useBlue Logo

Privacy Policy

Last updated: March 17, 2026

1. Introduction

Blue, Inc. (“Company”, “we”, “us”) operates UseBlue.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your privacy and handling your data responsibly.

2. Information We Collect

Account Information: When you register, we collect your name, email address, and authentication credentials through our identity provider (AWS Cognito).

Usage Data: We collect information about how you interact with the Service, including pages visited, features used, and timestamps.

Healthcare Data: If you use the Service for healthcare workflows, you may submit patient data or protected health information (PHI). This data is handled in accordance with HIPAA requirements and our Business Associate Agreement.

Payment Information: Payment processing is handled by Stripe. We do not store your credit card details on our servers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and manage subscriptions
  • Send service-related communications
  • Monitor and analyze usage patterns to improve user experience
  • Ensure compliance with legal obligations
  • Protect against unauthorized access and abuse

4. HIPAA Compliance

We understand the importance of protecting healthcare data. For customers who are covered entities or business associates under HIPAA:

  • We offer a Business Associate Agreement (BAA)
  • PHI is encrypted in transit and at rest
  • Access to PHI is restricted to authorized personnel and systems
  • We maintain audit logs for all PHI access
  • We conduct regular security assessments

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties that assist in operating the Service (e.g., cloud hosting, payment processing), bound by confidentiality obligations
  • Legal Requirements: When required by law, subpoena, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Data Security

We implement industry-standard security measures to protect your data, including:

  • TLS encryption for all data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication support
  • Regular security audits and penetration testing
  • Role-based access controls

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request a portable copy of your data

To exercise these rights, contact us at privacy@useblue.ai.

9. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. We do not use third-party advertising cookies. Analytics data is collected in aggregate form to improve the Service.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Continued use after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, contact us at:

privacy@useblue.ai

© 2026 Blue, Inc. All rights reserved.