Privacy Policy

1. Introduction

BlueprintLab Pty Ltd (ABN: 42694683694) ("we," "us," "our," or "bloop") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our project management platform and related services.

By using bloop, you agree to the collection and use of information in accordance with this Privacy Policy. This policy complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and the General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Account Information: Name, email address, phone number, company name, and job title
• Profile Information: Profile pictures, preferences, and settings
• Communication Data: Messages, conversations, and task discussions within the platform
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Contact Information: Information about your contacts and team members when you invite them to use our services

2.2 Technical Information

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: How you interact with our platform, features used, time spent, and navigation patterns
• Log Data: Server logs, error reports, and system performance data
• Cookies and Tracking: Information collected through cookies, web beacons, and similar technologies

2.3 Project and Task Data

• Tasks, projects, and workflow information you create or manage
• Files, documents, and attachments you upload
• Comments, notes, and collaboration data
• Time tracking and productivity metrics

2.4 Message Processing - Privacy by Design

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Provision

• Provide, operate, and maintain our project management platform
• Process and manage your account and subscriptions
• Enable team collaboration and task management features
• Generate automated insights and productivity recommendations

3.2 Communication

• Send service notifications, updates, and reminders
• Respond to your inquiries and provide customer support
• Send marketing communications (with your consent)
• Inform you about new features, services, or changes to our terms

3.3 Improvement and Analytics

• Analyze usage patterns to improve our services
• Conduct research and development for new features
• Monitor and analyze trends, usage, and activities
• Troubleshoot technical issues and optimize performance

3.4 Legal and Security

• Comply with legal obligations and regulatory requirements
• Detect, prevent, and address fraud and security issues
• Protect our rights, property, and safety, and that of our users
• Enforce our terms of service and policies

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our platform:

• Cloud hosting and infrastructure providers
• Payment processing services
• Customer support and communication tools
• Analytics and monitoring services
• Email and marketing platforms

4.2 Team Members

Within your organization or team workspace, information is shared with authorized team members as necessary for collaboration and project management purposes.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or to protect our legal rights and interests.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to appropriate confidentiality protections.

5. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: Data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Strict authentication and authorization mechanisms
• Regular Audits: Ongoing security assessments and penetration testing
• Incident Response: Established procedures for detecting and responding to security incidents
• Staff Training: Regular security training for all personnel with access to data
• Infrastructure Security: Secure cloud infrastructure with regular updates and monitoring

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to implementing reasonable safeguards and promptly notifying users of any significant security incidents.

6. Data Retention

We retain your information for as long as necessary to:

• Provide our services and maintain your account
• Comply with legal, regulatory, or contractual obligations
• Resolve disputes and enforce our agreements
• Support business operations and continuity

Active Accounts: Information is retained while your account remains active and for a reasonable period thereafter.

Deleted Accounts: Upon account deletion, we will delete your personal information within 90 days, except where retention is required by law or for legitimate business purposes.

Backup Systems: Information may persist in backup systems for up to 12 months after deletion for disaster recovery purposes.

7. Your Privacy Rights

Under Australian privacy law and GDPR (where applicable), you have the following rights:

7.1 Access and Transparency

• Right to Access: Request access to your personal information we hold
• Data Portability: Receive your data in a structured, machine-readable format
• Transparency: Understand how your information is being used

7.2 Control and Correction

• Right to Rectification: Correct inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information
• Right to Restrict Processing: Limit how we use your information
• Right to Object: Object to certain types of processing

7.3 Consent Management

• Withdraw Consent: Withdraw previously given consent at any time
• Marketing Opt-out: Unsubscribe from marketing communications
• Cookie Management: Control cookie preferences through your browser

7.4 How to Exercise Your Rights

To exercise these rights, contact us at yao@blueprintlab.io. We will respond to your request within 30 days and may require verification of your identity.

If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or your local data protection authority.

8. International Data Transfers

Your information may be transferred to and stored in countries other than Australia, including:

• United States (cloud infrastructure and service providers)
• European Union (analytics and support services)
• Singapore (regional data centers)

When transferring data internationally, we ensure appropriate safeguards are in place:

• Standard contractual clauses approved by relevant authorities
• Adequacy decisions recognizing equivalent protection standards
• Certification schemes and codes of conduct
• Binding corporate rules and privacy frameworks

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

9.1 Types of Cookies

• Essential Cookies: Necessary for platform functionality and security
• Performance Cookies: Help us analyze usage and improve our services
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Deliver relevant advertisements and measure effectiveness

9.2 Cookie Management

You can control cookies through your browser settings or our cookie preference center. Disabling certain cookies may impact platform functionality.

10. Third-Party Services and Integrations

bloop integrates with various third-party services to enhance functionality. These may include:

• Communication platforms (Slack, Microsoft Teams)
• File storage services (Google Drive, Dropbox)
• Calendar applications (Google Calendar, Outlook)
• Project management tools and APIs

When you connect third-party services, their privacy policies and terms of service also apply to the data they process. We encourage you to review these policies before enabling integrations.

11. Children's Privacy

Our services are intended for business use and are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at yao@blueprintlab.io.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will:

• Post the updated policy on our website with a new "Last Updated" date
• Notify you of significant changes via email or platform notifications
• Provide advance notice for material changes that affect your rights
• Maintain previous versions for your reference

Your continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Data Protection Authority

If you have concerns about how we handle your personal information, you can contact: