BlueCloud - Digital Strategy & Transformation | Cloud Operations | Data Engineering & Analytics

Privacy Policy

BlueCloud respects your privacy and is committed to protecting it.

This policy describes the types of information BlueCloud may collect from you as a website visitor, employee, customer, business partner, prospect, recipient of marketing communications, end users, and event attendees, or that you may provide when you visit the website Blue.cloud, use our software tools, or purchase our products and services, and our practices for collecting, using, maintaining, protecting, and disclosing that information.

Please read this policy to understand our policies and practices regarding how we treat your information. If you do not agree with our policies and practices, your choice is not to use our website or software tools. By accessing or using our website or software tools, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the website or software tools after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

BlueCloud infrastructure has security measures in place to help protect against the loss, misuse, or alteration of information under our control. These measures include encryption of data using the Secure Socket Layer (SSL) system and encryption at rest.

Personal Information Protection Policy

BlueCloud recognizes the importance of personal information and ensures the protection and safeguarding of its customers' personal information as a fundamental principle of its business and its responsibility to society. Accordingly, we have established the Personal Information Protection Policy described below to ensure that all its officers, employees, and business partners thoroughly understand and fully comply with the Policy.

Collection, Use, Provision, and Entrustment of Personal Information

Personal information shall be collected only after informing the customers of the purpose and obtaining consent for doing so, except when the rights or interests of customers or third parties may be injured. The use of the personal information collected is limited, and the information shall be handled appropriately within this scope.
Personal information collected by us shall not be provided to third parties without prior consent of the customers, except as required by law or regulation.
In very rare cases, we may entrust customers' personal information with authorized third parties. In all such cases, we shall select the recipient with great care from among those parties that have established a sufficient level of protection of the personal information, and make necessary supervision or otherwise ensure, through a contract etc. stipulating the level of protection to be observed, that the recipient manages the information properly.

Disclosure, Correction, Discontinuance of Use, etc. of Personal Information

BlueCloud shall accommodate requests for disclosure, correction, discontinuance of use, etc. of customers' personal information promptly within a reasonable scope.

Implementation of Security Measures

BlueCloud implement safeguard measures and diligently work toward preventing unauthorized access to personal information, and the loss, destruction, alteration, leakage, etc. of such information. Specific rules governing the appropriate handling and use of personal information are in place, and staff are assigned to take responsibility.

Observance of Laws, Regulations and Other Norms Relating to Personal Information

With respect to the observance of laws, regulations, and other norms relating to personal information, our officers, employees, and business partners who handle personal information comply with the laws, regulations, and guidelines relating to the protection of personal information and the privacy of communication.

Continuous improvements to this Personal Information Protection Policy and In-house Rules and Regulations

BlueCloud makes continuous improvements to this Personal Information Protection Policy and in-house rules and regulations to ensure that the protection of personal information as determined by socially accepted norms is conducted effectively.

Inquiries as to Personal Information

BlueCloud will make every effort to respond to inquiries promptly within a reasonable timeline. Please contact our IT Support Team.

Data Retention

BlueCloud will only retain personal information for as long as necessary to fulfill the purposes for which it was collected. We will retain and use your personal information as necessary to comply with our business requirements, legal, accounting, or reporting obligations, resolve disputes, protect our assets, and enforce our agreements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of the personal information, the purposes for which we process the personal information, whether we can achieve those purposes through other means, and any applicable legal requirements.

Disclosure of Personal Information

BlueCloud will disclose personal data only when it is legally obligated to disclose personal information. This can include cases where law enforcement agencies request information as part of an investigation, or where a court order or subpoena compels the release of specific information.
Personal information can be shared if the individual gives explicit consent. For example, when signing up for a service or participating in a survey, individuals often agree to share specific details.
BlueCloud will handle publicly available information responsibly.
BlueCloud may need to collect and share personal information about employees for various reasons, such as payroll processing, benefits administration, and tax reporting.
BlueCloud shares the personal data only with partner third parties, who need access to certain personal information to perform their functions. It's important that these third parties also follow data protection regulations.

Data Security

BlueCloud has implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.

The safety and security of your information also depends on you. For accessing certain parts of our website or software tools, authentication with username and password is needed. In such cases, you are responsible for keeping this password confidential. BlueCloud requests you not to share your password with anyone. BlueCloud urges you to be careful about giving out information in public areas of the website. The information you share in public areas may be viewed by any user of the website or software tools.

Unfortunately, the transmission of information via the internet is not completely secure. Although BlueCloud does its’ best to protect your personal information, BlueCloud cannot guarantee the security of your personal information transmitted to our website or software tools. Any transmission of personal information is at your own risk. BlueCloud is not responsible for circumvention of any privacy settings or security measures contained on the website or software tools.

Network Access

BlueCloud requires secure network access to customer’s infrastructure. BlueCloud has three approaches which satisfy this requirement.

BlueCloud Dedicated ODC
Client VPN
Customer Laptop

BlueCloud Dedicated Offshore Development Center (ODC)

BlueCloud requires the setting up of a dedicated ODC specific to the customer’s environment. The dedicated ODC is a secure, scalable, and trusted access service for authorized resources. Dedicated ODC is not shared across customers. BlueCloud will work with the customer network operations team to setup up the required secure connectivity. BlueCloud will publish the location of audit and session data of all operations activity for both security and training. Cleanroom network needs routes and access to the Active Directory hosts.

VPN Connectivity

BlueCloud dedicated setup requires establishing a site-to-site IPSEC VPN between the customer’s network and BlueCloud cleanroom. BlueCloud follows industry standard RFC’s for IKE and IPSEC encryption and can accommodate multiple different settings for each based on customer security requirements.

Security Details

BlueCloud ODC strives for the highest standards of security and adheres to the following security practices:

Internet connection (made available as per client needs)
Encrypted data disk.
Two factor authentication of BlueCloud staff and role-based access control.
Hosts are patched, automatically updated every month and critical security patches are applied immediately.
All session commands are logged, and screenshots will be made accessible.
All network traffic is encrypted.
Staff will use randomly chosen secure passwords unique to each cleanroom.
Centrally managed anti-virus.
Centrally managed Data Loss Prevention (DLP).

Customer Client VPN

Customer provides client VPN software and credentials that can be installed on a local Virtual Machine (VM) for each named customer contact. BlueCloud’s employee laptops will serve as the VM host and have the following properties:

Encrypted data disk
Centrally managed anti-virus
Centrally managed Data Loss Prevention (DLP)

Customer Laptop

Customer provides a laptop to access the customer network with VPN access.

Changes to Our Privacy Policy

BlueCloud posts any changes made to privacy policy on this page. The date on which the privacy policy was last revised is identified at the top of the page. You are responsible for periodically visiting BlueCloud website and this privacy policy page to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at: privacy@blue.cloud