Blue Guardrails

General Privacy Policy

Information about data protection and your rights

This General Privacy Policy ("Policy") explains how Blue Guardrails GmbH ("Blue Guardrails," "we," "us" and "our") collects, uses, shares and processes Personal Data.

The following describes how Blue Guardrails processes, collects, manages, uses and shares Personal Data in connection with business and business relationships with customers, users, visitors, applicants, event attendees, etc. Personal Data is defined in the General Data Protection Regulation (GDPR) as "any information relating to an identified or identifiable natural person."

Scope

This General Privacy Policy explains user rights and choices related to the Personal Data that Blue Guardrails collects:

  • when users visit or use any of Blue Guardrails' websites, social media pages, online events, online advertisements or marketing communications (hereinafter referred to as "Online Properties"),
  • when users visit, interact with or use any of Blue Guardrails' offices, events, sales, marketing or other non-web related activities (hereinafter referred to as "Properties").

Unless otherwise stated, Blue Guardrails determines the purposes and means of processing Personal Data as described in this Privacy Policy.

How to Contact Blue Guardrails

Blue Guardrails GmbH is the data controller within the meaning of the GDPR and other data protection laws or regulations that apply in the member states of the European Union.

If you have any questions or concerns about this Policy, please contact:

info [at] blueguardrails.com

Information Blue Guardrails Collects & How It's Collected

Blue Guardrails collects Personal Data and other information from users or customers directly, and from third parties.

Personal Data Users and Customers Provide Directly

Blue Guardrails collects Personal Data when users or customers voluntarily provide it. This may occur, for example, when signing up for our newsletter, downloading whitepapers, filling out contact forms, participating in webinars, training courses and events.

The Personal Data collected by Blue Guardrails may include personal contact information, professional information, such as name, employer name, address or job title, telephone number or email address, user IDs, contact preferences, and billing/transactional data.

Blue Guardrails also collects Personal Data entered by users when completing "free text" fields in forms.

In this category, Blue Guardrails obtains Personal Data usually from the following sources:

  • Contacting us by phone, email or otherwise – When users communicate with Blue Guardrails via our contact page, complete surveys, or fill out any "free" fields, users provide content, full name, email address, job title, and company name.
  • Social Media Pages – Through users' use of social media and/or other websites such as GitHub, YouTube or LinkedIn, depending on users' settings or the privacy policies of these websites. To change settings on these services, please refer to their respective privacy notices.

Cookies and Automatic Data Collection on the Website

Blue Guardrails currently does not use cookies for automatic collection of Personal Data.

How Blue Guardrails Uses Information Collected

Blue Guardrails may use customer or user information for the following purposes:

  • Communications and Transaction Processing – Blue Guardrails uses customer and user Personal Data for communication purposes, to respond to customer and user requests, process transactions, and provide the information requested, which may include financial, credit card, and payment information.
  • Offering and Facilitating Certain Services and Interaction Possibilities – Blue Guardrails uses customer and user Personal Data to offer certain services, such as providing downloads of whitepapers or offering a newsletter.
  • Conferences and Events – Blue Guardrails and its partners may use customer and user Personal Data to conduct and communicate about events and post-events. This may also include sharing attendance information with conference sponsors and partners, where legally permitted to do so. If a partner or conference sponsor directly requests customer or user Personal Data, the information will be handled per their privacy practices.
  • Manage Customer Experience – Blue Guardrails uses customer and user Personal Data to maintain accurate contact and cataloging data, deliver support, and offer products, services, and features.
  • Marketing and Advertising – Blue Guardrails may use customer or user Personal Data to provide advertising in accordance with customer and user privacy preference settings and applicable law.
  • Facilitate and Evaluate Use of Online Properties – Blue Guardrails uses customer and user Personal Data to provide Online Properties, facilitate use of the Online Properties, such as navigation, logging in, and enhancing security in order to improve quality, evaluate page response rates and personalize content.
  • Business Operations – Blue Guardrails uses customer and user Personal Data to conduct ordinary business operations, such as business research, corporate reporting, staff training, quality assurance, and general outreach.
  • Third Party Social Networks – Blue Guardrails may use Personal Data to interact with customers or users on third party social networks (subject to that network's terms of use).
  • Research and Innovation – Blue Guardrails uses customer and user Personal Data to develop new products, features, and services via research and development tools.
  • Complying with Law – Blue Guardrails uses customer and user Personal Data as required to comply with applicable laws, regulations, and government and law enforcement requests.
  • Other Legitimate Business Purposes – We may use Personal Data when it is necessary for other legitimate purposes, such as protecting Blue Guardrails' confidential and proprietary information.

How Blue Guardrails Shares Information

Blue Guardrails shares customer and user Personal Data with the following parties, subject to appropriate contractual obligations:

Service Providers

Blue Guardrails may share customer and user Personal Data with third parties, such as vendors, consultants, agents and other service providers, such as IT and system administration, for the purpose of processing transactions, marketing and research, targeted advertising, training, customer support, and data enrichment as described below.

Blue Guardrails service providers are contractually required to safeguard personal data received and are prohibited from using Personal Data for any purpose other than to perform the services as instructed by Blue Guardrails. These service providers may be located outside of the EEA, in the U.S. or other locations worldwide.

Blue Guardrails protects Personal Data per this Policy wherever it is processed and takes appropriate measures to protect Personal Data under applicable laws, including implementing the European Commission's standard contractual clauses and relying on the European Commission's adequacy decisions about certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

Legal Basis for Processing Information

Blue Guardrails uses customer and user Personal Data only in a lawful, apparent, and reasonable manner and processes the data only under the following conditions in accordance with the stated legal bases:

  • Blue Guardrails processes data in accordance with Art. 6 I a GDPR only consistent with the user's specific revocable consents;
  • Blue Guardrails processes data in accordance with Art. 6 I b GDPR only when necessary to prepare, enter into, or fulfill a contract;
  • processing occurs in accordance with Art. 6 I c GDPR, i.e., only when necessary to comply with legal obligations;
  • processing occurs in accordance with Art. 6 I d GDPR, i.e., only when necessary to protect the vital interests of customers and users or other persons; and
  • as necessary for the legitimate interests of Blue Guardrails in accordance with Art. 6 I f GDPR, such as management of customer experience, facilitating and evaluating use of Online Properties, business operations, marketing and advertising (if applicable), research, innovation or security.

Data Retention

Blue Guardrails retains Personal Data collected in connection with Online and Offline Properties for as long as necessary to fulfill the purposes outlined in this Privacy Policy or where there is an ongoing, legitimate business need to do so.

International Data Transfers

A user's Personal Data may also be transferred to, accessed, stored and processed in countries other than the country in which the person resides. As an internationally operating company, Blue Guardrails processes Personal Data in countries outside the European Economic Area ("EEA"), including the USA.

These countries may have data protection laws that differ from the laws of the country where the person resides. We have taken adequate security precautions to ensure that such Personal Data remains protected in accordance with this Policy, and we have established adequate mechanisms to protect Personal Data in agreements with Blue Guardrails' service providers, such as use of the European Commission's standard contractual clauses in accordance with Art. 46 Para. 2 lit. c GDPR.

Privacy Rights and Choices

Users have the following rights:

  • You may request information about the Personal Data stored by Blue Guardrails.
  • You may request correction, deletion and restriction of processing of Personal Data.
  • You may complain to Blue Guardrails about the processing of Personal Data.
  • You may object to the processing of Personal Data at any time, in which case Blue Guardrails will no longer process Personal Data unless there are compelling legitimate reasons that outweigh customer or user interests.
  • You may complain to any data protection supervisory authority, in particular in the Member State in which the customer or user is resident, if it is suspected that the processing of data is in breach of GDPR or other data protection legislation.

At the customer's or user's request, and as required by law:

  • Blue Guardrails will inform of what Personal Data is stored;
  • Blue Guardrails will amend or correct Personal Data or any previous privacy preferences the customer or user selected;
  • and/or Blue Guardrails will delete Personal Data.

To exercise your rights, please contact Blue Guardrails via info [at] blueguardrails.com.

Blue Guardrails uses reasonable efforts to delete Personal Data as required and retains records necessary to comply with governmental authority or applicable federal, state, or local laws. Where legally permitted, Blue Guardrails may decline to process requests that are excessively repetitive or methodical, require unreasonable technical effort, or risk the privacy of others.

If Blue Guardrails is unable to resolve your concerns, users have the right to contact their local data privacy supervisory authority or seek a remedy through the courts if the users believe their requests to exercise privacy rights have not been honored.

Security

Blue Guardrails is committed to protecting the security of Personal Data. We use appropriate technical and organizational measures to protect Personal Data from unauthorized access, use, or disclosure. Despite these measures, Blue Guardrails cannot eliminate security risks associated with Personal Data, and mistakes and security breaches may occur.

Changes to this Policy

This Privacy Policy is subject to occasional revision. If substantial changes are made in the way Blue Guardrails uses Personal Data, appropriate measures will be taken to inform customers, consistent with the significance of the changes made, and Blue Guardrails will provide notice of any material Policy changes where required by applicable data protection laws.

Effective Date: October 15, 2025