Privacy Policy

1. About this Privacy Policy

This Privacy Policy describes the practices of BluSky Technology Services LLC, a limited liability company subject to the investigatory and enforcement powers of the Federal Trade Commission and trading at 11150 West Olympic Blvd. Suite 810, Los Angeles, CA 90064 (hereafter “BluSky” or “we”) and the rights and choices available to individuals, regarding personal data. Personal data means any information that relates to an identifiable individual.

The Policy applies to all subsidiaries and branches of BluSky to the extent that they process personal data. However, this Privacy Policy does not apply to Blusky’s processing of the personal data of its personnel, such as employees and contractors.

BluSky treats all personal data which it receives through its websites, portals, and any other means with due care and is dedicated to safeguarding any personal data it receives. BluSky complies with applicable Federal and State data protection laws and regulations in the United States, including the California Consumer Privacy Act (CCPA), the Federal Trade Commission (FTC) Act, Children’s Online Privacy Protection Act (COPPA, and Gramm-Leach-Bliley Act (GLBA).

BluSky complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. To learn more about the Data Privacy Framework (DPF) program, please visit https://www.dataprivacyframework.gov.

This Privacy Policy explains what personal data we collect, how we process it, the reasons for processing it, and the measures we take to protect your personal information. It applies to, merchants and partners, consumers or payees involved in any transaction with Blusky’s payment platform and visitors to Blusky’s websites and portals.

2. Personal Data

BluSky processes information we receive from you, including personal and financial data provided when you or your business use our services, submit inquiries, or communicate with us by any electronic or physical means.

Examples include name, address, email, phone number, nationality, card or bank details, billing information, purchase data, and related transaction information. Personal data is further divided into the following categories:

  • Cardholder Data includes a customer’s Primary Account Number (PAN), cardholder name and expiration date.
  • Sensitive Authentication Data refers to supplemental data that helps to authenticate cardholder identities. Examples include CVV2 data and account

    • PINs.

  • Personally Identifiable Information (PII) refers to data that can be used to uniquely identify an individual. PII includes direct identifiers such as a customer’s full name or ID number, as well as indirect identifiers such as a customer’s address, date of birth, and IP address.

3. Sensitive Data

BluSky does not collect, or process sensitive information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic, health, or biometric information, information about sex life or sexual orientation, or criminal convictions or offenses, unless required by law or directly necessary to provide a service.

If collected, such data is handled with heightened safeguards in accordance with applicable U.S. and E.U. privacy laws.

4. What We Do With Your Personal Data?

BluSky processes personal data solely for legitimate business purposes, including:

  • Administration – verifying identity and managing customer accounts
  • Customer relationship management – improving user experience and service quality
  • Fraud prevention and security – preventing identity theft and unauthorized transactions
  • Compliance – fulfilling obligations under U.S. laws and regulatory requirements
  • Marketing and communications – providing updates and promotional offers (opt-out available)

5. Who We Share Your Data With and Why?

BluSky may share personal data under strict confidentiality with:

  • Payment Processors: For the purposes of processing transactions online, payment processors require a customer’s Cardholder Data and Sensitive Authentication Data.
  • Fraud Prevention Services: PII associated with customer purchase are forwarded to fraud prevention services to help BluSky detect and prevent fraudulent transactions.
  • Technical Service Providers: BluSky utilizes service providers for Information and Communication Technology infrastructure. Personal data transmitted to service providers for this purpose is minimized only to what is expressly required to implement a given business function. Access to this personal data is restricted to a need-to-know basis in accordance with the principle of least privilege and is protected by encryption, both in transit and at rest.
  • Regulatory Bodies: Regulatory bodies may require BluSky to turn over personal data to review or audit our regulatory compliance. Such bodies may include industry groups such as the Payment Card Industry Security Standards Council or financial supervisory authorities such as a nation’s Central Bank. Personal data shared in this manner is minimized only to what is expressly required to comply with the relevant regulation and pseudonymized or anonymized to the greatest extent possible.
  • Government & Law Enforcement: BluSky will disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

N.B. Under no circumstance does any transmissions of personal data in the scenarios described above result in the sale, rent or leasing of the personal data to a third party. Under no other circumstances does BluSky ever sell, rent, or lease your personal data to third parties.

Blusky remains responsible and liable under the DPF Principles if third parties process personal data in a manner inconsistent with those Principles, unless we can prove that we are not responsible for the event giving rise to the damage.

We require all third parties receiving personal data to provide at least the same level of privacy protection as required under the DPF Principles and to process the data only for limited and specified purposes consistent with the individual’s consent.

6. Cookie Policy

BluSky uses cookies and similar tracking technologies to improve your online experience and ensure optimal website functionality. Cookies are small data files placed on your device to store preferences and session information, taking the form of:

  • Functional Cookies – these enable essential site functionality such as user login, language preferences, and navigation efficiency. They may also store personal settings like saved logins or session preferences
  • Analytics Cookies – we use analytics tools (such as Google Analytics) to measure site performance, track user activity, and identify popular pages. These cookies collect aggregated, anonymized information and do not identify individual users
  • Third-party/Social Media Cookies – these enable integration with external platforms (e.g., Facebook, LinkedIn, Twitter). They allow you to share pages or content and may inform these platforms that you visited our site

You can disable or remove cookies through your browser settings. For more information, visit; www.allaboutcookies.org or the support section of your internet browser.

7. Data Security

We implement physical, electronic, and administrative safeguards to protect personal data from unauthorized access or disclosure. This includes encryption, secure servers, and restricted employee access. While we strive for complete security, no transmission method is 100% secure, and users share information at their own risk.

8. Data Retention

BluSky retains personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law. Retention periods vary depending on the type of data and legal requirements under U.S. Federal or State laws.

In general terms, we will retain your personal data for the duration of your involvement with BluSky and for as long as reasonably necessary afterwards.

9. Your Rights

You may be afforded certain rights according to the privacy laws of your nation or region of resident. These include, but are not limited to, U.S. privacy laws such as CCPA COPPA & GLBA, and EU privacy laws such as GDPR. These rights may include:

  • Access, correct, or delete your personal information
  • Request disclosure of the categories of data we collect
  • Opt-out of data sharing for commercial purposes

To exercise these rights, you may contact us by email at: support@bluskysvc.com

In compliance with the EU-U.S. DPF, BluSky commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact BluSky at: support@bluskysvc.com

In compliance with the EU-U.S. DPF, BluSky commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgement of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.

BluSky is obliged to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to your organization and following the procedures and subject to conditions set forth in Annex I of Principles. For more information on this principle, please visit: https://www.dataprivacyframework.gov/framework-article/G–Arbitration-Procedures

10. Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us data, we will promptly delete it in accordance with applicable law, such as The Children’s Online Privacy Protection Act (COPPA), which gives parents control over what information websites can collect from their children.

11. Contact Us

For questions, complaints, or to exercise your rights under this policy, contact us at:
BluSky Technology Services LLC 11150 W Olympic Blvd, Suite 810 Los Angeles, CA 90064,
USA – email: support@bluskysvc.com