Blue Orchid.

Legal

Privacy Policy

Effective June 1, 2026

This policy explains what information Blue Orchid (“we”, “us”) collects when you use blueorchid.world and the applications we build and operate. It applies to the main Blue Orchid site and to any Blue Orchid application that links to this policy, including OAuth applications that access data from services like Google on your behalf.

Information you provide

We collect information you give us directly, such as when you:

  • Subscribe to our newsletter (email address).
  • Submit an intake, consulting inquiry, or lead-capture form (name, email, company, and any details you include).
  • Book a call through our scheduling tools (name, email, and calendar information).
  • Authorize one of our applications to connect to a third-party service such as Google, Slack, or similar (see Connected services below).

Information collected automatically

When you visit the site we collect limited technical information to operate and improve it:

  • Basic analytics (page views, referrer, device type, country) through Google Analytics.
  • Standard server logs for reliability and abuse prevention (IP address, user agent, timestamps).
  • Local-storage values used to remember your preferences on the site (for example, which persona view you selected). These stay on your device and are not sent to our servers.
  • Website visitor identification technologies that may associate your visit with business contact details (see Website visitor identification below).

Website visitor identification

We use a website visitor identification service (RB2B) to help us understand which businesses and professionals are interested in our work so that we can follow up. As part of this:

When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email addresses.

You may opt out of receiving this advertising by visiting app.retention.com/optout. Visitors in the EU and UK may also opt out of this data collection under GDPR at rb2b.com/rb2b-gdpr-opt-out. We also honor browser-based opt-out signals such as Global Privacy Control (GPC).

Connected services (OAuth and integrations)

Some Blue Orchid applications connect to third-party services such as Google (Gmail, Drive, Calendar), Slack, Notion, or similar tools. When you authorize one of these connections:

  • We request only the scopes required for the feature you are using and nothing more.
  • Access tokens are stored encrypted and used only to perform the actions you requested.
  • Data retrieved from a connected service is not sold, shared with advertisers, or used to train general-purpose AI models.
  • You can revoke access at any time from the connected service's security or permissions page (for Google, that is myaccount.google.com/permissions). Revoking access removes our ability to read further data.

Use of Google user data conforms with the Google API Services User Data Policy, including the Limited Use requirements.

How we use information

  • To deliver the products and services you request.
  • To respond to inquiries, schedule calls, and send the newsletter you subscribed to.
  • To understand how the site is used and improve content and performance.
  • To prevent fraud, abuse, and security incidents, and to meet legal obligations.

Service providers

We use a small set of trusted vendors to run our services. Each processes data on our behalf under its own security and privacy controls:

  • Vercel (site hosting and serverless functions).
  • Supabase (database and application storage).
  • Beehiiv (newsletter delivery).
  • Calendly (scheduling).
  • Google Analytics (site analytics).
  • RB2B (website visitor identification).
  • Cloud AI providers (for example, Anthropic and OpenAI) used inside our applications to process prompts and content on your behalf.

Other than the website visitor identification described above, we do not sell personal information, and we do not share it with third parties for their own marketing.

Data retention

We keep information only as long as needed for the purpose it was collected or as required by law. Newsletter subscriptions are kept until you unsubscribe. Consulting and intake records are kept for the life of the client relationship plus a reasonable archive period. OAuth tokens are revoked when you disconnect a service or stop using the application.

Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights, email us at the address below. We will verify your identity and respond within a reasonable timeframe.

You can unsubscribe from the newsletter at any time using the link in any email.

Security

We use industry-standard measures to protect information, including encryption in transit (HTTPS), encrypted storage for secrets and tokens, and access controls limiting who on our team can read your data. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.

Children

Our services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided information to us, contact us and we will delete it.

Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the effective date above and, if the change is significant, by a notice on the site or email to active users.

Contact

Questions about this policy or your data? Email us at privacy@blueorchid.world.

See also our Terms of Service.