Legal · Blue-IQ
Data Processing Agreement
Last updated 1 June 2026
This summary describes how Blue-IQ acts as a data processor on your behalf. A signable DPA is available for customers with data-protection requirements.
Roles
For personal data within the documents you upload, you are the controller and Blue-IQ is the processor, acting only on your documented instructions to provide the service.
Security measures
Blue-IQ maintains the technical and organisational measures described on our Security page, including encryption in transit and at rest, access control, and tenant isolation.
Sub-processors
We use a limited set of vetted sub-processors (cloud infrastructure and the AI model provider). The current list is maintained on our Sub-processors page, with advance notice of changes.
Breach notification
In the event of a personal-data breach, we will notify affected customers without undue delay and within 72 hours of becoming aware, with the information needed to meet your obligations.
Data subject requests
We assist you in responding to data-subject requests and, on termination, delete or return the personal data we process for you.
Request a signed DPA
Contact dpa@blue-iq.ai to execute a Data Processing Agreement.
This page is a plain-language summary and not a substitute for the executed agreement. For the binding document, contact our team.