Skip to content
BlueBook logo

Privacy Policy

Privacy Policy

The team at BlueBook, Inc. (“BlueBook,” “we,” or “us”) is deeply dedicated to protecting your privacy and safeguarding any information you share with us. Our goal is to deliver a platform that respects your personal and organizational rules and policies – rather than one built to maximize data collection or usage for our own purposes.

If anything in this privacy policy is unclear, you disagree with it, have questions, or would like to suggest additions, please reach out to us at info@blbk.ai. Real humans wrote this privacy policy. We welcome your feedback.

This privacy policy (“Privacy Policy”) describes how we collect, use, disclose, and handle your personal data when you use BlueBook’s software, platform, agents, APIs, MCPs, and related tools, including the website at www.blbk.ai and all related software we provide to build, deploy, host, and manage projects and agents (“Service”). It also explains how you can access and update your personal information and outlines the data protection rights that may apply under the laws of your country or state. Please read this Privacy Policy carefully. By accessing or using the Service, you confirm that you have been informed of and consent to our practices regarding your personal information and data.

Please note that this Privacy Policy does not apply when BlueBook acts as a data processor and handles personal data on behalf of commercial customers using our commercial services—for example, if your employer has set up a BlueBook account for your work use. In those cases, our handling of that data is governed by our customer agreements.

1. Information We Do Collect

We collect the following categories of personal data:

A. Personal data you provide to us directly

We collect personal data when you create an account to use our Service or communicate with us. This includes:

• Account Information: BlueBook collects identifiers such as your name and email address when you sign up for a BlueBook account or request information about our Service. Account information also covers general personal details such as age, sex, geographic location, job title, and more. We regularly update and refine the account information we collect.

• Payment Information: We collect your payment information when you access any paid BlueBook products and services.

• Inputs and Suggestions. The Service lets you submit content (“Inputs”) and receive responses or other artifacts generated from your Inputs (“Suggestions”). BlueBook does not use Inputs or Suggestions to build internal datasets, and does not retain or internally collect the substantive contents of Inputs or Suggestions for model training, marketing, profiling, resale, or any other purpose unrelated to providing the Service, unless you have explicitly opted in.

• Inputs and Suggestions may include sensitive or confidential information, including without limitation company-specific financial information, portfolio data, investor or client materials, fundraising or investment presentations, pitch decks, private placement materials, contracts, legal agreements, transaction documents, tax materials, accounting workpapers, consulting deliverables, or other proprietary business information. BlueBook does not ingest, store, or maintain these contents for its own use. Any processing of Inputs and generation of Suggestions occurs solely to deliver the requested functionality, and any content may be processed only transiently (including via third-party infrastructure providers engaged to support the Service) to produce Suggestions or execute requested actions.

• You are responsible for ensuring you have all necessary rights and permissions to submit Inputs and to use any Suggestions. If Inputs include personal data, the Service may reproduce or transform that information in the Suggestions generated for you. BlueBook may retain only limited metadata and operational logs (e.g., timestamps, feature usage, device identifiers, error logs) as reasonably necessary to provide and secure the Service, prevent abuse, comply with legal obligations, and improve reliability – but such logs are not used to reconstruct or retain the substantive content of Inputs or Suggestions.

• Communication Information: If you communicate with us, we collect your name, contact information, and the contents of any messages you send.

• Feedback: While using the Service, you may provide feedback, including feature requests and suggestions for improvement or rating a Suggestion in response to an Input ("Feedback"). If you provide Feedback on the Service, we may store the entire exchange as part of your Feedback.

B. Personal data we receive from your use of the Service

When you use the Service, we also automatically receive certain technical data. This includes:

• Device Information. When you install, access, or use the BlueBook desktop application (the “App”), the App may automatically collect certain information about your device and environment. This information may include your device type and model, operating system and version, device identifiers, hardware and performance characteristics, application version, language and regional settings, and information about your network connection (such as IP address and internet service provider). The information we collect may vary depending on your device and system settings.

• Log Information. We collect diagnostic and usage information to help operate, secure, and improve the App. This may include log data such as IP address, timestamps, crash reports, error logs, performance data, and technical information about how you interact with the App (for example, features accessed, actions taken, and general usage patterns). We use this information to troubleshoot issues, monitor reliability, prevent abuse, and improve the user experience.

• Usage Data. We collect information about how you use the BlueBook desktop application (the “App”). This may include the dates and times you access the App, the features you use, the actions you take within the App (such as creating or opening projects, executing workflows, editing data, or initiating file operations), and other information about your interactions with the App. We may also collect information about the App configuration and technology on the device you use to access the App (such as the App version and enabled settings). We use this information to operate the App, maintain and improve performance and reliability, diagnose issues, prevent misuse, and understand how the App is used.

• Cookies & Similar Technologies. The App itself does not use browser cookies in the same manner as a traditional website. However, BlueBook and our service providers may use cookies, local storage, device identifiers, SDKs, or similar technologies in connection with our website, authentication flows, and in-App services (such as embedded web views, sign-in, analytics, and support features) to operate and manage the Services and improve your experience. These technologies help us recognize you, maintain your session, remember preferences, enhance security, personalize certain features, market additional products or services (where permitted), and analyze and optimize usage.

• Location Information. For security, fraud prevention, and performance purposes, we may determine the general geographic location associated with your device when it connects to the Services. We typically do this by using information such as your IP address. We may use this information to detect unusual login activity, enforce security measures, comply with legal requirements, and improve service performance (for example, by routing traffic to the nearest service region).

Information We Do Not Collect

BlueBook does not knowingly collect sensitive or special category personal information, such as genetic data, biometric data used for uniquely identifying a natural person, health information, or information regarding racial or ethnic origin, religious or philosophical beliefs, or sexual orientation. We also do not knowingly collect certain highly sensitive identifiers, including government-issued identification numbers (such as Social Security numbers, driver’s license numbers, or passport numbers) or financial account credentials (such as bank account numbers, payment card numbers, or login credentials), except to the limited extent necessary to provide the Services (for example, to process payments) and only where explicitly provided by you.

Additionally, BlueBook does not knowingly collect information from children under the age of 13 and does not direct the Services or content to children. If we learn or have reason to suspect that a user is under the age of 13, we will investigate and, if appropriate, delete the personal data and / or terminate the account.

2. How We Use Personal Data

We may use personal data for the following purposes:

• To provide and maintain the Service, including optional features that enhance functionality and user experience.

• To create, manage, and administer your account, including facilitating payments and responding to inquiries.

• To improve and develop the Service and conduct research, including debugging and identifying or repairing issues that impair functionality.

• To communicate with you, including sending updates, information about the Service, and events.

• To prevent, detect, and investigate fraud, abuse, security incidents, and violations of our Terms of Service.

• To comply with legal obligations and protect the rights, safety, privacy, and property of users, BlueBook, or third parties.

• To investigate and resolve disputes or security issues.

• To enforce our Terms of Service and other applicable agreements.

We do not use Inputs or Suggestions to train machine learning or other models, or permit third parties to use them for training, unless: (1) they are flagged for security review (in which case we may analyze them to improve our ability to detect and enforce our Terms of Service), (2) you explicitly report them to us (for example, as Feedback / Suggestions), or (3) you’ve explicitly agreed to their use for such training purposes. You can find instructions in the Service on how to manage your preferences regarding the use of Inputs and Suggestions for training.

We may aggregate or de-identify personal data so that it no longer identifies you, and use that information for the purposes described above, such as analyzing how the Service is used, improving or adding features, and conducting research. We will maintain de-identified information in its de-identified form and will not attempt to reidentify it, except as required by law.

3. How We Share Personal Data

We may disclose your personal data in the following circumstances:

• Service Providers and Business Partners: We may disclose personal data to third-party vendors and service providers who support our business operations and help us deliver and improve the Service. This includes third-party hosting, cloud infrastructure, model, analytics, customer support, safety monitoring, communications, payment processing, compliance services, and IT providers. These parties process personal data only as necessary to perform services on our behalf, consistent with our and your instructions and applicable law.

• Business Transfers: In the event of a merger, acquisition, restructuring, bankruptcy, or other corporate transaction, personal data may be disclosed to counterparties and advisers as part of due diligence or transferred as part of the transaction.

• Legal Compliance and Protection of Rights: We may disclose personal data to government authorities or other third parties if we believe doing so is necessary to: (i) comply with applicable laws, regulations, or legal processes, (ii) respond to lawful requests or investigations, (iii) protect the safety, rights, or property of any person, (iv) prevent fraud, security incidents, or other unlawful activity, (v) enforce our Terms of Service or other legal rights, or (vi) protect BlueBook against legal liability.

• Affiliates: We may share personal data with affiliates, meaning an entity that controls, is controlled by, or is under common control with, us. They may use personal data in a manner consistent with this Privacy Policy.

• Third-Party Services and Integrations: The Service may include integrations with or links to third-party websites, applications, or services. If you choose to interact with these third parties, your personal data may be disclosed to them directly and governed by their own terms and privacy policies. Our linking or integrating with a third party does not imply endorsement or affiliation.

• Business Account Administrators: If you create an account using an email associated with an organization (e.g., your employer), we may disclose account-related information (such as your email address and account status) to that organization. If you're part of a business or enterprise account, administrators may access and manage your use of the Service.

• Other Users and Third Parties You Share Information With: Certain features of the Service may allow you to share Inputs, Suggestions, or other content with other users or third-party applications. Any information you voluntarily share with those parties is subject to their respective terms and privacy policies.

• With Your Consent: We may disclose personal data when you give us permission to do so, including through features of the Service that are designed to share information.

4. Retention

BlueBook keeps personal data only for the period reasonably required to provide and maintain the Service and to meet legitimate operational needs, such as complying with legal obligations, protecting the security and integrity of the Service, resolving disputes, and enforcing our agreements. How long we retain personal data depends on the context in which it was collected, the nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, and any retention requirements under applicable law.

Your product settings and the way you use the Service may also affect retention. For example, certain transient or session-based interactions may not appear in your user history and may be retained only for a limited time for security, safety, diagnostic, and system monitoring purposes. For clarity, BlueBook does not retain the substantive contents of your Inputs or the Suggestions generated from them for its own use (including for model training), except to the limited extent and duration necessary to provide the requested functionality or as required by law.

When personal data is no longer necessary for these purposes, BlueBook and its service providers take reasonable steps to delete, erase, de-identify, or anonymize it in accordance with applicable laws and our retention practices.

5. Memory

Our application includes an embedded memory system that allows the AI features to maintain context across actions and sessions. This memory is designed to live on the local environment chosen by you or your organization (for example, your local machine or a configured project / workspace directory) and is not transmitted to us or any third party by the library itself, except where the host application or your own configuration explicitly syncs or uploads those files (for example, via source control or cloud storage you configure).

The memory system can store several categories of data, depending on how you use the application:

Conversation history and interaction logs:

• Messages exchanged with the AI (including prompts, responses, and tool calls).

• Execution logs describing which tools were invoked, with metadata such as timestamps, duration, and success / failure status.

Workspace / project context:

• Files and documents you work on may be analyzed and indexed at a summary level (for example, file paths, document types, and chunked text snippets) to make them searchable and to provide context to the AI.

• Workspace-level notes and patterns (for example, “project context,” “learned patterns,” and “preferences”) stored in human‑readable markdown files.

Derived knowledge and relationships (knowledge graph):

• Structured “facts” and entities inferred from your interactions and documents (for example, project names, file relationships, recurring concepts, topics, or error patterns).

• Relationships between those entities (for example, which documents are related, which files were updated as part of a plan, or which topics a conversation concerned), stored in a local SQLite database.

Per‑agent facts and preferences:

• Small, key‑value “facts” the system learns and associates with you or a specific agent (for example, time zone, preferred response style, recurring instructions), sometimes with an expiry time.

Document chunks and search indexes:

• Segments (“chunks”) of documents (for example, sections of markdown files or text files) stored with metadata (file path, heading, timestamps) to enable local full‑text search and retrieval.

• Full‑text indexes used to search conversations, knowledge graph nodes, and document chunks.

Optional vector embeddings:

• Where enabled, the system may compute vector embeddings (numeric representations of text) for conversation summaries, document chunks, or knowledge graph nodes to support semantic search.

• These embeddings are stored alongside the other memory tables in the local database and are derived from your content; although they are not human‑readable, they can still be considered personal or sensitive data where the underlying content is.

By default, the App does not transmit memory contents to remote services, except to the AI model provider as part of generating responses, and only through the host application’s configured AI client.

How memory is used.

• When you interact with the AI, the system may load relevant memory from the local database and files – such as past conversation summaries, project‑specific notes, related documents, or per‑agent facts – and include them in the prompt sent to the AI model so that responses can respect prior decisions, project context, and your preferences.

• The system uses token and character budgets to limit how much historical data is included in any single request; older or less relevant content may be summarized or pruned.

• The system can search prior conversations, notes, knowledge graph entities, and document chunks using local full‑text indexes (and, where configured, vector embeddings) to find information relevant to your current request.

• Results of these searches may be shown to you or incorporated into the AI’s reasoning.

• Error patterns and recurring failures may be recorded locally and used to generate preventive instructions for future sessions.

• Style and preference heuristics (for example, whether you prefer concise or detailed answers, code‑heavy vs. prose responses) may be stored locally and used to shape how the AI responds.

• In multi‑agent scenarios, shared “blackboard” entries may be stored locally so that different agents can coordinate, share intermediate findings, and reuse results. These entries can include descriptions of tasks, intermediate summaries, or contextual notes and may have time‑to‑live (TTL) settings so that they expire automatically.

• Unless otherwise configured by you, your organization, or the host application, memory entries (conversations, facts, document chunks, knowledge graph entities) are retained locally so that the AI can reuse them across sessions.

Some memory items, such as per‑agent facts and blackboard entries, may be created with explicit expiry times, after which they are automatically purged by internal cleanup routines.

• As conversations age or exceed defined size thresholds, the system may summarize them into shorter forms and discard detailed message‑by‑message history from active prompts while still retaining shorter summaries in the local database.

The knowledge graph may periodically decay or prune very old, low‑confidence facts to keep the memory store manageable and relevant.

• Depending on how the host application exposes settings, you or your administrator may be able to:

◦ Clear or reset memory for a specific project or workspace (for example, by deleting or regenerating the associated memory database and memory markdown files).

◦ Disable or limit certain memory features (for example, turning off document watching or adjusting how aggressively plans and conversations are retained).

Where the host application provides in‑product controls for memory, those controls govern what is retained and for how long. In environments without such controls, memory can be reset by removing the relevant local memory files and databases, subject to your organization’s policies and filesystem permissions.

Because memory stores information derived from your inputs and documents, it may contain personal data, confidential information, or other sensitive content that you choose to provide or that exists in your projects. You are responsible for ensuring that any content you process with the application complies with your legal, contractual, and policy obligations.

• Memory is scoped per tenant / workspace as configured by the host application. Other users or processes may only access this memory if they have operating‑system‑level access to the same files or if your organization explicitly shares or syncs those directories.

6. Security

We implement commercially reasonable technical and organizational measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, please remember that no method of transmission over the Internet or method of electronic storage is completely secure. You should use caution when deciding what information to share with the Service. We are not responsible for any circumvention of privacy settings or security features on the Service or on third-party websites linked through the Service.

Importantly, we do not attempt to, nor can we reasonably control the security of App related memory data on your local machine or external drive. It is your responsibility, or that of a dedicated third party, to safeguard such information.

7. Your Rights & Choices

Depending on where you live and the laws that apply in your country of residence, you may have certain rights in relation to your personal data. These may include the right to access, delete, correct, or transfer your personal data; to object to or restrict how we process it; or to withdraw your consent where processing is based on consent. You may also have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, you or your authorized agent may contact us at info@bluebook.ai. We may request information to verify your identity before processing your request. If we deny your request, you may appeal by emailing the same address. BlueBook will not discriminate against you for exercising any privacy rights available under applicable law.

The rights available to you may include:

• Right to know what categories of personal data we collect, the purposes for which we use it, and the types of third parties with whom we share it.

• Access and portability, meaning you can request a copy of the personal data we hold about you and, where applicable, ask us to provide it in a portable format.

• Deletion of personal data collected from you in connection with your use of the Service, subject to certain exceptions.

• Correction of inaccurate personal data we maintain about you. Please note that while we’ll make reasonable efforts to address correction requests, due to the nature of our models, we cannot guarantee the accuracy of Suggestions generated by the Service.

• Objection to certain types of processing. Where applicable, we will stop processing unless we have legitimate legal grounds to continue.

• Restriction of our processing of your personal data in limited circumstances, such as while a correction request is pending.

• Withdrawal of consent, where the legal basis for our processing is based on your consent. Withdrawal does not affect the lawfulness of prior processing.

• No automated decisions: BlueBook does not make decisions based solely on automated processing that impact your legal rights or has similarly significant effects (e.g. your healthcare or financial circumstances).

• No sale or targeted advertising: We do not “sell” or “share” personal data for cross-contextual behavioral advertising, and we do not process personal data for “targeted advertising” purposes (as those terms are defined under applicable US state privacy laws). We also do not process sensitive personal data for the purposes of inferring characteristics about a consumer.

BlueBook processes your personal data for the purposes described in this Privacy Policy on servers located in various jurisdictions, including in the United States. While data protection laws vary by country, we apply the protections outlined in this policy to your personal data regardless of where it is processed, and we only transfer data in accordance with legally valid transfer mechanisms. For users in the European Economic Area, (“EEA”), when you access our Service, your personal data may be transferred to our United States servers or to other countries outside the EEA and the UK. Where information is transferred outside the EEA or the UK, we require an adequate level of data protection.

To exercise privacy rights such as access, correction, or deletion of data stored in memory, you should use any management features provided within the application or contact your administrator or our support team. Where technically feasible and permitted by law, we will assist with identifying and removing data held in the memory system that relates to you.

8. Jurisdiction-Specific Disclosures

Some jurisdictions require specific disclosures regarding how we handle your personal data. The table below supplements this Privacy Policy by providing additional details about the purpose of data collection, type of data collected, and legal basis. For more information, see “Personal data we collect,” “How we use personal data,” and “Retention” above.

9. Privacy Policy Changes

We may update this Privacy Policy from time to time. When we do, we will publish an updated version and effective date at the top of this page, unless another type of notice is legally required. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

10. Contacting Us

We encourage you to contact us at info@blbk.ai if you have any questions about this Privacy Policy.

1. Personal data we collect

We collect the following categories of personal data:

A. Personal data you provide to us directly

We collect personal data if you create an account to use our Service or communicate with us. This includes:

  • Account Information: BlueBook collects identifiers, such as your name and email address, when you sign up for a BlueBook account or to receive information about our Service.
  • Payment Information: We collect your payment information if you seek to access any paid BlueBook products and services.
  • Inputs and Suggestions. The Service allows you to submit content (“Inputs”) and receive responses or other artifacts generated from your Inputs (“Suggestions”). BlueBook does not use Inputs or Suggestions to build internal datasets, and does not retain or internally collect the substantive contents of Inputs or Suggestions for model training, marketing, profiling, resale, or any other purpose unrelated to providing the Service, unless you have explicitly opted in.
  • Inputs and Suggestions may include sensitive or confidential information, including without limitation company-specific financial information, portfolio data, investor or client materials, fundraising or investment presentations, pitch decks, private placement materials, contracts, legal agreements, transaction documents, tax materials, accounting workpapers, consulting deliverables, or other proprietary business information. BlueBook does not ingest, store, or maintain these contents for its own use. Any processing of Inputs and generation of Suggestions is performed solely to deliver the requested functionality, and any content may be processed only transiently (including via third-party infrastructure providers engaged to support the Service) to produce Suggestions or execute requested actions.
  • You are responsible for ensuring you have all necessary rights and permissions to submit Inputs and to use any Suggestions. If Inputs include personal data, the Service may reproduce or transform that information in the Suggestions generated for you. BlueBook may retain only limited metadata and operational logs (e.g., timestamps, feature usage, device identifiers, error logs) as reasonably necessary to provide and secure the Service, prevent abuse, comply with legal obligations, and improve reliability – but such logs are not used to reconstruct or retain the substantive content of Inputs or Suggestions.
  • Communication Information: If you communicate with us, we collect your name, contact information, and the contents of any messages you send.
  • Feedback: While using the Service, you may provide feedback, including ideas and suggestions for improvement or rating a Suggestion in response to an Input ("Feedback"). If you provide Feedback on the Service, we may store the entire exchange as part of your Feedback.

B. Personal data we receive from your use of the Service

When you use the Service, we also receive certain technical data automatically. This includes:

  • Device Information. When you install, access, or use the BlueBook desktop application (the “App”), the App may automatically collect certain information about your device and environment. This information may include your device type and model, operating system and version, device identifiers, hardware and performance characteristics, application version, language and regional settings, and information about your network connection (such as IP address and internet service provider). The information we collect may vary depending on your device and system settings.
  • Log Information. We collect diagnostic and usage information to help operate, secure, and improve the App. This may include log data such as IP address, timestamps, crash reports, error logs, performance data, and technical information about how you interact with the App (for example, features accessed, actions taken, and general usage patterns). We use this information to troubleshoot issues, monitor reliability, prevent abuse, and improve the user experience.
  • Usage Data. We collect information about how you use the BlueBook desktop application (the “App”). This may include the dates and times you access the App, the features you use, the actions you take within the App (such as creating or opening projects, executing workflows, running commands, or initiating file operations), and other information about your interactions with the App. We may also collect information about the App configuration and technology on the device you use to access the App (such as the App version and enabled settings). We use this information to operate the App, maintain and improve performance and reliability, diagnose issues, prevent misuse, and understand how the App is used.
  • Cookies & Similar Technologies. The App itself does not use browser cookies in the same manner as a traditional website. However, BlueBook and our service providers may use cookies, local storage, device identifiers, SDKs, or similar technologies in connection with our website, authentication flows, and in-App services (such as embedded web views, sign-in, analytics, and support features) to operate and manage the Services and improve your experience. These technologies help us recognize you, maintain your session, remember preferences, enhance security, personalize certain features, market additional products or services (where permitted), and analyze and optimize usage.
  • Location Information. For security, fraud prevention, and performance purposes, we may determine the general geographic location associated with your device when it connects to the Services. We typically do this by using information such as your IP address. We may use this information to detect unusual login activity, enforce security measures, comply with legal requirements, and improve service performance (for example, by routing traffic to the nearest service region). We do not attempt to determine your precise location unless you choose to provide it.

C. Information We Do Not Collect

BlueBook does not knowingly collect sensitive or special category personal information, such as genetic data, biometric data used for uniquely identifying a natural person, health information, or information regarding racial or ethnic origin, religious or philosophical beliefs, or sexual orientation. We also do not knowingly collect certain highly sensitive identifiers, including government-issued identification numbers (such as Social Security numbers, driver’s license numbers, or passport numbers) or financial account credentials (such as bank account numbers, payment card numbers, or login credentials), except to the limited extent necessary to provide the Services (for example, to process payments) and only where explicitly provided by you.

Additionally, BlueBook does not knowingly collect information from children under the age of 13 and does not direct the Services or content to children. If we learn or have reason to suspect that a user is under the age of 13, we will investigate and, if appropriate, delete the personal data and/or terminate the account.

2. How we use personal data

We may use personal data for the following purposes:

  • To provide and maintain the Service, including optional features that enhance functionality and user experience.
  • To create, manage, and administer your account, including facilitating payments and responding to inquiries.
  • To improve and develop the Service and conduct research, including debugging and identifying or repairing issues that impair functionality.
  • To communicate with you, including sending updates, information about the Service, and events.
  • To prevent, detect, and investigate fraud, abuse, security incidents, and violations of our Terms of Service.
  • To comply with legal obligations and protect the rights, safety, privacy, and property of users, BlueBook, or third parties.
  • To investigate and resolve disputes or security issues.
  • To enforce our Terms of Service and other applicable agreements.

We do not use Inputs or Suggestions to train machine learning or other models, or permit third parties to use them for training, unless: (1) they are flagged for security review (in which case we may analyze them to improve our ability to detect and enforce our Terms of Service), (2) you explicitly report them to us (for example, as Feedback), or (3) you’ve explicitly agreed to their use for such training purposes. You can find instructions in the Service on how to manage your preferences regarding the use of Inputs and Suggestions for training.

We may aggregate or de-identify personal data so that it no longer identifies you, and use that information for the purposes described above, such as analyzing how the Service is used, improving or adding features, and conducting research. We will maintain de-identified information in its de-identified form and will not attempt to reidentify it, except as required by law.

3. How we share personal data

We may disclose your personal data in the following circumstances:

  • Service Providers and Business Partners: We may disclose personal data to third-party vendors and service providers who support our business operations and help us deliver and improve the Service. This includes third-party hosting, cloud infrastructure, model, analytics, customer support, safety monitoring, communications, payment processing, compliance services, and IT providers. These parties process personal data only as necessary to perform services on our behalf, consistent with our and your instructions and applicable law.
  • Business Transfers: In the event of a merger, acquisition, restructuring, bankruptcy, or other corporate transaction, personal data may be disclosed to counterparties and advisers as part of due diligence or transferred as part of the transaction.
  • Legal Compliance and Protection of Rights: We may disclose personal data to government authorities or other third parties if we believe doing so is necessary to: (i) comply with applicable laws, regulations, or legal processes, (ii) respond to lawful requests or investigations, (iii) protect the safety, rights, or property of any person, (iv) prevent fraud, security incidents, or other unlawful activity, (v) enforce our Terms of Service or other legal rights, or (vi) protect BlueBook against legal liability.
  • Affiliates: We may share personal data with affiliates, meaning an entity that controls, is controlled by, or is under common control with, us. They may use personal data in a manner consistent with this Privacy Policy.
  • Third-Party Services and Integrations: The Service may include integrations with or links to third-party websites, applications, or services. If you choose to interact with these third parties, your personal data may be disclosed to them directly and governed by their own terms and privacy policies. Our linking or integrating with a third party does not imply endorsement or affiliation.
  • Business Account Administrators: If you create an account using an email associated with an organization (e.g., your employer), we may disclose account-related information (such as your email address and account status) to that organization. If you're part of a business or enterprise account, administrators may access and manage your use of the Service.
  • Other Users and Third Parties You Share Information With: Certain features of the Service may allow you to share Inputs, Suggestions, or other content with other users or third-party applications. Any information you voluntarily share with those parties is subject to their respective terms and privacy policies.
  • With Your Consent: We may disclose personal data when you give us permission to do so, including through features of the Service that are designed to share information.

4. Retention

BlueBook keeps personal data only for the period reasonably required to provide and maintain the Service and to meet legitimate operational needs, such as complying with legal obligations, protecting the security and integrity of the Service, resolving disputes, and enforcing our agreements. How long we retain personal data depends on the context in which it was collected, the nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, and any retention requirements under applicable law.

Your product settings and the way you use the Service may also affect retention. For example, certain transient or session-based interactions may not appear in your user history and may be retained only for a limited time for security, safety, diagnostic, and system monitoring purposes. For clarity, BlueBook does not retain the substantive contents of your Inputs or the Suggestions generated from them for its own use (including for model training), except to the limited extent and duration necessary to provide the requested functionality or as required by law.

When personal data is no longer necessary for these purposes, BlueBook and its service providers take reasonable steps to delete, erase, de-identify, or anonymize it in accordance with applicable laws and our retention practices.

5. Security

We implement commercially reasonable technical and organizational measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, please remember that no method of transmission over the Internet or method of electronic storage is completely secure. You should use caution when deciding what information to share with the Service. We are not responsible for any circumvention of privacy settings or security features on the Service or on third-party websites linked through the Service.

6. Your rights and choices

Depending on where you live and the laws that apply in your country of residence, you may have certain rights in relation to your personal data. These may include the right to access, delete, correct, or transfer your personal data; to object to or restrict how we process it; or to withdraw your consent where processing is based on consent. You may also have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, you or your authorized agent may contact us at info@blbk.ai. We may request information to verify your identity before processing your request. If we deny your request, you may appeal by emailing the same address. BlueBook will not discriminate against you for exercising any privacy rights available under applicable law.

The rights available to you may include:

  • Right to know what categories of personal data we collect, the purposes for which we use it, and the types of third parties with whom we share it.
  • Access and portability, meaning you can request a copy of the personal data we hold about you and, where applicable, ask us to provide it in a portable format.
  • Deletion of personal data collected from you in connection with your use of the Service, subject to certain exceptions.
  • Correction of inaccurate personal data we maintain about you. Please note that while we’ll make reasonable efforts to address correction requests, due to the nature of our models, we cannot guarantee the accuracy of Suggestions generated by the Service.
  • Objection to certain types of processing. Where applicable, we will stop processing unless we have legitimate legal grounds to continue.
  • Restriction of our processing of your personal data in limited circumstances, such as while a correction request is pending.
  • Withdrawal of consent, where the legal basis for our processing is based on your consent. Withdrawal does not affect the lawfulness of prior processing.
  • No automated decisions: BlueBook does not make decisions based solely on automated processing that impact your legal rights or has similarly significant effects (e.g. your healthcare or financial circumstances).
  • No sale or targeted advertising: We do not “sell” or “share” personal data for cross-contextual behavioral advertising, and we do not process personal data for “targeted advertising” purposes (as those terms are defined under applicable US state privacy laws). We also do not process sensitive personal data for the purposes of inferring characteristics about a consumer.

BlueBook processes your personal data for the purposes described in this Privacy Policy on servers located in various jurisdictions, including in the United States. While data protection laws vary by country, we apply the protections outlined in this policy to your personal data regardless of where it is processed, and we only transfer data in accordance with legally valid transfer mechanisms. For users in the European Economic Area, (“EEA”), when you access our Service, your personal data may be transferred to our United States servers to other countries outside the EEA and the UK. Where information is transferred outside the EEA or the UK, we require an adequate level of data protection.

7. Jurisdiction-Specific Disclosures

Some jurisdictions require specific disclosures regarding how we handle your personal data. The table below supplements this Privacy Policy by providing additional details about the purpose of data collection, type of data collected, and legal basis. For more information, see “Personal data we collect,” “How we use personal data,” and “Retention” above.

8. Privacy policy changes

We may update this Privacy Policy from time to time. When we do, we will publish an updated version and effective date at the top of this page, unless another type of notice is legally required. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

9. Contacting us

We encourage you to contact us at info@blbk.ai if you have any questions about this Privacy Policy.