Last Updated: October 27, 2025
Welcome to Bluey Email (“we,” “us,” or “our”). We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our website, blog, and related services (“Services”).
1. Who We Are
Bluey Email is a SaaS-based email marketing platform operated from Bengaluru, Karnataka, India. Our mission is to help businesses send marketing campaigns and manage leads securely and efficiently. If you have any privacy-related questions, contact us at privacy@blueyemail.com.
2. Information We Collect
a. Information You Provide Directly
- Account registration details (name, email, company name, password)
- Billing details (through Stripe or Razorpay)
- Support requests and communication
- Uploaded contact lists or campaign data
b. Information Collected Automatically
- IP address and browser type
- Device identifiers and operating system
- Pages visited, time spent, and clickstream data
- Log data for security and analytics
c. Information from Integrations
If you connect Bluey Email with third-party apps like Google, Microsoft, Reoon, Slack, Zapier, or Outscrapper (or any other tool using an API), we may access limited data required to perform the intended function (e.g., lead verification, contact import). We do not access, store, or share user data from those services beyond your explicit permission.
3. How We Use Your Information
- To provide the Service — create and manage your account, send emails, verify leads, etc.
- To improve our product through performance and security analysis.
- To process payments securely through Stripe and Razorpay.
- To communicate with you regarding updates, invoices, and support.
- To comply with legal obligations such as tax or anti-fraud laws.
We never sell your personal data.
4. Data Storage and Transfer
Your data is securely stored on servers located in the United States, depending on your region and compliance requirements. All transfers use TLS 1.3+ and AES-256 encryption at rest. All subprocessors are vetted for GDPR and SOC 2 compliance.
5. Cookies and Tracking
We use cookies and similar technologies to maintain session security, analyze website performance (e.g., Google Analytics), and remember your preferences. You can modify cookie preferences anytime via browser settings. Rejecting cookies may affect certain features.
6. Data Retention Timeline
| Data Type | Purpose | Retention Period | Deletion Method |
|---|---|---|---|
| Account Information | Identify user, provide service | Until account deletion or 24 months inactivity | Secure purge |
| Payment Information | Billing and invoicing | 7 years (tax compliance) | Permanent deletion post-expiry |
| Email Campaign Data | Campaign delivery | 12 months after cancellation | Auto-deletion via system scripts |
| Log Files | Security and analytics | 90 days | Auto-rotation and deletion |
| Support Tickets | Troubleshooting and audit | 12 months | Manual deletion by admin |
| Backups | Disaster recovery | 30 days rolling backup | Automatic overwrite |
You can request early deletion anytime by contacting privacy@blueyemail.com.
7. Your Rights (GDPR & CCPA)
- Access a copy of your personal data
- Request correction or deletion (“Right to be Forgotten”)
- Restrict or object to processing
- Withdraw consent at any time
- Receive your data in a portable format (GDPR Art. 20)
- Not be discriminated against for exercising your rights (CCPA §1798.125)
To exercise these rights, contact privacy@blueyemail.com. We respond within 30 days.
8. Sharing and Disclosure
We only share your data with trusted subprocessors such as Stripe, Razorpay, Reoon, Outscrapper, AWS, Railway, and analytics providers — all bound by Data Processing Agreements (DPAs) to ensure compliance and data protection. We may disclose your data if required by law or court order.
9. Data Security Measures
- HTTPS/TLS encryption for all traffic
- AES-256 encryption for stored data
- Strict access control and authentication
- Regular vulnerability scans and penetration testing
- Firewall and DDoS protection
In case of a data breach, affected users will be notified within 72 hours as per GDPR Article 33.
10. Children’s Privacy
Bluey Email is not intended for individuals under 18 years of age. We do not knowingly collect data from minors. If discovered, such data will be deleted immediately.
11. Data Deletion and Portability
Users can request account deletion anytime. All personal data (except legally required billing records) will be permanently erased within 30 days. You can export your campaign data before deletion by contacting privacy@blueyemail.com.
12. International Users
If you access our Service from outside India, you consent to the transfer of your data to India or other regions where our servers and subprocessors operate. We ensure all transfers comply with GDPR Standard Contractual Clauses (SCCs).
13. Updates to This Policy
We may update this Privacy Policy periodically. Any updates will be reflected on this page with a revised “Last Updated” date.
14. Contact Us
For any privacy-related concerns, reach us at:
Email: privacy@blueyemail.com
Address: Bluey Email, Aspire Coworks, Koramangala, Bangalore