Privacy Notice
Last updated on October 15th, 2024
This Privacy Notice applies to you if you use our Service, if you are a business partner or supplier, or if you use this website, and even if you communicate with us via email, or if you otherwise interact with us through other platforms.
If you are an existing customer, business partner or supplier of ours, further details about how we use your Personal Data will be set out in your contract with us.
Definitions:- Personal Data means information relating to a living individual (a ”Data Subject”) who is, or can be, reasonably identified from information, either alone or in conjunction with other information.
- Customer is the business that holds a Bluebook account.
- Customer User is an individual that uses the Bluebook service.
- Visitor: you are a visitor to our website (Bluebook.com).
Types of personal data we collect
We collect the following types of Personal Data:
- Contact details (name, email address, phone number)
- Account information (username, password)
- Usage data (IP address, browser type, operating system, pages visited)
- Communication data (emails, messages sent to us)
Who we are, and your personal data
For the purpose of your interactions with Bluebook Technology AB, Sweden, (Bluebook, ‘we’, ‘us’, ‘our’), we are a Data Controller when we are using personal data collected to improve and secure the service, and to enable us to work together with our business partners, service providers (‘Third Parties’) and consultants. We are a Data Processor when we are a supplier of the Bluebook Service to our Customers.
Bluebook is an AI-powered co-pilot that boosts the productivity of accounting firms by streamlining information gathering through a single source of truth and delivering client-specific insights faster. With a vision to build self-driving accounting on autopilot, Bluebook uses platform-generated data to automate bookkeeping based on advisory best practices.
Why does Bluebook need your personal data?
Bluebook uses your personal data to manage and provide a quality Service, to ensure that the content is presented in the most effective manner for you and your device, and to allow you to participate in interactive features of our Service. Additionally, we use Personal Data to keep the Service safe and secure, administer our Service for internal operations, including troubleshooting, data analysis (including traffic data analysis) and testing.
Bluebook may access the User’s account and data and undertakes to keep the collected data confidential and not to use it for other purposes than providing the Service.
Legal grounds for processing
We process your Personal Data based on the following legal grounds:
- Performance of a contract: To provide and manage the Service as per our agreement with you.
- Legitimate interests: For improving and securing our Service, and for internal operations.
- Compliance with legal obligations: To comply with applicable laws and regulations.
- Consent: Where you have given consent for specific purposes.
How long will we store your personal data?
Bluebook will only store your Personal Data for as long as it is required for the performance of contractual obligations with their customers, to make its services available to you. Bluebook will also retain your Personal Data for additional periods if applicable laws require it.
- Deletion of personal data used by AI
- It is our customer who decides how long personal data is stored in Bluebook for the use of AI is retained.
- The customer can select that Bluebook deletes all personal data used by AI as of immediate effect.
- Upon termination of a customer contract with us, we will delete all personal data used by AI after 3 months.
- If a customer defaults on subscription payments, Bluebook will delete all personal data used by AI after 6 months.
How do we protect your personal data?
We implement security measures commensurate to the risk assessed on processing of your Personal Data. We maintain appropriate organisational, technical and contractual safeguards to protect against loss, misuse or unauthorised access, disclosure, alteration or destruction of Personal Data. Access to your Personal Data is restricted using the ‘need-to-know’, ‘need-to-access’ principle. Our service providers adhere to internationally recognised security standards and your Personal Data is stored on secure servers.
To find more on how personal data is protected, check the links to the Privacy Notices of online services we use to deliver the Bluebook service in the following section.
With whom we may share your Personal Data?
We may in some situations share your Personal Data with third parties such as business partners, suppliers, vendors, consultants, agencies, customers, supply and service providers (‘Third Parties’). We only share Personal Data where it is relevant and necessary for us to perform the activities described in this Privacy Notice.
Below is a list of services we use to deliver the Bluebook Service.
| Service name | Data storage | Data processing description | Link to Privacy Notice |
|---|---|---|---|
| Vercel | Serverless | We use Vercel to host our service. Vercel is a cloud platform that allows us to build and deploy our service in a secure and scalable manner. | https://vercel.com/legal/privacy-policy |
| Render | N/A | We use Render to host internal services. | https://render.com/privacy |
| Supabase | At rest | We use Supabase to store our data. Supabase is a cloud-based database that allows us to store and manage our data in a secure and scalable manner. | https://supabase.com/privacy |
We do use third-party service providers outside of the European Economic Area (the “EEA”) which means that we will transfer your Personal Data to countries outside the EEA. If these transfers are to a country for which the EU Commission has not issued an adequacy decision, Bluebook uses the EU standard contractual clauses to contractually require that your Personal Data receives a level of data protection consistent with the EEA.
What are your rights as a data subject?
If we use your Personal Data for the activities mentioned in this Privacy Notice, you may request:
- further details about how we use your Personal Data, including receiving a copy of your Personal Data
- that we correct, update or erase your Personal Data
- that we restrict the use of your Personal Data
- object to us using it, or that we use it for direct marketing and/or automated decision making, including profiling
- that we transfer your Personal Data to you or a Third Party (data portability)
If we use your Personal Data specifically based on our legitimate interests, you may at any time object to us using your Personal Data based on this legal basis. Please note that these rights are subject to certain exemptions and may not all be available in the country in which you are based. This might be due to obligations imposed upon us, such as other legislation requiring us to retain the Personal Data, protection of the rights and freedoms of others, or the like. You will be informed if this is the case.
How to exercise your rights
If you wish to exercise your rights, you can contact us by sending an email to privacy@bluebook.com. If you have any queries that cannot be clarified as a result of internal dialogue with us or you wish to file a complaint, you can contact the Swedish Authority for Privacy Protection at the Swedish Data Protection Authority.
Information provided to data subjects
If a data subject wants to know more, or if we need to inform one of our data subjects, contact will be made through privacy@bluebook.se. We will not store any copies of these conversations.
Use of Cookies
We use cookies to enhance your experience on our website and provide essential functionality. We utilize the following services:
- Supabase for user authentication
- Next.js for our web application framework
- PostHog for analytics
These services may use cookies to function properly. Cookies are necessary for the proper functioning of our service, helping us maintain secure user sessions, improve user experience, and understand how our website is used to make improvements.
GDPR Compliance
We process Personal Data in accordance with the applicable General Data Protection Regulation (GDPR) and are responsible for all Personal Data that is submitted to us by you. This includes ensuring that all data processing activities, including the use of cookies, are conducted in compliance with EU data protection laws. We respect and uphold your rights to privacy and data protection as outlined in the GDPR.
If you have any questions or concerns about our GDPR compliance, please contact us at gdpr@bluebook.se.
Updates to this Privacy Notice
Any changes to this Privacy Notice will be made on this page and the date of the latest update is shown in the header section.
The Company
Bluebook Technology AB
559482-7809
hello@bluebook.se