User Privacy Statement

User Privacy Statement

Last Updated: August 20, 2021

This Privacy Statement (or this “Statement”) explains how Blue Ocean AI, Inc (trading as Blueocean.ai, and referred to here as “BlueOcean”, “we” or “us”) collects, uses and shares information about you when you visit our website at https://www.blueocean.ai/ or any services that we offer. This Statement also describes how you can request that we delete your personal information, or to exercise other rights that you may have under applicable law.

In this Privacy Statement, “Services” refers to any services that we offer, including our websites. “Personal information” refers to any information that identifies a specific individual or may reasonably be used to identify a specific individual.

If you have any questions or concerns about our information practices, please contact us privacy@blueocean.ai, or as provided under “Contact Us” below.


General

We are Blue Ocean AI, Inc (trading as Blueocean.ai) (“we”, “us” or “Blueocean.ai”). Our registered office address is at 100 California Street Suite 620, San Francisco, CA 94111. Our EIN number is 84-2316129.

This Privacy Statement explains how we collect, process, and use data about you. This Privacy Statement applies to all users, including those users who use the Services via their employer or another company. This Privacy Statement also applies to all of the data that we collect through our Services, irrespective of the type of Services or the device you use to access the Services.

1. How We Collect Information

1.1.        In General. The personal information we collect about you depends on the Services that you use (and how you use them). For example, if you are the primary account holder for your company and use Brand Navigator, the personal information we collect about you would be different than the personal information that we collect about a user who has view-only access to Brand Navigator. The remainder of this section sets out the categories of personal information we collect depending on your use of our Services.

1.2.        Information Collected Directly from You. If you register as a user of any of our Services, we may ask you to provide your name, email address, contact telephone number, the company you work for, your address, a username and password, and other personal information relevant to the Services we provide. If you are not an administrative user for your account, personal information about you may be provided by your company or employer, or other third party. We may also collect other personal information directly from you, from time to time, for example if you communicate with us or request information about our Services.

1.3.        Payment Information. Depending on your account type, we may also collect payment information from you in order to take payment for our Services. Payment information may be personal information about you, or it may be information about your company or employer.

1.4.        Support Services. If you contact our support services, we will collect personal information as needed to understand and categorize your question and respond to it. In addition to responding to your support requests, we use this personal information to track potential issues with our Services and customize our support responses to better serve you.

1.5.        Information We Collect Automatically. We automatically collect certain information when you use any part of our Services, including when and how often you use our Services, features you use and other online activity information. We may also collect device data, including IP address, operating system information, web browser type, mobile device information (such as identifier and operating system), and the name of your ISP or mobile carrier. We may also collect your location data if your device permits this. We may collect data about how you interact with messages we send to you, for example whether you opened an email or read an in-app message.

1.6.        Cookies, Web Beacons and Similar Technologies. We, our service providers and third-party partners may use cookies and similar technologies to collect information when you use our Services. Cookies are small files stored directly on the computer or device that you are using, for record-keeping or tracking purposes. Web beacons (also known as pixel tags or clear GIFs) may be used to, among other things, track the actions of users of our Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates.

1.7.        Inferences. We may make inferences about you based on personal information you provide or made available to us. This information may be used to personalize your experience of using our Services or to suggest different Services that you may be interested in trying.

1.8.       Sources of Personal Information. In most cases, the personal information described here is collected from you. You may submit this information to us directly, as when you register as a user, or we may collect this information automatically as you use our Services or interact with us. In some cases, we may collect personal information about you from third parties, including when it is submitted to us by your company or employer.

2. How We Use Personal Information

2.1.        In General.  We generally use the personal information we collect in order to provide our Services and operate our business, and for other purposes, described below.

2.2.        Provide Services. We use your personal information to provide our Services to you. This includes:

  • Presenting you with information and content through the Services
  • Personalizing the Services
  • Processing transactions (including financial transactions) relating to your use of our Services
  • Providing customer support or otherwise respond to your questions or requests

2.3.        Communications. We use personal information to communicate with you, including by email or other means available on or through the Services (for example, via messaging in Brand Navigator or push notifications if you use a mobile application). Communications include:

  • Transactional or service messages, such as welcoming you to our Services or informing you of scheduled downtime
  • Marketing communications, on our own behalf or on the behalf of third parties

2.4.        Development and Improvement. We may use personal information to conduct research and development for the improvement of our Services and business operations, and to provide all of our users with a better experience.

2.5.        Legal Compliance. We use personal information as we believe necessary or appropriate to comply with applicable law, lawful requests and legal process, such as replying to subpoenas or requests from government authorities.

2.6.        Compliance, Fraud Prevention and Safety. We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to:

  • Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims)
  • Audit our internal processes for compliance with legal and contractual requirements
  • Enforce the terms and conditions that govern the Services
  • Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity

2.7.        Combining Data. We may combine personal information about you that we collect across our different Services.

2.7.        To Create Anonymous Data. We may create aggregated, de-identified or other anonymous data from your and other individuals’ personal information we collect, where the resulting data does not identify individual persons. We may use this anonymous data and share it with third parties for any lawful business purposes, including to analyze and improve the Services and promote our business.

2.8.        As Described or with Your Consent. We may use or disclose your personal information for other purposes that are described at the time we collect your personal information. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when your consent is required by law.

3. How We Share Personal Information

3.1.        Affiliates. We share personal information with our affiliates (meaning legal entities controlled by, controlling, or under common control with us) as reasonably necessary to provide the Services.

3.2.        Service Providers. We may share personal information with selected third parties that provide services to us or on our behalf, including our business partners, vendors, suppliers and subcontractors. These third parties assist in providing Services and our business operations. We may also share personal information with analytics and search engine providers that assist us in the improvement of our website or other Services. When we share personal information with third parties, we take commercially reasonable steps to ensure sufficient safeguards protecting your personal information.

3.3.        Legal Compliance. We may share personal information to comply with applicable law, as described above.

3.4.        Compliance, Fraud Prevention and Safety. We may share personal information for compliance, fraud prevention and safety purposes, as described above.

3.5.        Business Transactions. We may share personal information in connection with a business transaction (or potential business transaction), such as a sale or other transfer of all or part of our business or assets in context of a merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

3.6.        As Described or with Your Consent. We may use or disclose your personal information for other purposes that are described at the time we collect your personal information. We may specifically ask for your consent to share your personal information, such as when your consent is required by law.

3.7.        No Disclosures for Third Parties’ Direct Marketing without Consent. It is our policy not to disclose your personal information to third parties for those third parties’ direct marketing purposes without your consent.

4. Your Choices

4.1.        In General. You have certain choices about whether we retain and how we use your personal information, described here. In addition, you may have certain rights with respect to your personal information under applicable laws. For residents of the EU/EEA and California, please see the sections below that describe specific rights granted under relevant laws.

4.2.        Deletion of Your Personal Information. If you would like us to delete your personal information, please email us at privacy@blueocean.ai to request deletion. Or, if you are a client who uses our Services, you may also request deletion of your personal information through our Customer Support team.

Please understand that we can only delete personal information in response to a verified request, and we may request additional information or take other actions to confirm your identity if you request deletion. Also, we may not be able to delete your personal information if we are required under applicable law to maintain that information, or if it is necessary for financial reporting or other compliance purposes.

4.3.        Opt-Out of Marketing Communications. We may send you marketing communications even if you do not have a user account, if you have indicated to us that you wanted to receive such communications. You can opt out of receiving future marketing communications at any time by following instructions or links in the footer of marketing emails, or in other marketing communications that we send to you. Please note that, even if you opt out of marketing communications, you will still receive communications from us about your account, transactions or service messages.

4.4.        Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals sent to our website or other Services. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

4.5.        Cookies. Internet browsers may be configured to reject or disable cookies, as described in browser documentation. Please understand, however, that rejecting or disabling cookies may affect your experience of our Services interfere with your ability to access our Services.

4.6.        Declining to Provide Information. You may decline to provide us with your personal information. However, we need to collect personal information to provide certain Services. If you do not provide the information requested, we may not be able to provide those Services. We will indicate where any personal information we have requested is mandatory or optional.

5. Retention of Your Personal Information

5.1.        We will retain personal information about you for as long as it is reasonably necessary for us to provide the Services, or for our reasonable internal business operations as permitted under applicable law. We will also retain personal information as required under applicable law.

6. Security

6.1.        The security of your personal information is important to us, and we have implemented appropriate administrative, technical, and physical controls that are designed to safeguard your personal information, including industry-standard encryption technology.

6.2.        However, please understand that security risks are inevitable in all internet and information technologies, and we cannot guarantee the security of your personal information.

7. Privacy Practices of Third Parties

7.1.        This Privacy Statement only addresses BlueOcean’s information practices. Our Services may connect to third-party websites or services, and personal information that you choose to publish in a public (or semi-public) forum may be accessed by third parties. Those third parties may use your personal information for other purposes in accordance with their own information practices. We encourage you to familiarize yourself with the privacy statements provided by any platform you use to publish any personal information.

7.2.        Please note that our Services may use the YouTube API. YouTube’s developer terms require us to notify you that our Services use YouTube API Services (i.e., data from YouTube) and to link to the YouTube privacy statement, available at http://www.google.com/policies/privacy.

8. International Data Transfers

8.1.        We may transfer personal information to, and store it in, a country other than your country of residence, which may not provide the same level of data protection as your own country. Whenever we transfer personal information internationally, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely.

9. Changes to this Privacy Statement

9.1.        We may modify this Privacy Statement at any time to reflect changes to our information practices. If we make material changes to this Privacy Statement, we will notify you by updating the “last updated” date noted at the top of this Privacy Statement and posting it to our website and, as appropriate, other Services. If required by law, we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail or another manner through the Services.

9.2.        Any modifications to this Privacy Statement will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your continued use of the Services after the posting of any modified Privacy Statement indicates your acceptance of the terms of the modified Privacy Policy.

10. Contact Us

10.1.      Please email us at privacy@blueocean.ai with any questions or comments about this Statement, or our information practices

10.2.      You may also write to us via postal mail at

Blue Ocean AI, Inc.
100 California Street, Suite 620
San Francisco, CA 94111
USA

11. Information for California Residents

11.1.      In General. We are required under the California Consumer Privacy Act of 2018 (the “CCPA”) to provide California residents with certain information about the rights granted to California residents under the CCPA and about our practices with respect to the collection, use and sharing of personal information. For the purposes of this section of this Privacy Policy, “personal information” has the meaning given to that term under the CCPA.

11.2.      Privacy Rights of California Residents. Where applicable and with certain exceptions, California residents have the following privacy rights under the CCPA:

  • The right to request information described below about how we have collected and used personal information about you within the past 12 months, subject to certain exceptions and limitations:
    • The categories of personal information we have collected about you;
    • The categories of sources from which we collected personal information about you;
    • The categories of third parties to whom your personal information was disclosed;
    • The business or commercial purpose for which your personal information was collected and/or sold;
    • Whether we have disclosed your personal information for a business purpose, and if so, the categories of personal information received by each category of third-party recipient; and
    • Whether we have sold your personal information for a business purpose, and if so, the categories of personal information sold to each category of third-party recipient.
  • The right to request a copy of the specific pieces of personal information we hold about you.
  • The right to request that we erase your personal information, subject to certain exceptions.
  • Opt-Out. The right to direct a business that sells your personal information to cease selling your personal information.
  • The right to be free from discrimination for exercising any of the rights above.

In certain instances, we are only obligated to comply with verified consumer requests, and we will need to verify your identity prior to addressing or fulfilling a request made pursuant to the CCPA. Your request must provide sufficient information for us to reasonably verify that the request comes from the person about whom we collected personal information, or a person authorized to act on their behalf.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to personal information collected about you. If a request is made by an agent on your behalf, the agent must provide sufficient information for us to reasonably verify that they have been properly designated or authorized by you to act on their behalf.

Please also understand that we are not obligated to provide you with a copy of personal information about you more than twice in a 12-month period.

11.3.      How to Exercise Your Rights. If you are a California resident, you can exercise your rights by contacting us as follows:

  • By email to: privacy@blueocean.ai
  • By postal mail to: Blue Ocean AI, Inc., 100 California Street Suite 620,  San Francisco, CA 94111, USA

if you’re a client of BlueOcean, you may also request be able to request deletion of your personal information through our Customer Support team.

11.4.      Personal Information that We Collect, Use and Share. We are also required under the CCPA to provide California residents with certain information about how we collect, use and share personal information by reference to statutory categories set forth in the CCPA. The chart below summarizes our practices with respect to personal information of California residents during the 12 months preceding the date of this Privacy Policy, by reference to the information provided above.

Statutory Category Information Collected Sources of Information
Identifiers (such as name, email, address, phone number) See sections 1.2 and 1.4 See sections 1.2, 1.4 and 1.8
Financial, medical or insurance information (such as payment cards, financial account numbers) See section 1.3 See sections 1.3 and 1.8
Characteristics of protected classifications under California or federal law (such as age, gender, race, citizenship) See section 1.2 See sections 1.2 and 1.8
Commercial activity and information (such as transaction history) See section 1.5 See section 1.5
Internet or network activity and information (such as usage and browsing data) See section 1.5 See section 1.5
Professional or employment information See sections 1.2 and 1.4 See sections 1.2, 1.4 and 1.8
Geolocation data See section 1.5 See section 1.5
Sensory information (such as photos, other recorded electronic information) Not collected Not collected
Inferences drawn from any personal information collected See section 1.7 See sections 1.7 and 1.8

The purposes for which we collect personal information are described in section 2, above.

We may disclosure personal information to third parties as described in section 3, above.

Please note that BlueOcean does not, and will not, “sell” personal information collected about you, as “selling” is defined in the CCPA.

12. Information for Persons Subject to EU Data Protection Law

12.1.      In General. For persons located in the European Union (“EU”), European Economic Area (“EEA”), the United Kingdom (“UK”) or other locations subject to EU (and aligned) data protection laws (collectively “Europe”), we recognize and comply with relevant data protection laws, including Regulation (EU) 2016/679 (General Data Protection Regulation or “GDPR”), and we provide the following information in accordance with such law. For the purposes of this section of this Privacy Statement, “personal information” has the same meaning as “personal data” under GDPR.

12.2.      Controller. With respect to personal information subject to GDPR, the “controller” entity is Blue Ocean AI, Inc. and our contact details are as follows:

Blue Ocean AI, Inc.
100 California Street, Suite 620
San Francisco, CA 94111
USA

For any questions or concerns regarding the processing of personal information, please contact us at the address above or by emailing us at privacy@blueocean.ai.

12.3.      Lawful Bases for Processing Personal Information. We process personal information subject to GDPR under one or more of the following legal bases:

  • Where it is necessary for our legitimate interests (or those of a third party) and your fundamental rights do not override those interests
  • Where it is necessary to perform a contract to which you are a party, or to take steps at your request prior to entering into a contract
  • Where we need to comply with a legal or regulatory obligation (e.g. anti-money laundering regulations)
  • Where you have expressly given us your consent.

Where we rely on your consent for using your personal information, you have the right to withdraw it any time in the manner indicated when you provide consent.

12.4.      Privacy Rights of Residents of Europe. If you are a resident of Europe, applicable data protection laws provide you with certain rights, which may include the following, subject to certain exceptions and conditions:

  • Access and Portability. The right to ask us for a copy of the personal information which we hold about you, which may, to the extent applicable, be provided in an electronic format that you may transmit to another controller
  • Rectification and Deletion. The right to ask that any information we hold about you is updated, rectified or deleted
  • Objection. The right to object to or restrict our using your personal information

You can make a request to exercise any of these rights free of charge by contacting us at privacy@blueocean.ai. We reserve the right to charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive.

12.5.      Lodging a Complaint. If you feel that we have not been able to resolve your query or concerns regarding our processing of your personal information, you may raise a formal complaint. If you remain unsatisfied with our response, you may bring your complaint to the relevant privacy regulator.

12.6.      Transfers of Personal Information Outside of Europe. We may transfer personal information to countries that do not by law provide the same level of data protection as the laws within Europe. We will ensure that any such international transfers are made in accordance with applicable legal requirements and subject to appropriate safeguards as required under applicable laws, for example, under GDPR, the EU Standard Contractual Clauses adopted by the European Commission or other safeguards recognized by the European Commission. Please contact us at privacy@blueocean.ai for further information about any such transfers or the specific safeguards applied.

Schedule a demo