Welcome to BlueChat, a messaging platform for improved team-driven productivity (the “Platform” and the “Service”). The Platform operates through a cloud-based back-end and a client-side front-end available through your smartphone, desktop, laptop and web browser.
- PERSONAL DATA PROCESSED
- HOW YOUR PERSONAL DATA IS PROCESSED
- SECURITY AND DATA RETENTION
- INTERNATIONAL DATA TRANSFERS
- ADDITIONAL INFORMATION FOR INDIVIDUALS IN THE EU and UK
- ADDITIONAL INFORMATION FOR INDIVIDUALS IN CALIFORNIA
- GOOGLE API SERVICES - USAGE DISCLOSURE
- CHANGES TO THIS PRIVACY NOTICE
1. PERSONAL DATA PROCESSED
1.1 We process your email address. We also optionally process your name or nickname, photo and mobile phone number.
- We process your email address when you register to use BlueChat.
- You may also optionally provide the following items when you register: a chosen name, nickname or pseudonym to be displayed with your email account; a photo used as your avatar; and your mobile phone number for SMS verification.
- We also generate a unique app instance number when you install and run an instance of our client-side app on your smartphone, desktop, laptop and web browser. It is generated anew if you reinstall our app. We do not use any hardware identifiers such as Unique Device Identifier (UDID), SSAID (Android ID), IDFA, GAID, or IMEI and we have no way to track the specific hardware you use.
- We refer to this as "Registration Information".
1.2 We process you account preferences, such as background color, font and email signature.
We process your account settings, such as the background color you have chosen, the refresh rate and font settings you selected.
We refer to this as "Account Settings Information".
1.3 We process billing information for organizations using BlueChat’s fee-based plans.
We may process payment information, such as credit card details, that we collect from the administrator of an organization’s use of BlueChat.
We refer to this as "Billing Information".
1.4 When you use or access groups through the Platform, we process the group’s conversation setting which include the email addresses of the group members as well as other settings.
When you use or access groups through the Platform, we process the email addresses of the group members as well as the group’s selected name, avatar and notes.
We refer to this as "Group Conversation Settings".
1.5 We will process user inquiries you choose to send us.
You can submit an inquiry through our online “Contact Us” form or by emailing or writing to us. We will collect the information you provide in the inquiry, which typically includes your name, email address, other contact information, country, and the text of your message.
We refer to this as "Inquiry Information".
1.6 We will process user feedbacks and reviews you provide.
You can provide us feedback, review, or answers to surveys or promotions, on social media channels, by posting on any of our online public forums or communities, by sending an e-mail to any of our designated addresses, or any other form of communication. We will process the data you choose to provide, which may include your name, email address and the feedback or review.
We refer to this as "Feedback Information".
1.7 In the provision of the Service, the Platform performs limited processing of you emails, chats, imail, tasks, remarks/comments, contacts and calendar events.
In order to provide the Service to you, the Platform is involved in processing your chats, remarks/comments, contactsbut in a very limited fashion as described below.
We refer to this as "Your Content".
You do not have a legal obligation to let us process any of the above information. However, you will not be able to use the Platform and the Service unless we process this information, because we require it to operate the Platform and provide you the Service.
1.8 We collect and process measurements regarding your use of the Platform.
We collect meta-data such as the frequency of your use of the Platform, your interaction with the Platform’s user interface, general details such as the model of your smartphone and its operating system and information about bugs and crashes in our client-side app on your smartphone, desktop, laptop and web browser.
We refer to this as "Analytics Information".
2. HOW YOUR PERSONAL DATA IS PROCESSED
We will not share your information with third parties, except in the events listed below or when you provide us your explicit and informed consent.
2.1 We will process your information to provide you the functionality of the Service.
- We store and use your Registration Information, Account Settings Information, Credential Information and Group Conversation Settings in order to provide you the functionality of the Platform.
- We use your Billing Information in order to charge the fees applicable to your organization’s use of the Platform. We do not store or maintain your credit card number and are not exposed to it. It is handled by payment processors who are certified to acceptable security standards when they handle this information.
- We do not store your email messages or calendar events on our servers.
- Our Platform’s servers store your chat messages. These are all stored in encrypted form, which you can read more about below.
- Our Platform’s servers also store your contacts, for the purpose of presenting to you their status as online or offline.
2.2 Your name, avatar and online status will be visible to those participating in your email correspondence or imail chats.
The following information will be visible and available to those participating in your email correspondence or chats: the name, nickname or pseudonym you chose to be displayed with your email account, the photo you chose as your avatar, if any and your online or offline status.
2.3 We will use the Inquiry Information to handle and respond to your inquiry for quality assurance and for development and enhancement of the Platform, to prevent fraud, resolve disputes, troubleshoot problems and related purposes.
We will use your Inquiry Information to contact you about your inquiry and handle and respond to your inquiry. If your inquiry is regarding any other information we have about you, we will process that other information to respond to your inquiry.
2.4 We use the Analytics Information and your Feedback Information for our business needs of developing and enhancing the Service, prevent fraud, resolve disputes and troubleshoot problems and related purposes
We process the Analytics Information and Feedback Information to maintain and improve the Service, for quality assurance and for development and enhancement of the Platform.
2.5 If you expressed your consent, we will use your email address to contact you with marketing messages, promotions and offers relating to the Platform and the Service.
We will use your email address to send you emails containing BlueChat updates, promotions, marketing, and special offers. We will only do so if you have given your consent. If you gave your consent but later wish to unsubscribe from these emails, you may opt-out of receiving them by following the unsubscribe link located at the bottom of each communication or by emailing us at email@example.com.
We will use your email address to initiate contact with you on administrative issues related to the Services or support and maintenance.
2.7 We will process information with our service providers helping us to operate our business.
We will process personal information with the assistance of our service providers who assist us with the internal operations of the Service. These companies. Which for example include Amazon Web Services and Twilio, are authorized to use your personal information in this context only as necessary to provide these services to us and not for their own business purposes.
2.8 We will share information with competent authorities if you violate any applicable law.
If you violated any applicable law, we will share information we have about you with competent authorities and with third parties (such as legal counsels and advisors), for the purpose of handling of the violation.
2.9 We will share your information if we are legally required.
We will share information we have about you if we are required to do so by a judicial, governmental or regulatory authority.
2.10 We will share your information with third-parties in any event of change in our structure.
If the operation of our business is organized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition), we will share information only as required to enable the structural change in the operation of the business.
3.1 What are cookies?
- Cookies are text files, comprised of small amount of data, that are saved on your computer or other device (e.g., smartphone, tablet, etc.) when you use the internet and visit various websites.
- Necessary. We use a login cookie to validate your login credentials when you use login to the Platform through the web. This cookie is strictly necessary for the functioning of the Platform. The Platform cannot operate properly without this cookie.
- Statistics. Analytics cookies that help us understand how you interact with the Platform by collecting data that does not directly identify you.
3.3 You can always delete or disable cookies.
You can always delete the cookies saved on your device through the settings of your computer browser or device. You can also disable cookies for future use through the settings of your computer browser or device.
4. SECURITY AND DATA RETENTION
4.1 We will generally retain your information for as long as you are a registered user, and thereafter for recordkeeping purposes if necessary.
Generally, we will retain your information for as long as you are a registered user of the Platform. Thereafter, it will be either deleted or completely de-identified in a manner that does not allow re-identification thereof. Except as required by law or our agreement directly with you, we are not obliged to retain your information for any particular period, and we are free to securely delete it or restrict access to it for any reason and at any time, with or without notice to you.
We will also retain and use your information in the following instances:
- If there is an outstanding issue, claim or dispute requiring us to keep the relevant information until it is resolved.
- The information must be kept for our legitimate business interests, such as fraud prevention and enhancing users’ safety and security. For example, information may need to be kept to prevent a user who was banned for unsafe behavior or security incidents from opening a new account.
4.2 We implement measures to secure your information.
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. These include TLS and PGP encryption for data in transit and encryption of your chat messages when they are stored on our servers.
In any event, these measures do not provide absolute information security. Therefore, although efforts are made to secure personal information, it is not guaranteed, and you cannot expect that the Service will be immune from information security risks.
5. INTERNATIONAL DATA TRANSFERS
5.1 We will internationally transfer information in accordance with applicable data protection laws.
If we transfer your personal data for processing at locations outside your jurisdiction, we will abide by data transfer rules applicable to these situations.
6. ADDITIONAL INFORMATION FOR INDIVIDUALS IN THE EU and UK
6.1 Blix is the data controller for all information other than Your Content.
Blix is the data controller for the following information: Registration Information, Account Settings Information, Billing Information, Group Conversation Settings, Credential Information, Inquiry Information, Feedback Information and Analytics Information.
Blix is the data processor for Your Content.
6.2 Blix is the data processor for Your Content.
The following is the contact information of Blix:
- Blix, Inc.
- 101 Hudson Street
- Jersey City, NJ 07302
- United States
6.3 Legal bases under the GDPR for processing your personal data.
The legal basis under the GDPR for Blix’s processing of your Registration Information, Account Settings Information, Billing Information, Group Conversation Settings, Credential Information, as well as the use of the necessary-type cookie, is the performance of the terms of service contract in providing you the Platform the Service and its features.
The legal basis under the GDPR for processing your Inquiry Information is our legitimate interest in handling and responding to your inquiry, developing, maintaining and improving our business, the Service and the Platform.
The legal basis under the GDPR for processing your Analytics Information (including the use of the statistics cookie), and Feedback Information is our legitimate interest in developing, maintaining and improving our business, the Service and the Platform.
The legal basis under the GDPR for processing your email address to contact you with administrative messages is our legitimate interest in keeping our users informed of updates relating to the Platform and our compliance with legal obligations of informing users where required by law.
The legal basis under the GDPR for processing your email address to contact you with marketing-related emails is your express consent.
The legal basis under the GDPR for sharing your information with authorities or where we are legally required to share it, is our legitimate interests in complying with mandatory legal requirements imposed on us.
The legal basis under the GDPR for processing your information in the event of a change in our corporate structure is our legitimate interests in our business continuity.
6.4 You have certain rights to access, update or delete information, obtain a copy of your information, and object or restrict certain data processing activities.
If you are in the EU or the UK, you have the following rights under the GDPR:
- Right to Access your personal data that we process, and receive a copy of it.
- Right to Rectify inaccurate personal data we have concerning you and to have incomplete personal data completed.
- Right to withdraw your consent after you have given it to allow us to send you marketing-related emails.
- Right to Object, based on your particular situation, to using your personal data on the basis of our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or for the establishment, exercise of defense of legal claims.
- Right to Data Portability, that is, to receive the personal data that you provided to us, in a structured, commonly used and machine-readable format. You have the right to transmit this data to another service provider. Where technically feasible, you have the right that your personal data be transmitted directly from us to the service provider you designate.
- Right to be Forgotten. Under certain circumstances, such as when you object to us processing your data and we have no compelling legitimate grounds to override your objection, you have the right to ask us to erase your personal data. However, we may still process your personal data if it is necessary to comply with a legal obligation, we are subject to under laws in EU Member States or for the establishment, exercise or defense of legal claims.
If you wish to exercise any of your EU rights, please contact us at: firstname.lastname@example.org.
We reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you the information that you have asked for, we will explain the reason for this.
6.5 You have a right to submit a complaint to the relevant supervisory data protection authority.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU of UK, then according to the GDPR, you can lodge a complaint to the supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement of the GDPR. For a list of supervisory authorities in the EU and UK, click here.
7. ADDITIONAL INFORMATION FOR INDIVIDUALS IN CALIFORNIA
Below is a detailed description of the information we collect from users to our commercial purposes for which we use each category of personal information. This is also the information we have collected in the past 12 months.
7.1 Categories of personal information and source from which the information is collected
Identifiers such as a real name, alias, online identifier, internet protocol address, email address and account name – collected directly from you.
Commercial information about the Service subscriptions purchased– collected directly from you if you are the administrator of an organization’s use of BlueChat
Internet or other electronic network activity information – collected through the device you use to access the Service.
7.2 Specific Types of Personal Information Collected
As described above in the “Personal Data Processed” section.
7.3 Business or commercial purposes pursuant to the CCPA
Undertaking activities to verify or maintain the quality of the Service and to improve, upgrade or enhance the Service.
Undertaking internal research for technological development and demonstration.
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
Debugging to identify and repair errors.
7.4 Specific purposes
As specified above in the “How Your Personal Data is Processed” section.
We do not sell your personal information and have not done so in the past 12 months.
Your rights under the CCPA if you are a resident of California.
7.5 Disclosure of personal information we collect about you.
You have the right to know:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- Our business or commercial purpose for collecting personal information;
- The categories of third parties with whom we share personal information, if any; and
- The specific pieces of personal information we have collected about you.
7.6 Right to deletion.
Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
- Delete your personal information from our records; and
- Direct any service providers to delete your personal information from their records.
Please note that we may not delete your personal information if it is necessary to:
- Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- Debug to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act;
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
- Comply with an existing legal obligation; or
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
7.7 Protection against discrimination.
You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:
- Deny goods or services to you;
- Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- Provide a different level or quality of goods or services to you; or
- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your personal information.
7.8 Exercising your CCPA rights.
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you, by using a two or three points of data verification process, depending on the type of information you require.
8. Google API Services - Usage Disclosure
BlueChat's use and transfer to any other app of information received from Google Accounts will adhere to Google API Services User Data Policy, including the Limited Use requirements.
9. CHANGES TO THIS PRIVACY NOTICE
Last Modified: January 31, 2021