Legal

GDPR

This policy outlines our commitment to protecting personal data, detailing how we collect, use, and safeguard information in compliance with EU regulations.

1. Introduction

This Privacy Policy explains how Bloo, Inc. ("we", "us", or "Blue") collects, uses, shares, and protects personal data in accordance with the General Data Protection Regulation (GDPR). This policy applies to our website www.Blue.cc and our B2B SaaS platform.

2. Data Controller

Bloo, Inc. is the data controller for the personal data collected through our website and platform. Our contact details are:

Bloo, Inc.

Email: [email protected]

3. Data Protection Officer

Our Data Protection Officer is:

Emanuele FAJA, CEO

Email: [email protected]

4. Personal Data We Collect

We collect the following types of personal data:

  • Name
  • Email address
  • Job title
  • IP address
  • Location (if geolocation is turned on)
  • Time spent on the site

5. How We Collect Data

We collect data through:

  • Automatic methods when you use our website and platform
  • Sign-up forms when you create an account

6. Purpose of Data Collection

We collect and process your personal data to:

  • Provide and maintain our B2B SaaS platform services
  • Improve and personalize user experience
  • Analyze usage of our website and platform
  • Communicate with you about our services

7. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Performance of a contract when you use our services
  • Your consent, where applicable
  • Our legitimate interests in improving and maintaining our services

8. Data Retention

We retain your personal data for as long as necessary to provide our services. Once you delete your data, we keep it for 30 days before permanent deletion.

9. Data Sharing

We do not share your personal data with third parties, except for aggregated statistics that do not identify individuals.

10. Data Storage and Transfer

Your data is stored encrypted at rest in AWS data centers. We transfer data to Singapore, which is outside the EU/EEA. We ensure appropriate safeguards are in place for this transfer through standard contractual clauses.

11. Cookies

We use cookies to:

  • Keep users logged in
  • Set local browser preferences (such as menu options)

12. Your Rights

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ('right to be forgotten')
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, please contact our Data Protection Officer.

13. Data Security

We implement robust security measures to protect your personal data, including:

  • Enterprise-level encryption (AES-256) for data at rest and in transit
  • Advanced monitoring and alert systems
  • Multi-factor authentication (MFA) for backend systems
  • Regular third-party security audits
  • Daily data backups
  • Collaboration with external security researchers

For more details on our security measures, please visit our Security page link to Security page.

14. Automated Decision-Making

We do not use automated decision-making or profiling based on your personal data.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page. You can find all the version controlled changes on our Gitlab Repository

16. Contact Us

If you have any questions about this Privacy Policy, please contact our Data Protection Officer at [email protected]

Security

Blue is designed from the ground up for security and scale.

HIPAA

Details on how Blue handles Protected Health Information (PHI) in accordance with HIPAA regulations.