🐍  Celebrate CircuitPython Day with us on August 19th! Sign up for our webinar: "Reimagining IoT Deployments with CircuitPython"

Privacy Policy

Last updated: February 11, 2022

This Privacy Policy describes the ways in which Blues Inc. and its affiliates and subsidiaries (collectively, “Blues,” “we,” “our,” and “us") collect, receive, process, or store information, including Personal Information, in connection with our business operations ("Business Operations"), including the services we provide that reference this Privacy Policy (collectively, the “Services"). We use the term “Personal Information” to mean any information that identifies you as an individual, is about you as an individual, or is otherwise defined as personal information, personal data, or similar under applicable law. To assist in your review, certain definition used in this Privacy Policy are set out in Section 18 (Definitions) others are defined in context.

 

1. Services

In addition to any services we offer that reference this Privacy Policy, the Services include the following:

1.1. Blues Offerings. We offer a range of hardware products and cloud-based services, each of which provides a foundation for, and assists in the development and deployment of, IoT solutions (collectively, “Blues Offerings”). Blues Offerings include Blues Hardware and the Notehub. Subscribers are able to develop, deploy, and manage Notecard-Enabled IoT Solutions via the Notehub.

1.2. Blues Website. The Blues public-facing website (located at https://blues.io/) as well as other Blues websites that link to this Privacy Policy.

2. Scope of Privacy Policy.

It is important to understand the scope of this Privacy Policy. This Privacy Policy applies to anyone that interacts with our Business Operations or that uses the Services (collectively, “you"). If you are interacting with our Business Operations or using the Services on behalf of a company or other legal entity ("Your Organization"), then (i) you represent and warrant that you have authority to act on behalf of, and to bind Your Organization, and (ii) for all purposes in this Privacy Policy, the term “you” means Your Organization on whose behalf you are acting. If you are a provider of Notecard-Enabled Devices or Notecard-Enabled IoT Solutions, you agree to notify your users of, and obtain their consent to, this Privacy Policy.

3. Controller.

The controller, i.e., the entity that is responsible for the processing of your Personal Information, and which is referred to by the term “Blues”, “we”, “us” or “our” in this Privacy Policy, is Blues Inc., a Delaware limited liability company. If the controller is one of our affiliates or subsidiaries (collectively, our “Affiliates"), this will be explicitly stated at the point where the data is collected or, respectively, where you have been referred to this Privacy Policy, and the full address of the respective controller will be given at the same location. For Blues Inc.’s representative in the European Union / European Economic Area ("EEA") see Section 9.3.2 (Representative).

4. Collection of Information.

Here are the types of information that we collect about you and how we collect it from you:

4.1. Information that You Provide. We collect information that you provide to us, including when you make a purchase, set up an account with us, or otherwise use the Services. For example, we collect information that you provide to us when you interact with us via the Website. Information that you may provide includes your name, title, company name, mailing address, and email address if you, for example, fill out a “contact us” page. Blues also collects information that you provide by electronic mail, which is subject to this Privacy Policy. If you visit our office in person and meet with our employees, we may ask you to provide us with information, including Personal Information ("Offline Personal Information"). Offline Personal Information may be collected using: (i) in person communications and interactions with us; (ii) paper forms; and (iii) other information you provide to us in person or via mail, fax, telephone, or other means. If you provide Offline Personal Information to us, we will provide you with a written notice of this Privacy Policy or will provide you with a reference to this Privacy Policy so that you can familiarize yourself with its terms.

4.2. Information Automatically Collected by Blues. The information that is automatically collected by Blues varies depends on the Services you are accessing or using.

4.2.1. Information Automatically Collected by the Blues Offerings. If you are accessing of using the Blues Offerings, then the following will apply. The information automatically collected and/or generated and exchanged between a Notecard and the Blues Notehub falls into two categories: Metadata and User Data. The term “Metadata” means information concerning the Notecard, independent of the Notecard-Enabled Device with which it is associated, such as the Notecard’s state, configuration, and/or location. The term “User Data” means all data (other than Metadata) collected or generated by, or transmitted to, a Notecard-Enabled Device, including (i) data generated or collected by the Notecard-Enabled Device’s internal or external sensors, and (ii) data transmitted from your applications to your Notecard-Enabled Devices. We transmit User Data, but have no access, and seek no access, to the content of, or any information included in, User Data. We automatically collect Metadata in connection with the Blues Offerings. In certain instances, Metadata may include Personal Information, and such Personal Information is governed by this Policy.

4.2.2. Information Automatically Collected by the Website. If you are accessing or using the Website, then the following will apply. We may automatically collect certain information from the Website, such as your Internet Protocol address, your web browser type and version, the name and version of your operating system, the pages you view on the Website, the pages you view immediately before and after you access the Website, and the search terms you enter on the Website. This information allows Blues to recognize you and personalize your experience if you return to the Website using the same computer or mobile device, and to improve the Website.

4.3. Information Automatically Collected by the Network Provider. The Network Provider will automatically collect Network Information associated with your use (and your customers' use) of your Notecard-Enabled IoT Solution. The term “Network Information” means information that (i) relates to use of the Network or Networks (as applicable); (ii) is provided by the Network Provider or (iii) is derived from the Network. In certain instances, Network Information may include Personal Information, and the Network Provider’s use of such Personal Information is governed by the Network Provider’s privacy policy. The Network Provider may share Network Information with us and, in that case, Personal Information included in such Network Information will be subject to this Privacy Policy.

4.4. User-Generated Content. The Notehub may provide you with the ability (either directly or through a third party service) to engage with us and others in public exchanges, and these may include opportunities for you to provide comments, reviews, recommendations, information related to the Notehub, Blues Hardware, Notecard-Enabled IoT Solutions, and other topics (collectively, “User-Generated Content"). Please understand that anything you supply as User-Generated Content will be accessible to others to read, collect, re-publish, and otherwise freely use. We are not responsible for anything you decide to include in User-Generated Content, and we will take down, remove, or edit User-Generated Content in our sole discretion, except as required by applicable law. If you include any information relating to others in your User-Generated Content, then you represent that you have full permission and authority to do so.

4.5. Device Identifies; Logs; Tags. We may automatically collect certain information from you, including certain technical information from your computer or mobile device when you use certain Services, such as your Internet Protocol address, your web browser type and version, the name and version of your operating system, the pages you view on the Website, the pages you view immediately before and after you access the Website, and the search terms you enter on the Website (if any). This information allows Blues to provide the Website to you, and to improve the Business Operations, the Website, and the Services.

4.6. Cookies. We may collect certain information using “cookies,” which are small text files that the Website saves on your computer or mobile device, or similar technologies that allow us to recognize your computer or mobile device. We will always ask for your consent before we place cookies on your device, except for cookies that are strictly necessary to provide Website features explicitly requested by you. For further information, see the Cookie Privacy Policy in Section 7 (Cookie Privacy Policy) below.

4.7. Other Third-Party Technology. We use certain third party services to better understand our users' needs and to optimize our Services, and we identify these services in our Cookie Privacy Policy in Section 7 (Cookie Privacy Policy) below. For example, we use Hotjar, which is a third-party technology service that helps us better understand our your experience (e.g., how much time you spend on which pages, which links you choose to click, what you like and do not like, etc.) and this enables us to build and maintain our Services using this information. Hotjar uses cookies and other technologies to collect data on your behavior and the devices that you use to access the Services. This includes a your device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and your preferred language. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For more information about Hotjar, please click here: about Hotjar.

4.8. Web Beacons and Tags. The Services may use certain data collection technologies that rely on: (i) beacons; (ii) pixel tags and object hyperlinking tags; and (iii) other means to link an object to an Internet address, a remote software application, a remote database, or other remote means of receiving or processing information. We may use these technologies to tell us what portions of the Services have been visited or to measure the effectiveness of searches that users perform via the Services. These technologies may include Google Tag Manager. We will always ask for your consent before we use these technologies to collect data that is stored on your device.

4.9. Social Media Widgets. Some of our Services may include third party social media widgets that may permit you to exchange your information between such third party social media sites and our Services. Social media widgets are either hosted by a third party or hosted directly on by us. Your interactions with these social media widgets are governed by the privacy policy of the corresponding social media provider.

4.10. Geolocation Information. The Services may determine your location (your “Geolocation Information") using your device or browser features and/or through the information provided by a third party, such as Google or Facebook. We will always ask for your consent before we access Geolocation Information on your device or browser. You may revoke consent for accessing your Geolocation Information at any time, in particular by disabling the GPS and other applicable features in your device or browser settings. To the extent Your Geolocation Information is combined with any Personal Information (to the extent that Geolocation Information itself does not constitute Personal Information under applicable law), we will treat it as Personal Information. We may use Your Geolocation Information to send communications to you, and for other purposes set out in this Privacy Policy.

4.11. Anonymous Information. We may also collect, process, and use information that does not identify you or your devices, and which is neither stored on your device or already present on your device, including information that has been made anonymous by: (i) removing identifying fields and aggregating the information with other information so that individuals cannot be re-identified, or (ii) anonymizing the information with techniques that remove or modify the identifying data so as to prevent re-identification of the anonymized information (collectively, “Anonymous Information"). Information that meets these criteria might include, for example, demographic information, statistical information (e.g., page views and hit counts), and general tracking information.

4.12. Information We Collect from Other Sources. We may collect information about you from other sources, including our service providers and publicly available sources.

5. Use of Information.

The Section describes how, and for which purposes, we use the information that we have collected about you:

5.1. Provide the Business Operations and Services. We use your Personal Information for Business Operations. This includes, providing you with the Services you request or access, such as accessing or using the Services, creating and managing your user accounts, and communicating with you about our Services.

5.2. Analysis and Improvement. We may use your Personal Information and Anonymous Information to perform internal administration, auditing, operation, and troubleshooting in connection with Business Operations, including to evaluate and improve our Services, and to develop and test Services. For example, we may use Metadata for improving, measuring use of, analyzing performance of, fixing errors in, providing support for, and developing Blues Hardware, Notehubs, and other Blues Offerings through various methods, including (i) combining or aggregating the information collected through the Notehub or elsewhere for generating and analyzing statistics about use of the Notehub, user demographics, traffic patterns, and other metrics, and (ii) using anonymized data that may or may not be derived from Personal Information but does not personally identify you.

5.3. Information and Notices. If you submit your Personal Information to us, we may provide you with information about Business Operations and the Services or required notices. Blues does not sell or share your Personal Information with other companies for purposes of marketing their goods or services to you. In some jurisdictions, you have the explicit right to request that we do not share your Personal Information with, or sell your Personal Information to, certain third-parties, and we will honor such requests in accordance with applicable law.

5.4 Security. We may use your Personal Information for safety and security purposes, including sharing of your information for such purposes, when it is necessary to pursue our legitimate interests in ensuring the security of Business Operations and the Services, including detecting, preventing and responding to fraud, intellectual property infringement, violations of agreements with Blues or its service providers, violations of agreements with Network Providers, violations of law or other misuse of the Services. We may also share your Personal Information when we believe, in good faith, that disclosure is necessary to protect our rights, the rights of other users of the Services, the integrity of the Services, your safety, or the safety of others.

5.5. Comply with Legal Obligations. We may have a legal obligations to collect, use, retain, or process your Person Information. If those obligations exists, then we will use your Personal Information to satisfy such obligations.

5.6. Responding to Your Requests. We use your Personal Information to respond to your requests through various channels (which may include in person, email, phone, social media, and chat).

5.7. Other Purposes for Which We Seek Your Consent. We may seek for your consent to use your Personal Information for additional purposes that we communicate to you, including for advertising as set out in Section 10 (Advertising). For example, we may provide you with the ability to opt-in to mailing lists to receive news and information about our Services.

6. Sharing Information.

Although your information is important to our business, we are not in the business of selling your Personal Information. We share Personal Information as described below. In all cases, we take reasonable efforts to ensure that any entity that we share your Personal Information with has privacy practices at least as protective as those in this Privacy Policy and applicable law.

6.1. Third Party Service Providers. We may engage third-party service providers to perform functions on our behalf, and these may include maintaining the Services, responding to and sending email or other messages, data analysis, and other functions useful to Business Operations or the Services. Our wireless service provider that supplies cellular connectivity is one such example of a third party service provider that performs functions on our behalf. Such third party service providers will have access to Personal Information to the extent needed to perform their function, but will not be permitted to use Personal Information for other purposes.

6.2. Consultants. We may engage attorneys, accountants, and other consultants and subject matter experts to advise and assist it in connection with the Business Operations. We will provide such consultants with access to Personal Information to the extent needed to perform their function, but will not permit them to use your Personal Information for purposes unrelated to their engagement with us.

6.3. Business Transfer. Blues may also transfer your Personal Information to a third party of Affiliate in the event of any reorganization, merger, acquisition, assignment, transfer or other disposition of all or any portion of Blues' business or assets, provided that any such entity that Blues transfers Personal Information to will not be permitted to process your Personal Information other than as described in this Privacy Policy without providing you notice and, if required by applicable laws, obtaining your consent.

6.4. Our Affiliates and Subsidiaries. We may share information we collect with our Affiliates, which are any entity that is closely related to us, such as any entity that controls, is controlled by, or is under common control with Blues. Our Affiliates will be subject to the terms of this Privacy Policy.

6.5. Other Disclosure. We may disclose Personal Information about you to others: (i) if we have your valid consent to do so; (ii) to comply with a valid subpoena, legal order, court order, legal process, or other legal obligation; (iii) to enforce any of our terms and conditions or policies; or (iv) as necessary to pursue available legal remedies or defend legal claims.

This Section provides Blues' cookie policy ("Cookie Privacy Policy") and describes how Blues uses Cookies (as defined below) and similar technologies.

7.1. Cookies. Cookies are small pieces of data that are stored on your computer, mobile phone, or other device when you first visit a page. Blues uses cookies, web beacons and similar technologies (collectively, “Cookies") to enhance your user experience, understand your usage of the Website, detect if you have returned to the Website, and to perform analytics. Cookies may also be set by other websites or services that run content on the page you are visiting. The provision of your data via Cookies is based on your consent except for those Cookies that Blues places on your device that are strictly necessary for Website features requested by you. Blues uses “session cookies” and “persistent cookies.” Session Cookies are temporary Cookies that remain on your device until you leave the Website. A persistent Cookie may remain on your device for much longer until you manually delete it.

7.2. Use of Cookies. Cookies can contain the following information about you and your use of the Website: browser type, search preferences, data relating to which pages of the Website that you have visited and the date and time of your use. Blues uses Cookies for the following purposes:

  1. - To enable and support security features, prevent fraud, and protect your data from unauthorized access.
  2. - To enable features and help us provide you with personalized content.
  3. - To analyze how you use the Website and to monitor site performance. These Cookies help us to identify and fix errors, understand and improve services, research and test out different features, and monitor how you reached the Website.

7.3. Types of Cookies. We may use the following categories of cookies on our Website:

  • Strictly Necessary Cookies. We may use cookies that are strictly necessary for operating the Business Operations. These include authentication cookies that enable you to log in to secured portions of our Website and that help us prevent fraudulent activities on our Website.
  • Performance / Analytical Cookies. We may use cookies for purposes of assessing the performance of our Services, such as by gathering information about how many visitors use our Website and how they navigate around it. These cookies help us identify issues so that we can continually improve our Services.
  • Functionality Cookies. We may use cookies that allow us to enhance the functionality of our Services. For example, these cookies enable us to keep track of the items you access on our Website and to remember your preferences the next time you visit our Website.
  • Targeting / Adverting Cookies. We may use cookies that help us determine which content or advertising may be relevant to your interests. We may also use this information to assess the performance of our marketing activities.

7.4. Third-Party Cookies. Blues uses the following third-party Cookies on the Website:

Cookie Name Type Expiry Use
sSyncHistory Social Media 1 Month Social Media Engagement
UserMatchHistory Social Media 1 Month Social Media Engagement
bcookie Social Media 2 Year Social Media Engagement
lang Social Media Session Social Media Engagement
li_sugr Social Media 1 Year Social Media Engagement
lidc Social Media 1 Day Social Media Engagement
muc_ads Social Media 2 Year Social Media Engagement
personalization_id Social Media 2 Year Social Media Engagement
bscookie Social Media 2 Year Social Media Engagement
__hssc Functional 1 Day Strictly Necessary
__hssrc Functional Session Strictly Necessary
__hstc Functional 1 Year Strictly Necessary
lang Performance Session Webpage and Marketing Performance
U Performance 1 Year Webpage and Marketing Performance
_ga Performance 2 Year Webpage and Marketing Performance
_gat_UA-196217450-3 Performance 1 Day Webpage and Marketing Performance
_gcl_au Performance 1 Year Webpage and Marketing Performance
_gid Performance 1 Day Webpage and Marketing Performance
ajs_anonymous_id Performance 1 Year Webpage and Marketing Performance
hubspotutk Performance 1 Year Webpage and Marketing Performance
D41ID Performance 1 Year Webpage and Marketing Performance
D41IDT Performance 1 Day Webpage and Marketing Performance
test_cookie Performance 1 Day Webpage and Marketing Performance
__cf_bm Performance 1 Day Webpage and Marketing Performance
pxrc Performance 1 Year Webpage and Marketing Performance
rlas3 Performance 1 Year Webpage and Marketing Performance
8. Storage

8.1. Security. We have implemented reasonable measures to protect your information from unauthorized access, use or disclosure. Blues maintains administrative, technical and physical safeguards designed to protect the collected information that are appropriate to the nature, size, and complexity of our Business Operations. For example, (i) Notecards incorporate the device-level security features and the data-in-motion security protections set out in Blues datasheets, and these are designed to prevent unauthorized access to or use of the Notecard and the data exchanged with other applications; and (ii) communications between the Blues Notehub and Notecards are conducted via a VPN. In addition, you are responsible for implementing commercially reasonable security safeguards consistent with customary industry practices to prevent unauthorized access to, or use of the Notehub. Blues is not responsible for the security of information that you transmit over networks that Blues does not control, including the Internet and wireless networks.

8.2. Retention. Blues retains information (including associated Personal Information) in accordance with applicable law and accepted retention practices. We will keep your Personal Information for as long as necessary to fulfill the purposes for which we collected it, including any legal, accounting or reporting requirements. In particular:

  • - Personal Information that we use to provide our Website to you will generally be deleted or anonymized immediately after you leave our Website. In case of actual or suspected security incidents, we may keep some the relevant information for up to seven days in order to investigate said incidents.
  • - Personal Information processed in for the purpose of performing a contract will generally be kept during the term of the contract and the subsequent statute of limitation period for claims arising out of the contract.
  • - If there is a legal obligation to retain Personal Information, in particular for tax purposes, Personal Information will be kept for as long as required by the applicable laws.

8.3. Reviewing, Deleting, or Correcting Information. Blues is committed to empowering you to understand the information we have about you. In addition to any additional legal rights you may have that are described in Section 9.2 (United States State-Specific Notices Regarding Your Privacy Rights) and Section 9.3 (EEA-Specific Notices Regarding Your Privacy Rights), if you wish to review, correct, or request that we delete information about you (including incorrect Personal Information), you may send a written request to Blues using the contact information provided in Section 15 (Contact Information). Please understand that we may not be able to change or delete your information if the information is necessary for our Business Operations or necessary for compliance with applicable law.

9. Your Choices Regarding Your Personal Information.

9.1. Opt-Out of Marketing Communications. If you have chosen or otherwise consented to receive, bulletins, updates, or other marketing-related materials, we will provide you with the ability to decline – or “opt out” – of receiving such communications. instructions for opting-out will be provided if and when we determine to send you such a communication. For example, if you no longer wish to receive email messages from us, you can opt out of this Service by either (i) following the “unsubscribe” instructions located near the bottom of each email message, or (ii) contacting us as provided in Section 15 (Contact Information). Opt outs will be free of charge; however, your telecommunications provider or the postal service may charge you normal rates for sending us your opt out request. Please understand that we may continue to communicate with you in connection with administrative notices concerning any transactions, operation of the Services and legal notices.

9.2. United States State-Specific Notices Regarding Your Privacy Rights.

9.2.1. Shine the Light Law. California law requires certain businesses to respond to requests from California users who ask about business practices related to disclosing Personal Information to third parties for direct marketing purposes. The California “Shine the Light” law further requires us to allow California residents to opt out of certain disclosures of Personal Information to third parties for their direct marketing purposes.

9.2.2. California Consumer Privacy Act Disclosure. The California Consumer Privacy Act (the “CCPA") provides various rights to individuals and households with respect to the collection and use of Personal Information that we have collected about California residents. We use the term “resident” to refer to a California resident to whom the CCPA applies. Among other rights under the CCPA, as further set out in this Section 9.2.2 (California Consumer Privacy Act Disclosure), a resident has the right to request that we (i) disclose to the resident Personal Information that we have about such resident (including Personal Information about such resident that is sold), and (ii) subject to certain exceptions, delete Personal Information that we have about such resident. A resident may request a copy of the following using the mechanism set out in Section 9.2.3 (Submission of a Consumer Request): (a) the categories of Personal Information we collected about such resident; (b) the categories of sources from which the Personal Information is collected; (c) the business or commercial purpose for collecting or selling the Personal Information; (d) the categories of third parties with whom we share Personal Information; and (e) the specific pieces of Personal Information we have collected about such resident. A resident may submit a request for such information no more than twice in any twelve (12) month period, and our disclosure of such requested information shall only cover the twelve (12) month period preceding our receipt of such request. Additionally, a resident may request that we delete such resident’s Personal Information using the mechanism set out in Section 9.2.3 (Submission of a Consumer Request). A resident’s rights as to such deletion requests are set out in Section 8.2 (Retention). If you are a California resident and submit a request to a Network Provider (or Blues services provider) that is related to your privacy rights as a California resident, then we will cooperate with such Network Provider (or Blues services provider) in accommodating your request.

9.2.3. Submission of a Consumer Request. If you are a resident that wishes to submit requests to us to access or delete your Personal Information, then please use the webform available here or the email address provided in Section 15 (Contact Information). We will respond to a resident’s request within forty-five (45) days or as permitted by applicable law.

9.2.4. Other California Disclosures. We do not provide a financial incentive or a price or service difference to customers in exchange for the retention or sale of their Personal Information. We may send promotions and other offers to those individuals subscribing to our marketing communications and, unless an individual has opted out of such communications, the individual will continue to receive such communications irrespective of whether a disclosure, deletion, or “Do Not Sell” request has been submitted. We do not offer financial incentives to deter customers from making such requests.

  • - We do not illegally discriminate against any customer for exercising their privacy rights.
  • - If you are a job applicant submitting Personal Information to us in connection with an application for employment, you will be provided with a privacy notice regarding how we handle such information as part of the application process.
  • - If you have any questions about our privacy practices in connection with the California Consumer Privacy Act, please contact Us as directed in Section 15 (Contact Information).

9.2.5. Nevada Disclosures. For Nevada residents, please note that We do not sell personal information as defined by Nevada law. You can submit a request to Us as set out in in Section 15 (Contact Information).

9.2.6. Further Resources. If you wish further information concerning privacy policies in general, you should visit the following site: [www.ftc.gov/privacy/index.html]{.underline}.

9.3. EEA-Specific Notices Regarding Your Privacy Rights.

9.3.1. GDPR. Regulation (EU) 2016/679 (General Data Protection Regulation) ("EU GDPR") EEA, i.e., the European Union, Iceland, Liechtenstein and Norway when accessing our website or being offered products or services by us. It also applies where your data is processed by one of our Affiliates or other establishments in the EEA. Likewise, the UK General Data Protection Regulation tailored by the Data Protection Act 2018 ("UK GDPR") applies when you are located in the United Kingdom of Great Britain and Northern Ireland ("UK") under the same circumstances.

9.3.2. Representative. Blues is in the process of designating a representative in the EEA for GDPR purposes. In the meantime, please use the contact information provided in Section 15 (Contact Information).

9.3.3. Legal Basis for Processing. For purposes of the GDPR, the legal basis for the processing of your Personal Information is as follows:

  • - Where we use your Personal Information for Business Operations (Section 5.1 (Provide the Business Operations and Services)), the processing is generally necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(b) of the GDPR). Where you are not our actual customer but a contact person of our customer, the legal basis our legitimate interest (Article 6(1)(f) of the GDPR) to communicate with our customer through you.
  • - Where we use your Personal Information for internal administration auditing, operation, and troubleshooting in connection with Business Operations (Section 5.2 (Analysis and Improvement)), the processing is generally based on our legitimate interest (Article 6(1)(f) of the GDPR) to (i) operate and improve our business efficiently; (ii) to enforce any of our terms and conditions or policies; or (iii) to pursue available legal remedies or defend legal claims. We may also ask for your consent (Article 6(1)(a) of the GDPR) to obtain additional information, in particular in connection with the operation of our Website and the use of Cookies.
  • - For the use of your Personal Data to provide you with information about Business Operations and the Services (Section 5.3 (Information and Notices)), the legal basis is generally our legitimate interest (Article 6(1)(f) of the GDPR) to market our business to you. Notwithstanding, if you request more concrete information, the processing may also be necessary to take steps prior to entering into a contract (Article 6(1)(f) of the GDPR). For notices required by law, the processing of your personal data is necessary for compliance with such legal obligation (Article 6(1)(c) of the GDPR).
  • - The use of your Personal Information for safety and security purposes (Section 5.4 (Security)) is generally based on our legitimate interest (Article 6(1)(b) of the GDPR) in ensuring said safety and security. In some situations, there may also be a legal obligation to implement such measures (Article 6(1)(c) of the GDPR).
  • - In other cases where we need to comply with a legal obligation (Section 5.5 (Comply with Legal Obligations)), the processing is based on the necessity to comply with such obligation (Article 6(1)(c) of the GDPR).
  • - Where we use your Personal Information to communicate with you (Section 5.6 (Responding to Your Requests)), the legal basis will be one of the above depending on the purpose of such communication.
  • - Where we seek your consent for other purposes (Section 5.7 (Other Purposes for Which We Seek Your Consent)), the legal basis is consent (Article 6(1)(a) of the GDPR).

9.3.4. Transfers to Third Countries. We may process your Personal Information in countries outside the EEA ("Third Countries"), including in the United States. We may also disclose your Personal Data to Affiliates and third parties (Section 6 (Sharing Information)) in Third Countries.

  • - If we disclose Personal Information to recipients in Third Countries, we may rely on an adequacy decision of the European Commission that confirms that the laws of the Third Country in question provide for an adequate protection of Personal Information.
  • - For other Third Countries, we will take steps to protect your privacy and fundamental rights in accordance the GDPR, and arrange for additional safeguards. Such safeguards will typically be based on a contract that binds the recipient in the Third Country to adhere to data protection standards similar to those under the GDPR.We will usually rely on the standard contractual clauses pre-approved by the European Commission or on other clauses approved by a competent data protection authority. If available, we may also rely on so-called binding corporate rules of the recipient approved by a competent data protection authority. These safeguards will generally include you as a third-party beneficiary, allowing you to enforce the data protection standards directly against the recipient. In order to obtain a copy of the safeguards used for a recipient, you may contact us using the contact information provided in Section 15 (Contact Information).

9.3.5. Your GDPR Rights. Under the GDPR, you have the following rights in relation to your Personal Information each subject to the legal requirements set out in the respective provisions of the GDPR:

  • - The right to request access to information regarding our processing of your Personal Information (Article 15 of the GDPR);
  • - The right to obtain rectification of your Personal Information that is inaccurate (Article 16 of the GDPR);
  • - The right to obtain the deletion of your Personal Information (Article 17 of the GDPR), or the restriction the processing of your Personal Information (Article 18 of the GDPR);
  • - The right to receive a copy of your Personal Information in a structured, commonly used and machine-readable format (data portability) (Article 20 of the GDPR);
  • - Where processing of your Personal Information is based on your consent (Section 9.3.3 (Legal Basis for Processing)), the right to withdraw consent at any time, without affecting the lawfulness of processing based on such consent before such withdrawal;
  • - Where processing takes place for the purpose of direct marketing, the right to object to the use of your Personal Information (Article 21(2) of the GDPR) at any time;
  • - Where processing is based on our legitimate interest (Section 9.3.3 (Legal Basis for Processing)), the right to object to the use of your Personal Information on grounds relating to your particular situation (Article 21(1) of the GDPR)and any time; we may, however, continue the processing if (i) we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms; or (ii) for the establishment, exercise or defense of legal claims.
  • - If you wish to exercise any of your rights above, please contact us using the contact information provided in Section 15 (Contact Information). You also have the right to lodge a complaint with your local competent supervisory authority or any authority that applies to Blues.
10. Advertising.

We participate in advertising to keep our customers apprised of product offerings, Property promotions, and associated content. As further set out below, we may use the information you provided to us to provide you with advertising or promotions based on your interaction with our Business. These advertisements and promotions may be related to the Business, or to third party services and products that we think may interest you.

10.1. Our Use of Anonymous Data for Advertising. Like many companies, we utilize targeted banners and ads and may display these to you when you are on other websites and mobile applications. We do this using a variety of digital marketing networks and ad exchanges in addition to using a range of advertising technologies like web beacons, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some sites and social networks. The banners and ads that you may see displayed will be based on information we hold about you, such as your previous use of our Services. This may include your search history on our Services, the content you accessed or read using the Services, or on our banners or ads you have previously clicked on.

10.2. Advertisers Use of Anonymous Data for Advertising. Additionally, we may include the use of ad banner partners for the serving and/or targeting of ads, promotions, and other marketing messages. These ads may be provided, in some cases, by a third party ad service provider or advertiser (collectively, “Advertisers"). Additionally, Advertisers may place or utilize their own cookies on your browser and may use Anonymous Information about your visit or use of our Services. If an Advertiser requests that you provide Personal Information to it or otherwise accept its cookie on your browser, please be aware that the Advertiser’s use and collection of this information and use of any cookies will be governed by its privacy policy or other relevant agreement, and not our Privacy Policy. We recommend that you review the Advertiser’s privacy policy before providing Personal Information. You may choose not to receive targeted advertising from certain ad networks, data exchanges, marketing analytics, and other service providers as indicated at: http://www.aboutads.info/choices/.

11. Feedback.

We want to encourage your feedback. If you have a suggestion or concerns you would like us to address, please contact us using the contact information provided in Section 15 (Contact Information). Certain states may provide you with additional avenues for lodging complaints. Please check with your state’s consumer protection authority.

12. Third-Party Websites and Platforms.

Communications from Blues may contain links to websites and platforms operated by third parties. You acknowledge and agree that Blues is not responsible for the collection and use of your information by such websites or platforms that are not under our control. We encourage you to review the privacy policies of each website and platform you visit or access so you understand such website operator’s privacy practices.

13. Changes to this Privacy Policy.

From time to time, we may change this Privacy Policy for our business purposes and to comply with changes in applicable law. If we make any substantive or material changes, then we will communicate these changes to you by posting the updated Privacy Policy on the Website, and/or notifying you of the change via the Services, email, or other methods. Where permitted under applicable law, your continued use of the Services following such notice constitutes your agreement to follow and be bound by the updated Privacy Policy.

14. Children’s Information.

The Notehub is not directed to, nor does Blues knowingly collect information from, children under the age of 13 in connection with the Notehub. If you become aware that your child or any child under your care has provided information without your consent, please contact Blues immediately using the contact information provided in Section 15 (Contact Information).

15. Contact Information.

If you have any questions about this Privacy Policy or the collection or use of information about you, please contact Blues using the following information: policies@blues.io.

16. Relationship to Terms of Use.

This Privacy Policy must be read in conjunction with (i) other agreements into which you and Blues may enter concerning the Services (if any), including the Blues Hardware Terms, and (ii) our Terms of Use, available here: https://blues.io/terms/. The provisions of our Terms of Use are incorporated herein. To the extent this Privacy Policy conflict with our Terms of Use, this terms of this Privacy Policy shall control. Similarly to the extent this Privacy Policy conflict with terms and conditions of any specific agreement you enter with us, the terms and conditions of such specific agreement shall control.

17. Translations.

This Privacy Policy may be translated into languages other than English (collectively, “Translations"). Any communications sent by us to you shall be sent in English. Dispute resolution procedures arising out of either this Privacy Policy or the Translations shall be conducted in English, and the English version of this Privacy Policy shall control over the Translations.

18. Definitions.

Capitalized terms have the meanings assigned to them below. Other capitalized terms are defined in context.

18.1. “Blues Hardware” has the meaning provided in the Blues Hardware Terms.

18.2. “Blues Hardware Terms” means the terms and conditions available at: https://shop.blues.io/pages/hardware-terms.

18.3. “Network” means, collectively, (i) the cellular network and (ii) other networks (such as a Wi-Fi network) or solutions that provide connectivity between a Notecard and a Notehub.

18.4. “Network Provider” means the provider of the Network and associated Network services with respect to the Blues Hardware at issue.

18.5. “Notecard” has the meaning provided in the Blues Hardware Terms.

18.6. “Notecard-Enabled Device” has the meaning provided in the Blues Hardware Terms.

18.7. “Notecard-Enabled IoT Solution” has the meaning provided in the Blues Hardware Terms.

19. Effective Date. The effective date of this Privacy Policy is February 11, 2022.