Privacy Policy
The privacy of your data — and it is your data, not ours! — is a big deal to us. In this policy, we lay out: what data we collect and why; how your data is handled; and your rights to your data. We promise we never sell your data: never have, never will.
What we collect and why
Our guiding principle is to collect only what we need. Here’s what that means in practice:
Identity & access
When you sign up for a bluelists.app product, we collect identifying information such as your name, email address, and username from your twitter account. That’s just so we can personalize your new account, and we can send you invoices, updates, or other essential information. We also use profile picture that displays in our products, but we do not normally look at or access that picture. We’ll never sell your personal info to third parties, and we won’t use your name or company in marketing statements without your permission either.
Billing information
When you pay for a bluelists.app product, we ask for your credit card and billing address. That’s so we can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed directly to our payment processor and doesn’t ever go through our servers.
Geolocation data
We log all access to all accounts by full IP address so that we can always verify no unauthorized access has happened.
We also log full IP addresses used to access a product account.
Website interactions
When you browse our marketing pages or applications, your browser automatically shares certain information such as which operating system and browser version you are using. We track that information, along with the pages you are visiting, page load timing, and which website referred you for statistical purposes like conversion rates and to test new designs. We sometimes track specific link clicks to help inform some design decisions.
Voluntary correspondence
When you write bluelists.app with a question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.
We also store any information you volunteer like surveys. Sometimes when we do customer interviews, we may ask for your permission to record the conversation for future reference or use. We only do so if you give your express consent.
Information we do not collect
We don’t collect any characteristics of protected classifications including race, religion, sexual orientation & gender expression. You may provide these data voluntarily, such as if you include a pronoun preference in your email signature when writing into our Support team.
We also do not collect any biometric data. We use your Twitter Account profile picture for your easy recognition of your own account & to make user interface more plesasing. We do not extract any information from profile pictures: they are for your use alone.
How we approach permissions
By default, we have access to the network to ensure the app can connect to and communicate with the Internet. We ask for Twitter account permission while registering via your account, so that you can decide if you want to grant access. By registering and granting access to our app, you provide us the credentials to access private information from your account which include your followers, lists & list members.
We do not use these information for anything other than providing you an easy to use interface to manage this data. We do not share this information with anyone else.
It’s impossible for our apps to try to use a sensitive OS feature without requesting access explicitly from you, so you’ll always know exactly when and what we’re requesting. You will never be required to grant any permission (although a given feature may not work or work well without it).
When we access or share your information
Our default practice is to not access your information. The only times we’ll ever access or share your info are:
To provide products or services you’ve requested. We do use some third-party services to run our applications and only to the extent necessary process some or all of your personal information via these third parties. Having third-parties means we are using technology to access your data. No bluelists.app human looks at your data for these purposes unless an error occurs that stops an automated process from working and requires manual intervention to fix. These are rare cases and when they happen, we look for root cause solutions as much as possible to avoid them from reoccurring.
To help you troubleshoot or squash a software bug, with your permission: If at any point we need to access your account to help you with a Support case, we will ask for your consent before proceeding.
To investigate, prevent, or take action regarding restricted uses: Accessing a customer’s account when investigating potential abuse is a measure of last resort. We have an obligation to protect the privacy and safety of both our customers and the people reporting issues to us. We do our best to balance those responsibilities throughout the process. If we do discover you are using our products for a restricted purpose, we will report the incident to the appropriate authorities.
When required under applicable law.
bluelists.app, is a Indian company and all data & infrastructure are located in India.
- If we are audited by a tax authority, we may be required to share billing-related information. If that happens, we only share the bare minimum needed such as billing addresses and tax exemption information.
Finally, if bluelists.app, is acquired by or merged with another company — we don’t plan on that, but if it happens — we’ll notify you well before any info about you is transferred and becomes subject to a different privacy policy.
How we secure your data
All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The database backups are also encrypted.
Most data are not encrypted while they live in our database (since it needs to be ready to send to you when you need it), but we go to great lengths to secure your data at rest.
What happens when you delete data in your product accounts
All of your content will be inaccessible from the Services immediately upon account cancellation. Within 30 days, all content will be permanently deleted from active systems. If you want to export any data before your account is cancelled, kindly tweet me at the twitter account mentioned in the footer. Retrieving data for a single account from a backup is cost-prohibitive and unduly burdensome so if you change your mind you’ll need to do so before your data are deleted from our active servers. This applies both for cases when an account owner directly cancels and for auto-cancelled accounts.
Location of site and data
Our products and other web properties are operated in India. If you are located in the European Union or elsewhere outside of India, please be aware that any information you provide to us will be transferred to and stored in India. By using our Site, participating in any of our services and/or providing us with your information, you consent to this transfer.
Changes & questions
We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will notify you by email.
Have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information? Please get in touch via Direct Message at the twitter account mentioned in the footer and we’ll be happy to answer them!