learning and testing app.
Storage of personal data
Personal data in OnFire is processed by Bright Alley in datacenters in the Netherlands. Organizations that have signed a Data Processor Agreement with Bright Alley can enforce that all its user accounts are stored in other datacenters; either in the Netherlands or abroad.
Cookies, or similar techniques, that we use
You can always delete previously saved cookies via your browser settings, please consult the help function of your browser on how to delete cookies.
How long we store personal data
Bright Alley does not store your personal data any longer than is strictly necessary for the purposes for which your personal data is collected. At the end of the contract with your organization your personal account will be deleted. After content has been deleted, it can take up to two weeks before all personal information will be deleted from all systems.
You can delete your account at any time to remove your personal information from OnFire before the end of the contract with your organization contact your company, school or training institute.
Use by Bright Alley employees
Bright Alley employees do not have access to personal data with exception of the employees of the support desk who may have to use your username (e-mail address) and/or name details to provide you with support in case you encounter service issues.
Sharing of personal data with third parties
Bright Alley shares your personal data with third parties only after you have given explicit permission to do so or if required by law. In case we share personal data with third party organizations that process your personal data on behalf of Bright Alley, we ensure that a processing agreement is in place; requiring our partners to adhere to our level of security or higher and confidentiality of your data while we remain responsible for this processing.
How we protect personal data
Bright Alley takes appropriate technical and organizational measures to prevent abuse, loss,
unauthorized access, unwanted disclosure and unauthorized modification of your personal data in compliance with the GDPR (Netherlands AVG).
Your personal data is only accessible for Bright Alley employees if this is required to perform their duties to provide you with the contracted service (see “Use by Bright Alley employees” above). Bright Alley, however, is not liable for unauthorized access to computers or files, viruses or other
unlawful programs or files or any other negative impact of making your personal data available to Bright Alley.
We do encourage the reporting of possible vulnerabilities via our Data Protection Officer’s Privacy Portal through our Coordinated Vulnerability Disclosure procedure. You can also report such issues by contacting us via firstname.lastname@example.org. This email address can also be used if you have reasons to assume that your data is not properly protected or there are indicators that your personal data is
For more information about our privacy practices, please contact us any time at email@example.com