How Bluebend handles information

This Privacy Policy explains how Bluebend AI collects, uses, shares, and protects personal information when people visit our website, contact us, work with us, or receive our AI workflow consulting services.

Bluebend AI is based in Claremont, California. References to Bluebend AI, we, us, or our mean Bluebend AI and its related business operations.

If a signed client agreement, statement of work, data processing addendum, security exhibit, or privacy exhibit applies, that document controls where it conflicts with this website policy for that client relationship.

We may collect contact details such as name, email address, phone number, organization, role, mailing address, and billing address.

We may collect business and project information such as workflow descriptions, meeting notes, documents, examples, operational requirements, support requests, communications, and preferences that you choose to share with us.

For website visits, we may collect basic technical information such as IP address, device type, browser, pages viewed, referral source, approximate location, and site performance data. We may also receive information from security, hosting, analytics, email, payment, accounting, and AI tool providers.

We use information to respond to inquiries, evaluate possible projects, provide consulting and AI workflow services, prepare proposals, deliver support, maintain client relationships, improve our services, and operate Bluebend AI.

We may use information for security, troubleshooting, audit logs, quality control, accounting, tax, insurance, legal compliance, and protection of Bluebend AI, our clients, and partners.

For client work, we use Client Data only to provide, configure, test, support, monitor, secure, troubleshoot, and document the agreed services, comply with law or legal process, prevent or investigate security incidents, abuse, or misuse, create client deliverables or AI outputs, and perform other uses authorized by the client in a signed statement of work or written instruction.

We do not use Client Data to train, fine tune, or improve public or shared AI models. When Client Data is submitted to a model provider, we aim to use provider terms and settings that prevent the provider from using that data to train or improve generally available models, to the extent those terms and settings are available.

Some Bluebend AI services involve reviewing emails, calendars, documents, workflows, prompts, instructions, credentials, system access, or other operational information provided by or accessed from a client system. As between Bluebend AI and the client, the client owns its Client Data and client materials.

Bluebend AI receives only the limited rights needed to provide, secure, support, monitor, troubleshoot, and document the services as permitted by the applicable agreement and statement of work.

Clients remain responsible for deciding what information they provide to Bluebend AI and which systems Bluebend AI may access. We prefer scoped access, human review, and approval rules for workflows involving judgment, privacy, money, legal obligations, calendar changes, or external messages.

We do not want unnecessary sensitive information. Please do not send passwords, payment card numbers, health information, donor records, minors data, student records, pastoral or confidential counseling details, sacramental or confession related information, employment records, attorney-client privileged information, or other highly sensitive information unless we have agreed in writing on the correct handling process.

If we discover unexpected sensitive or restricted information in client materials, we may pause the affected work and request instructions.

For client services, Bluebend AI may use operational metadata, usage metrics, logs, diagnostic information, security events, performance measurements, configuration metadata, and de-identified or aggregated learnings to operate, secure, support, analyze, benchmark, and improve the services.

We do not include client identifying confidential information, Personal Data, or Restricted Data in de-identified or aggregated service data sets. Clients may opt out of new de-identified or aggregated data creation from their Client Data by written notice where the applicable agreement permits that opt out.

AI generated summaries, classifications, recommendations, drafts, plans, structured data, or other outputs can be inaccurate, incomplete, outdated, biased, duplicative, or inconsistent with a client policy or legal obligation.

Unless a signed statement of work says otherwise, AI outputs intended for external recipients are drafts only. Clients are responsible for reviewing and approving external emails, letters, announcements, posts, reports, customer-facing content, business decisions, and actions before relying on them, sending them, publishing them, or allowing them to affect individuals.

We may share information with service providers that help us run the business, such as hosting providers, email and calendar platforms, cloud storage, security tools, payment processors, accounting tools, legal or insurance advisors, analytics providers, AI tool providers, and customer support tools.

We may share information when required by law, subpoena, valid legal process, tax rule, payment dispute, fraud investigation, or to protect rights, safety, property, and security.

For client services, Bluebend AI may use employees, contractors, advisors, attorneys, accountants, insurers, service providers, subprocessors, and model providers who need access to perform or support the services and who are expected to protect information under confidentiality and data protection obligations appropriate to their role.

We do not sell personal information for money. We do not share personal information for cross context behavioral advertising as that term is commonly used under California privacy law.

Our website may use hosting, security, performance, and analytics technologies that collect basic technical information. These tools help us keep the site available, understand whether pages are useful, and protect the site from abuse.

You can control cookies through your browser settings. Some browser choices may affect how websites function.

We keep information as long as reasonably needed for the purposes described in this policy, including client support, business records, taxes, accounting, security, legal obligations, dispute handling, and backup systems.

Retention periods can vary depending on the type of information, the relationship, the service involved, and legal or operational requirements.

For client services, we return or delete Client Data in Bluebend controlled systems within a commercially reasonable period after termination or a valid written request, except for copies retained in routine backups or as required for law, legal, audit, security, accounting, compliance, or dispute purposes. Retained copies remain subject to applicable confidentiality obligations until deleted.

We use commercially reasonable administrative, technical, and organizational safeguards appropriate to the nature of the information and services involved. These may include least privilege access, access logging, encryption in transit and at rest where reasonably practicable, credential management, multi-factor authentication where supported, system segmentation, secure deletion, and incident response processes.

No system, model, cloud provider, API, network, storage method, website host, or AI tool is perfectly secure, and we cannot guarantee that information will be immune from unauthorized access, loss, interruption, or security incidents.

For confirmed security incidents involving Client Data in Bluebend controlled systems, we follow the notice commitments in the applicable client agreement. Where no separate agreement applies, we aim to notify affected clients without undue delay after confirming the incident and understanding the basic facts available to us.

If you believe information connected to Bluebend AI has been accessed or used improperly, contact us promptly at andrew@bluebend.ai.

You may contact us to request access, correction, deletion, or a copy of personal information we hold about you. We may need to verify your identity and may keep information when required or permitted for legal, security, accounting, contractual, or dispute reasons.

California residents and residents of other jurisdictions may have additional rights under applicable privacy laws. These may include the right to know, correct, delete, opt out of certain sharing, or limit certain uses. Bluebend AI will honor applicable rights requests as required by law.

To make a privacy request, email andrew@bluebend.ai with Privacy Request in the subject line.

Our website and business services are not directed to children under 13. We do not knowingly collect personal information from children under 13 through this website.

Some clients, such as churches, schools, or nonprofits, may serve children or sensitive communities. Bluebend AI expects those clients to avoid sharing unnecessary sensitive information and to establish written access and approval boundaries before any production workflow involves regulated, confidential, or child related records.

Bluebend AI is based in the United States. If you interact with us from outside the United States, your information may be processed in the United States or other locations where our service providers operate.

We may update this Privacy Policy from time to time. The effective date at the top of the page shows when it was last updated. Material changes will be reflected by posting the updated policy on this page.

For privacy questions or requests, contact Bluebend AI at andrew@bluebend.ai.