How BlueSoft collects, uses, and protects your personal information.
This privacy policy explains how BlueSoft (referred to as "we," "us," or "our") collects, uses, and protects personal information when you visit our website, contact us, or engage our services. We are committed to handling your data lawfully and transparently.
This policy applies to the website bluesoft.ai and any communications you have with us through email, phone, WhatsApp, or our booking forms.
BlueSoft is an engineering studio building production AI for B2B fintech SaaS companies. We are headquartered in Pakistan and serve clients globally including in the UK, EU, US, Canada, and Australia.
For privacy-related inquiries, contact [email protected] (or replace with a dedicated privacy@ address once configured).
We collect the following categories of personal information:
—Contact information you provide when you book a call, send an email, or message us: name, email address, phone number, company name, job title.
—Communication content from the conversations we have with you: the contents of emails, call notes, and message exchanges relevant to assessing whether we should work together.
—Technical information automatically collected when you visit our website: IP address, browser type, device type, pages visited, referrer URL, approximate location derived from IP address.
—Booking information when you schedule a call through our Calendly link: the time slot you select, your time zone, any information you provide on the booking form. (Calendly is a separate service provider with its own privacy policy.)
We do not collect special category data (race, religion, health, biometric data, etc.) as part of normal operations. If you voluntarily share such information during a conversation, we will treat it with appropriate care but recommend against doing so on public channels.
Under UK GDPR and EU GDPR, we process personal data on the following lawful bases:
—Legitimate interests: To respond to your inquiries, evaluate potential engagements, and operate our website. We have assessed that our processing does not override your fundamental rights and freedoms.
—Contract performance: To enter into and perform service engagements with you.
—Consent: Where you have explicitly opted in, for example by subscribing to our newsletter (if and when we operate one).
—Legal obligation: Where we are required to retain or disclose information by applicable law.
For US residents subject to state privacy laws (California, Colorado, Virginia, Connecticut, Utah, and others), we process your personal information for the legitimate business purposes described in this policy.
We use the information we collect to:
—Respond to your inquiries and book conversations with you
—Evaluate whether your project is a fit for our services
—Prepare and deliver service engagements
—Send you operational communications (engagement updates, invoices)
—Improve our website and services
—Comply with our legal obligations
We do not sell your personal information. We do not use your data for advertising or marketing automation beyond direct responses to your inquiries.
We retain personal information only for as long as needed for the purposes described:
—Inquiries that do not result in an engagement: up to 24 months, then deleted unless you ask us to retain longer.
—Active client engagements: for the duration of the engagement plus 7 years for accounting and tax compliance.
—Website analytics: up to 26 months.
You can request earlier deletion at any time (see "Your rights" below).
We are based in Pakistan and serve clients in the UK, EU, US, and globally. This means your personal information may be transferred between countries.
When we transfer personal data from the UK or EU to countries outside the UK/EU (including Pakistan and the United States), we rely on appropriate safeguards including:
—Standard Contractual Clauses approved by the European Commission and the UK ICO
—Adequacy decisions where they apply
—Other lawful transfer mechanisms
You can request a copy of the safeguards we use by contacting us.
Depending on where you live, you have the following rights regarding your personal information:
—Access: Request a copy of the personal data we hold about you.
—Rectification: Ask us to correct inaccurate information.
—Deletion: Ask us to delete your personal data (subject to legal retention requirements).
—Restriction: Limit how we use your data.
—Portability: Request a machine-readable copy of your data.
—Objection: Object to processing based on our legitimate interests.
—Withdraw consent: Where we rely on consent, you can withdraw it at any time.
For UK and EU residents: you also have the right to lodge a complaint with a supervisory authority (the UK ICO or your national data protection authority).
For US residents covered by state privacy laws: you have rights including access, deletion, and (in some states) opt-out of certain processing activities.
To exercise any of these rights, contact us at [email protected]. We respond within one month.
Our services are B2B and are not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information about a child, contact us and we will delete it.
We may update this policy from time to time. Material changes will be flagged in the update banner at the top of the document with a summary of what changed. Continued use of our website after a change indicates acceptance.
We will retain previous versions for at least two years and can provide them on request.
For any privacy-related questions or to exercise your rights:
We respond to privacy inquiries within one month, often sooner.