Blue Raven, Inc (“Blue Raven, Inc”, “we”, “our”, “us”) is a security-and-privacy startup incorporated in British Columbia, Canada and headquartered in Vancouver, BC.
This policy describes how we collect, use, disclose and protect personal information on:
blueravenhome.com (the “Site”); and any publicly-available pre-launch marketing pages for our forthcoming mobile application (the “App”).
| Category | Examples | Source | Mandatory? |
|---|---|---|---|
| Information you provide | name, email, phone, company, any other details you include when you: (i) submit a contact form; (ii) request a demo; (iii) correspond with us. | You | Only the fields marked “required” on forms |
| Automatically collected data | IP address, browser type, device identifiers, date/time, pages viewed, referring page. | Standard web logs & privacy-centred analytics | Yes – automatically captured |
| Cookies & similar tech | Strictly-necessary cookies (e.g., session, security) and privacy-first analytics cookies. No cross-site advertising cookies are set. | Your browser | Necessary cookies: Yes; analytics cookies: optional |
We do not intentionally collect sensitive categories (race, religion, precise location, biometrics, or financial account numbers) on the Site.
| Purpose | Legal basis* |
|---|---|
| Provide, secure and troubleshoot the Site | Legitimate interest |
| Respond to enquiries and demo requests | Consent / pre-contractual steps |
| Improve our content and security posture | Legitimate interest |
| Comply with legal obligations (e.g., security incident reporting) | Legal obligation |
If you are located in the EU/UK we rely on the enumerated GDPR bases; elsewhere we rely on analogous provisions in BC PIPA and PIPEDA.
We never sell personal information. We share it only with:
Service providers instructed under confidentiality (e.g., ISO 27001-certified hosting, email delivery, privacy-first analytics).
Authorities or advisors where required to comply with law, enforce agreements, or protect rights.
All service providers are contractually bound to use data only for Blue Raven, Inc’s purposes and to apply appropriate security measures.
Our primary servers are in Canada. Some providers operate in other jurisdictions; where that results in cross-border transfers we use mechanisms such as Standard Contractual Clauses or equivalent safeguards.
Security is at the core of our business. We employ:
TLS 1.3 encryption in transit; encrypted-at-rest storage; least-privilege, role-based access; continuous vulnerability management and third-party penetration testing.
No internet transmission or storage system is 100% secure, but we strive to exceed industry best practice.
We retain personal information only as long as necessary for the purposes in section 4, after which we securely delete or irreversibly anonymise it. Server logs are kept for ≤90 days unless required for security investigations.
British Columbia / Canada – You may request access to, or correction of, personal information we hold about you under BC PIPA and PIPEDA.
EU / UK – GDPR rights to access, rectify, erase, restrict, object, and data portability.
California – If our traffic includes California residents, CCPA rights to know, delete and opt-out of “sale” (we do not sell data).
You can exercise rights at any time via the contact methods in section 12. We will respond within 30 days (or any shorter period required by applicable law).
The Site is not directed to children under 13. We do not knowingly collect their personal information. If you believe we have done so, please contact us and we will delete it promptly.
The Site may link to third-party pages (e.g., social media, press articles). We are not responsible for those sites’ privacy practices. Review their policies before providing information.
Privacy Officer
Blue Raven, Inc.
820 Millbank, Vancouver British Columbia V5Z 3Z4
Canada
You may also write to the Office of the Information & Privacy Commissioner for British Columbia if you feel your concerns have not been addressed.
We may update this policy to reflect changes in technology, law or our practices. Material changes will be announced on the Site at least 15 days before taking effect, with the “effective date” updated accordingly.