Book a call

Privacy Policy

How we collect, use, and protect your information.

Last updated: April 7, 2026

This Privacy Policy describes how Bluite LLC ("Bluite," "we," "us," or "our") and its affiliate Bluite SAS collect, use, disclose, and protect your personal information when you visit our website at bluite.co and use our commission management platform (collectively, the "Service"). By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Data Controllers

The data controllers responsible for processing your personal information are:

  • Bluite LLC -- a limited liability company incorporated in the State of Delaware, United States.
  • Bluite SAS -- a simplified stock company (sociedad por acciones simplificada) organized under the laws of the Republic of Colombia.

These entities jointly determine the purposes and means of processing your personal data. When we refer to "Bluite" throughout this policy, we mean both entities acting as joint controllers unless the context requires otherwise.

2. Information We Collect

2.1 Account and Registration Data

When you create an account or request a demo, we collect information such as your full name, email address, company name, job title, phone number, and any other details you voluntarily provide during the registration or onboarding process.

2.2 Commission and Sales Data

To deliver the core functionality of our platform, we process data that your organization uploads or integrates into the Service, including sales performance records, commission structures, incentive plan parameters, payout calculations, and related financial data ("Customer Data"). You remain the owner and controller of your Customer Data; we process it solely on your behalf as a data processor in accordance with our agreements with you.

2.3 Usage Data

We automatically collect certain information when you interact with the Service, including your IP address, browser type and version, operating system, device identifiers, pages visited, features used, clickstream data, session duration, and referring URLs.

2.4 Cookies and Similar Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to operate the Service, remember your preferences, analyze usage patterns, and improve our offerings. For details on the specific cookies we use and how to manage them, see Section 9 below.

2.5 Communications Data

When you contact us via email, our contact form, or live chat, we collect the contents of your messages, your contact information, and any attachments you provide.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: To provide, maintain, and improve the commission management platform, including processing calculations, generating reports, and enabling integrations.
  • Account management: To create and manage your account, authenticate your identity, and provide customer support.
  • Analytics and improvement: To understand how users interact with the Service, identify trends, diagnose technical issues, and develop new features.
  • Communications: To send transactional emails (e.g., account confirmations, security alerts), respond to inquiries, and, with your consent, send marketing communications about product updates and relevant content.
  • Legal compliance: To comply with applicable laws, regulations, and legal processes, and to enforce our terms and protect our rights.
  • Security: To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activities.

4. Legal Bases for Processing

We process your personal data based on one or more of the following legal grounds:

  • Contract performance: Processing is necessary to fulfill our contractual obligations to you or to take pre-contractual steps at your request.
  • Legitimate interests: Processing is necessary for our legitimate business interests, such as improving our Service, ensuring security, and conducting analytics, provided these interests do not override your fundamental rights.
  • Consent: Where required by law, we obtain your prior, express, and informed consent before processing your data (e.g., for marketing communications or non-essential cookies).
  • Legal obligation: Processing is necessary to comply with legal or regulatory requirements.

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your data with the following categories of recipients only as described below:

  • Service providers: Trusted third-party vendors who perform services on our behalf, such as cloud hosting, data analytics, email delivery, payment processing, and customer support. These providers are contractually bound to protect your data and use it only for the purposes we specify.
  • Affiliated entities: Between Bluite LLC and Bluite SAS as needed to operate the Service and provide support across regions.
  • Legal requirements: When we are required to disclose your information by law, regulation, legal process, or governmental request, or when disclosure is necessary to protect our rights, safety, or property, or the rights, safety, or property of others.
  • Business transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy proceeding, your information may be transferred as part of the transaction. We will notify you of any such change and any choices you may have.

6. International Data Transfers

Because Bluite operates through entities in both the United States and Colombia, your personal data may be transferred between these jurisdictions. When transferring data internationally, we implement appropriate safeguards to ensure an adequate level of protection, including:

  • Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses or equivalent mechanisms to safeguard transfers of data from the European Economic Area, the United Kingdom, or Switzerland.
  • Intra-group agreements: Data shared between Bluite LLC and Bluite SAS is governed by internal data processing agreements that establish consistent privacy protections.
  • Regulatory compliance: For transfers involving Colombian personal data, we comply with the cross-border transfer requirements established by Colombia's Ley 1581 de 2012 and its regulatory decrees, as supervised by the Superintendencia de Industria y Comercio (SIC).

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by applicable law. Specifically:

  • Account data is retained for the duration of your active account and for a reasonable period thereafter to allow for account reactivation or to comply with legal obligations.
  • Customer Data (commission and sales data) is retained in accordance with the terms of your service agreement. Upon termination, we will delete or return your Customer Data within the period specified in our agreement.
  • Usage data is typically retained for up to 24 months for analytics purposes, after which it is anonymized or deleted.
  • Communications data is retained for as long as necessary to resolve your inquiry and for a reasonable period thereafter.

8. Your Rights

8.1 Rights Under the GDPR (European Economic Area, UK, Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) and applicable local law:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete personal data.
  • Erasure: Request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
  • Restriction: Request that we limit the processing of your data in certain circumstances.
  • Portability: Receive your personal data in a structured, commonly used, and machine-readable format, and transmit it to another controller.
  • Objection: Object to processing based on legitimate interests or for direct marketing purposes.
  • Withdraw consent: Where processing is based on consent, withdraw your consent at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint: File a complaint with the relevant supervisory authority in your jurisdiction.

8.2 Rights Under Colombian Law (Ley 1581 de 2012 -- Habeas Data)

If your personal data is processed under Colombian jurisdiction, you have the following rights under Ley 1581 de 2012 and its regulatory decrees:

  • Access (Conocer): Know, update, and rectify your personal data held by Bluite. You may request access to your data at any time free of charge.
  • Update and rectification (Actualizar y rectificar): Request correction of personal data that is partial, inaccurate, incomplete, fragmented, or misleading.
  • Deletion (Suprimir): Request deletion of your personal data when it is not being processed in accordance with applicable legal and regulatory principles, or when a court order or administrative decision mandates its deletion.
  • Revoke authorization (Revocar): Revoke the authorization you have granted for the processing of your personal data.
  • File complaints (Presentar quejas): File a complaint with the Superintendencia de Industria y Comercio (SIC) if you believe your rights under Ley 1581 de 2012 have been violated, after first exhausting the consultation procedure directly with Bluite.

To exercise any of these rights, please contact us at hola@bluite.co. We will respond to your request within the timeframes established by applicable law (typically 15 business days, extendable by 8 additional business days under Colombian law, or one month under the GDPR).

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

  • Strictly necessary cookies: Essential for the operation of the Service, such as session management and security tokens. These cannot be disabled.
  • Functional cookies: Remember your preferences and settings (e.g., language, region) to enhance your experience.
  • Analytics cookies: Help us understand how visitors interact with the Service by collecting aggregated usage data. We use these insights to improve performance and user experience.
  • Marketing cookies: Used to deliver relevant advertisements and measure the effectiveness of marketing campaigns. These are only set with your consent.

9.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling certain cookies may affect the functionality of the Service. You can also manage your cookie preferences through our cookie consent banner when you first visit the site.

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Access controls and role-based permissions limiting data access to authorized personnel.
  • Regular security assessments, vulnerability testing, and monitoring.
  • Employee training on data protection and security best practices.
  • Incident response procedures to promptly address security breaches.

While we strive to protect your data, no method of transmission or storage is completely secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections and promptly addressing any incidents.

11. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without appropriate parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at hola@bluite.co.

12. Third-Party Links

The Service may contain links to third-party websites, applications, or services that are not operated by Bluite. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you interact with.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on this page with a revised "Last updated" date and, where appropriate, by sending you an email notification. We encourage you to review this policy periodically.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Bluite LLC
State of Delaware, United States

Bluite SAS
Republic of Colombia

For matters related to Colombian data protection law, you may also contact the Superintendencia de Industria y Comercio (SIC) at www.sic.gov.co.