Privacy Policy

BlueRoots (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

By using BlueRoots, you consent to the data practices described in this policy. If you do not agree, please discontinue use of our services.

Account Information

When you create an account, we collect your name, email address, organization name, and authentication credentials. We also collect information you provide during onboarding and throughout your use of the platform.

Campaign Data

We store the content of your SMS, email, and voice campaigns, including message templates, contact lists, and campaign performance metrics.

Contact Information

We store the voter and constituent contact information you upload or collect through our platform, including phone numbers, email addresses, and associated metadata.

Usage Data

We automatically collect information about how you interact with our platform, including pages visited, features used, time spent, and other diagnostic data.

Payment Information

Payment processing is handled by Stripe. We do not store full credit card numbers. We retain transaction records and billing history as required for accounting and compliance.

• To provide, maintain, and improve our platform and services
• To process transactions and manage your account
• To send service-related communications, including updates and security alerts
• To provide customer support and respond to inquiries
• To detect, prevent, and address technical issues, fraud, or abuse
• To comply with legal obligations and enforce our Terms of Service
• To analyze usage patterns and improve user experience

We do not sell your personal information or campaign data. We share data only:

• With service providers: We use trusted third-party services (Stripe for payments, Infobip for message delivery, and cloud hosting providers) solely to operate our platform.
• For message delivery: Contact information is transmitted to messaging providers (Infobip) solely for delivering your campaigns.
• For legal compliance: We may disclose information if required by law, subpoena, or to protect our rights, safety, or property.
• With your consent: We will share information for any other purpose only with your explicit consent.

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security assessments. Our infrastructure aligns with SOC 2 standards.

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

We retain your account information and campaign data for as long as your account is active or as needed to provide services. If you delete your account, we will delete or anonymize your data within 90 days, except where retention is required by law or for legitimate business purposes (such as financial records).

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we correct inaccurate or incomplete data.
• Deletion: Request deletion of your personal data.
• Portability: Request transfer of your data to another service.
• Objection: Object to processing of your personal data.

To exercise any of these rights, contact us at privacy@blueroots.io. We will respond within 30 days.

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies. For more details, see our Cookie Policy.

BlueRoots is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us immediately.

Your information may be transferred to and processed in the United States and other countries where our servers or service providers are located. We ensure appropriate safeguards are in place for such transfers in accordance with applicable law.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the platform. Continued use of BlueRoots after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@blueroots.io

Mail: BlueRoots, c/o Heimdall Strategy, [Address available upon request]