Last updated: June 7, 2025
BlueprintHQ ("Company", "we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services (collectively, the "Service").
This Privacy Policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws. By using the Service, you agree to the collection and use of information in accordance with this policy.
The data controller responsible for your personal data is:
BlueprintHQ
Email: privacy@blueprinthq.com
We process your personal data based on the following legal grounds:
Processing necessary to provide the Service, manage your account, and fulfill our contractual obligations to you.
For optional features, marketing communications, and non-essential cookies. You may withdraw consent at any time.
For security, fraud prevention, service improvement, and analytics, where our interests do not override your rights.
When required to comply with applicable laws, regulations, or legal processes.
We use your personal data for the following purposes:
We do not sell your personal data. We may share your information only in the following circumstances:
We use third-party service providers to help operate our Service. These providers have access to your data only to perform specific tasks on our behalf and are obligated to protect your information:
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).
If we are involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.
We may share your information for other purposes with your explicit consent.
Your information may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:
Our primary service providers (Firebase, Google Cloud, Vercel) maintain GDPR-compliant data processing agreements and participate in recognized data protection frameworks.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
| Data Type | Retention Period |
|---|---|
| Account data | Duration of account + 30 days after deletion request |
| User content (habits, goals) | Duration of account + 30 days after deletion request |
| Usage logs | 12 months |
| Analytics data | 24 months (anonymized/aggregated) |
| Support communications | 3 years |
As a data subject under GDPR, you have the following rights regarding your personal data:
You can request a copy of your personal data and information about how we process it.
You can request correction of inaccurate or incomplete personal data.
You can request deletion of your personal data in certain circumstances.
You can request that we limit how we use your data in certain circumstances.
You can request a copy of your data in a structured, machine-readable format.
You can object to processing based on legitimate interests or for direct marketing purposes.
Where processing is based on consent, you can withdraw your consent at any time.
To exercise any of these rights, please contact us at privacy@blueprinthq.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with a supervisory authority if you believe your rights have been violated.
We use cookies and similar tracking technologies to collect and track information about your use of the Service. Cookies are small data files stored on your device.
You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child under 18 without parental consent, we will take steps to delete that information.
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice (such as email notification).
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes become effective constitutes your acceptance of the revised policy.
If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your data, please contact us:
BlueprintHQ - Privacy Team
Email: privacy@blueprinthq.com
EU Representative: If you are in the European Union and wish to contact our EU representative, please email privacy@blueprinthq.com.
Supervisory Authority: You have the right to lodge a complaint with a data protection supervisory authority in your country of residence.