Legal · Blue-IQ

Data Processing Agreement

Last updated 1 June 2026

This summary describes how Blue-IQ acts as a data processor on your behalf. A signable DPA is available for customers with data-protection requirements.

Roles

For personal data within the documents you upload, you are the controller and Blue-IQ is the processor, acting only on your documented instructions to provide the service.

Security measures

Blue-IQ maintains the technical and organisational measures described on our Security page, including encryption in transit and at rest, access control, and tenant isolation.

Sub-processors

We use a limited set of vetted sub-processors (cloud infrastructure and the AI model provider). The current list is maintained on our Sub-processors page, with advance notice of changes.

Breach notification

In the event of a personal-data breach, we will notify affected customers without undue delay and within 72 hours of becoming aware, with the information needed to meet your obligations.

Data subject requests

We assist you in responding to data-subject requests and, on termination, delete or return the personal data we process for you.

Request a signed DPA

Contact dpa@blue-iq.ai to execute a Data Processing Agreement.

This page is a plain-language summary and not a substitute for the executed agreement. For the binding document, contact our team.