Privacy Policy

Last updated: March 1, 2026

1. Introduction

Bluepolar LLC ("Bluepolar," "we," "us," or "our") provides a security posture management platform for data warehouses. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our platform and services (collectively, the "Service"). This policy applies to all users of the Service, including account holders, team members, and visitors to our website.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, organization name, and password. If you sign up via SSO, we receive your name and email from your identity provider.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, timestamps, browser type, and IP address.

Data Warehouse Metadata

When you connect your data warehouse, the Service queries metadata such as role hierarchies, user configurations, network policies, access controls, and security settings. We analyze this metadata to generate security scores and recommendations. We do not access or store your actual data warehouse contents.

Payment Information

Payment processing is handled by a third-party payment processor. We do not directly collect or store credit card numbers or bank account details. Our payment processor may share with us limited information such as the last four digits of your card, billing address, and transaction status.

Identity Provider Data

If you configure an identity provider (IdP) integration, we may receive user and group directory information from your IdP for the purpose of mapping access controls and provisioning.

3. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Analyze your data warehouse security configuration and generate security scores and recommendations.
  • Process payments and manage your subscription.
  • Send transactional communications such as account verification, billing notices, and security alerts.
  • Respond to your requests and provide customer support.
  • Detect, prevent, and address technical issues and security incidents.

4. How We Share Information

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties that help us operate the Service, including payment processors, database infrastructure providers, and cloud hosting providers. These providers are contractually obligated to protect your information.
  • Legal Requirements: When required by law, regulation, legal process, or enforceable governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • With Your Consent: When you explicitly authorize us to share information.

5. Data Security

We implement industry-standard security measures to protect your information. Data warehouse connection credentials are encrypted at rest using AES-256 encryption. All data transmitted between your browser and our servers is protected with TLS encryption. We regularly review our security practices and update them as necessary.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. If you request account deletion, we will delete your personal information within 30 days, except where we are required to retain it for legal or compliance purposes. Cached data warehouse metadata is retained only for the duration needed to deliver the Service and is refreshed on a regular schedule.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete information.
  • Deletion: Request that we delete your personal information.
  • Export: Request a portable copy of your data in a commonly used format.
  • Objection: Object to certain processing of your information.

To exercise any of these rights, contact us at legal@bluepolar.io.

8. Cookies & Tracking

We use minimal cookies necessary for the operation of the Service, including session cookies for authentication and preference storage. We may use analytics tools to understand how the Service is used. We do not use third-party advertising trackers.

9. Third-Party Services

The Service integrates with third-party services including data warehouse providers, payment processors, and identity providers. When you use these integrations, the respective third party's privacy policy applies to the data they process. We encourage you to review their policies.

10. Children's Privacy

The Service is not directed at individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. We take appropriate safeguards to ensure your information is protected in accordance with this Privacy Policy regardless of where it is processed.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service prior to the changes taking effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us at legal@bluepolar.io.

Bluepolar LLC
New Jersey, United States

See also our Terms of Service.