Privacy Policy

Bluebex Software Private Limited(“Bluebex,” “we,” “us,” or “our”) is a software development company headquartered in Bangalore, India. We operate the website at bluebex.com (the “Website”) and provide custom software development, web and mobile applications, cloud solutions, AI automation, IT consulting, and related professional services (collectively, the “Services”).

This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you visit our Website, submit inquiries through our contact form, communicate with us by email or phone, or otherwise interact with us in connection with our Services.

By accessing or using our Website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Website or provide us with your personal information.

The types of personal information we collect depend on how you interact with us. We may collect the following categories of information:

2.1 Information You Provide Directly

• Contact and identity information: such as your full name, email address, phone number, company name, job title, and country of residence.
• Inquiry details: including the service you are interested in, project descriptions, business requirements, timelines, budget ranges, and any other information you choose to include in messages submitted through our contact form or sent to us by email.
• Business communications: records of correspondence, meeting notes, proposals, contracts, invoices, and support requests when you engage us for Services.

2.2 Information Collected Automatically

When you visit our Website, certain technical information may be collected automatically by our hosting infrastructure and standard web server logs, including:

• Internet Protocol (IP) address and approximate geographic location
• Browser type, version, and language settings
• Device type, operating system, and screen resolution
• Referring and exit pages, and the dates and times of your visits
• Pages viewed, links clicked, and general usage patterns on the Website

2.3 Information from Third Parties

We may receive limited information about you from third parties, such as business referrals, publicly available professional profiles, or service providers that help us operate our business. We treat such information in accordance with this Privacy Policy.

• When you complete and submit our Website contact form
• When you email, call, or otherwise communicate with us directly
• When you request a consultation, proposal, or quote for our Services
• When you enter into a client agreement or engage us for a project
• When you subscribe to updates or marketing communications, if offered
• Automatically through cookies, server logs, and similar technologies when you browse the Website
• From referrals, partners, or publicly available business directories

We use personal information for legitimate business purposes, including to:

• Respond to inquiries, demo requests, and support messages
• Evaluate project requirements and prepare proposals or statements of work
• Deliver, manage, and improve our software development and consulting Services
• Communicate with you about projects, contracts, billing, and account matters
• Send administrative notices, such as changes to our terms or policies
• Send marketing or promotional communications where permitted by law and, where required, with your consent
• Operate, maintain, secure, and improve the Website and our internal systems
• Monitor Website performance, diagnose technical issues, and prevent fraud or abuse
• Comply with legal obligations, enforce our agreements, and protect our rights
• Conduct analytics and business planning in aggregated or de-identified form where possible

We do not use your personal information for purposes that are materially incompatible with those described above without providing notice or, where required, obtaining your consent.

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction that requires a lawful basis for processing personal data, we rely on one or more of the following grounds:

• Consent: where you have given clear permission, such as when you submit a contact form or opt in to marketing communications.
• Contract: where processing is necessary to respond to your request, prepare a proposal, or perform a contract with you.
• Legitimate interests: where processing is necessary for our legitimate business interests, such as improving our Services, securing our Website, and communicating with prospective clients, provided those interests are not overridden by your rights.
• Legal obligation: where processing is required to comply with applicable laws, regulations, court orders, or regulatory requests.

If you are located in India, we process personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA) and applicable rules thereunder, including processing data for specified purposes with appropriate notice and, where required, consent.

We do not sell your personal information. We may share personal information only in the following circumstances:

• Service providers: with trusted vendors who perform services on our behalf, such as website hosting, email delivery, cloud infrastructure, customer relationship management, analytics, payment processing, and professional advisors. These providers are authorized to use personal information only as needed to provide services to us and are expected to protect it appropriately.
• Business transfers: in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to appropriate confidentiality protections.
• Legal and safety reasons: when we believe disclosure is required by law, regulation, legal process, or governmental request, or to protect the rights, property, safety, or security of Bluebex, our clients, or others.
• With your direction: when you ask us to share information or otherwise consent to disclosure.

Bluebex is based in India and may use service providers located in India and other countries. If you access our Website or Services from outside India, your information may be transferred to, stored in, and processed in jurisdictions that may have different data protection laws than your country of residence.

Where required by applicable law, we implement appropriate safeguards for cross-border transfers, such as standard contractual clauses, data processing agreements, or other lawful transfer mechanisms.

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Contact inquiries: typically retained for up to 3 years after our last meaningful communication, unless a business relationship develops.
• Client and project records: retained for the duration of the engagement and for up to 7 years thereafter for legal, tax, accounting, and dispute-resolution purposes.
• Website logs and technical data: generally retained for up to 12 months, unless needed for security investigations.
• Marketing preferences: retained until you unsubscribe or withdraw consent.

When personal information is no longer needed, we will delete, anonymize, or securely dispose of it in accordance with our internal retention practices.

Depending on your location, you may have certain rights regarding your personal information. These rights may include:

• The right to access and obtain a copy of your personal information
• The right to correct inaccurate or incomplete information
• The right to request deletion of your personal information
• The right to restrict or object to certain processing activities
• The right to withdraw consent where processing is based on consent
• The right to data portability, where applicable
• The right to opt out of marketing communications at any time
• The right to lodge a complaint with a supervisory authority

Residents of certain U.S. states, including California, may have additional rights such as knowing what personal information is collected, requesting deletion, and opting out of certain sharing arrangements. Bluebex does not sell personal information as defined under applicable state privacy laws.

Under India's DPDPA, Data Principals may have rights to access information, request correction or erasure, withdraw consent, and seek grievance redressal through our designated contact channel.

To exercise your rights, contact us using the details in Section 16. We may need to verify your identity before responding and will aim to reply within the timeframes required by applicable law.

Cookies are small text files stored on your device when you visit a website. We and our service providers may use cookies, pixels, local storage, and similar technologies to:

• Enable essential Website functionality and security
• Remember preferences and improve user experience
• Understand how visitors use the Website through analytics
• Measure the effectiveness of marketing campaigns, if used

Types of Cookies We May Use

• Strictly necessary cookies: required for core Website operation and security.
• Functional cookies: remember choices and settings to enhance your experience.
• Analytics cookies: help us understand traffic patterns and improve performance.
• Marketing cookies: used only if we run advertising or remarketing campaigns, and only where permitted.

You can control cookies through your browser settings and, where available, through consent tools presented on the Website. Disabling certain cookies may affect Website functionality. Unless required for essential operations, we will seek consent before placing non-essential cookies where required by law.

Our Website may rely on third-party services for hosting, fonts, analytics, communication, and other operational needs. For example, the Website may be hosted on cloud infrastructure providers and may load fonts or other assets from third-party content delivery networks.

Our Website may also contain links to third-party websites, such as social media platforms, partner sites, or client resources. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any external sites you visit.

Third-party services may collect information according to their own privacy policies. Where we engage processors to handle personal information on our behalf, we require them to process data only under our instructions and implement appropriate security measures.

Our Website and Services are intended for business and professional audiences and are not directed to children under the age of 16 (or the minimum age required by local law). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete such information.

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption in transit where supported, secure development practices, and restricted internal access on a need-to-know basis.

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any credentials associated with your communications with us.

If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

We do not use personal information to make solely automated decisions that produce legal or similarly significant effects on you without human involvement. If this changes in the future, we will update this Privacy Policy and provide any notices required by law.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations. When we make material changes, we will post the updated policy on this page and revise the “Last Updated” date at the top.

Where required by law, we will provide additional notice, such as by email or a prominent notice on the Website, before changes take effect. Your continued use of the Website after an updated policy becomes effective constitutes your acknowledgment of the revised policy, unless otherwise required by law.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For privacy-related requests, please include “Privacy Request” in the subject line and describe your request in sufficient detail so we can respond promptly.