Privacy Policy

Last updated: 4 March 2025

BlueSphere Security Ltd is committed to protecting your personal information. This Privacy Policy explains how we collect, use, process, and disclose information when you use our website or the BlueSphere PTaaS Platform.

I. Who We Are

BlueSphere Security Ltd ("BlueSphere", "we", "our", or "us") is a cybersecurity company registered in England and Wales, providing penetration testing as a service (PTaaS) solutions through our BlueSphere PTaaS Platform. We operate the website at bluesphere.dev.

BlueSphere is the data controller of personal information collected through the Site and Platform. For questions about this Privacy Policy, please contact us at Service@bluesphere.dev.

II. Information We Collect

A. Information You Provide Directly

We collect personal information you provide when you contact us, create an account, request a demo, attend events, or communicate via the Platform — including your name, job title, company, email address, and phone number.

B. Information Collected Automatically

When you visit our Site, we automatically collect your IP address, device type, operating system, browser type, pages visited, access times, clickstream data, and cookie identifiers. See our Cookie Policy for full details.

C. Information from Third Parties

We may receive information from B2B data enrichment providers, professional social media platforms (such as LinkedIn), event organisers, and analytics or advertising partners.

D. Security and Assessment Data

When you use the BlueSphere PTaaS Platform, we may process security-related data including vulnerability reports, penetration test findings, source code, API specifications, and compliance data. Processing of this data is governed primarily by your Customer Agreement.

III. Legal Basis for Processing (UK GDPR)

We process your personal data on the following legal bases:

  • Contract performance — To provide the services in your Customer Agreement and manage your account.
  • Legitimate interests — To improve our Site, conduct marketing, and protect our systems.
  • Legal obligation — To comply with applicable laws and regulations.
  • Consent — For newsletters, certain cookies, and optional communications.

IV. How We Use Your Information

  • Create and manage your account and provide the BlueSphere PTaaS Platform.
  • Respond to your enquiries, requests, and support tickets.
  • Process security assessments, vulnerability reports, and compliance analyses.
  • Send service-related communications, security alerts, and product updates.
  • Communicate about products, services, and events of interest (with consent or legitimate interest).
  • Analyse usage trends and improve the Site and Platform.
  • Comply with our legal and regulatory obligations.

V. How We Share Your Information

We do not sell your personal information. We may share it with:

  • Service providers (AWS, analytics tools) subject to data processing agreements.
  • Professional advisers such as lawyers and accountants.
  • Competent authorities or law enforcement where required by law.
  • Successor entities in the event of a merger, acquisition, or sale.
  • Other parties with your prior written consent.

BlueSphere does not disclose customer security findings, vulnerability data, or confidential assessment results to any third party, except as required by law or agreed in your Customer Agreement.

VI. International Data Transfers

The BlueSphere PTaaS Platform is hosted on AWS infrastructure. Where we transfer personal data outside the UK or EEA, we use Standard Contractual Clauses (SCCs) approved by the ICO or European Commission, adequacy decisions, or other legally recognised transfer mechanisms.

VII. Data Security & Retention

We implement encryption in transit and at rest, access controls, multi-factor authentication, and regular penetration testing to protect your data. No method of internet transmission is 100% secure — you transmit data to us at your own risk.

We retain personal information as long as necessary to fulfil collection purposes, comply with legal obligations, and enforce agreements. When no longer required, data is securely deleted or anonymised.

VIII. Your Rights Under UK GDPR

Subject to applicable law, you have the following rights:

  • Access — Request a copy of your personal information.
  • Rectification — Request correction of inaccurate or incomplete data.
  • Erasure — Request deletion in certain circumstances.
  • Restriction — Request we restrict processing of your data.
  • Portability — Receive your data in a machine-readable format.
  • Object — Object to processing based on legitimate interests or marketing.
  • Withdraw Consent — At any time where processing is consent-based.
  • Complaint — Lodge a complaint with the UK ICO at ico.org.uk.

To exercise any right, contact us at Service@bluesphere.dev. We will respond within one calendar month.

IX. Marketing & Age Restrictions

You may opt out of marketing communications at any time by clicking the unsubscribe link in any email or contacting us at Service@bluesphere.dev. The Site and Platform are not directed at individuals under the age of 18.

X. Changes to this Policy

We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, for material changes, provide prominent notice via the Platform or by email.

XI. Contact Us

Service@bluesphere.dev

bluesphere.dev

BlueSphere Security Ltd — Registered in England and Wales

Experienced a breach?
Our experts are ready to respond swiftly, contain the threat, and restore your security.

Get immidiate assistance
Bluesphere

From Every Angle, Across Every Sphere  We Secure It All.

BlueSphere Security LTD
71-75 Shelton Street, Covent Garden,
London  WC2H 9JQ
Call - 02039542075
Service@BlueSphere.dev

Copyright © 2025 BlueSphere Security LTD. All Rights Reserved.

Platform
BluePlatform
BlueAI
Api Security
Compilance
Solutions
Vulnerability Management
Penetration Testing
Api Security Solutions
Attack Surface Management
Company
Privacy Policy
Terms of Service
Vulnerability disclosure policy
Pricing