Last Updated: August 2025
At BlueMont Aegis, your privacy and data security are foundational to our service. This Privacy Policy outlines in detail how we collect, use, store, share, and safeguard your information when you use our services, visit our website, or engage with us through other interactions. We are committed to full transparency and compliance with data protection laws such as the UK Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
1. WHO WE ARE
BlueMont Aegis is a cybersecurity and managed services platform operated by BlueMont Technologies Ltd, registered in the United Kingdom. Our mission is to deliver AI-driven, proactive, and streamlined security services tailored to modern businesses of all sizes. From threat detection to consultancy, we protect our users without creating unnecessary complexity.
2. INFORMATION WE COLLECT
2.1 Information You Provide to Us Directly
Full name, email address, phone number, and contact preferences
Business name, industry, role, and associated departments
Account login details, passwords, and usage preferences
Billing, payment, and financial transaction details
Correspondence through support tickets, chat, or surveys
Feedback, reviews, and testimonials
2.2 Information We Collect Automatically
IP address, browser type, and operating system
Referring and exit pages, time stamps, and session durations
Site usage patterns and behavioral interactions with features
Device identifiers and geolocation data (where applicable)
Server logs and diagnostic information collected for troubleshooting
2.3 Information from Third Parties
Data from CRM, marketing, or automation integrations
Identity data from Single Sign-On (SSO) platforms
Public business databases and enrichment services
Referrals from partners, vendors, or authorized resellers
3. HOW WE USE YOUR INFORMATION
We process your information for multiple legitimate business and operational purposes, including but not limited to:
Delivering and maintaining access to the BlueMont Aegis platform
Responding to support inquiries, feedback, and issue resolution
Enhancing user experience by analyzing usage patterns
Sending updates, feature announcements, newsletters, and offers
Generating usage analytics to inform service improvements
Billing, account management, invoicing, and collections
Enforcing legal rights, terms of service, and user safety
Conducting security reviews and risk management audits
4. LEGAL BASES FOR PROCESSING
We rely on various legal grounds under the GDPR and UK data laws:
Consent: You have explicitly agreed to data collection for a specific purpose
Contractual Necessity: Required to fulfill a contract or agreement
Legitimate Interests: For business purposes like fraud prevention, service optimization, and platform security
Legal Obligation: Compliance with laws, such as tax reporting or legal requests
5. DATA SHARING & DISCLOSURE
We do not and will not sell your personal data. However, your data may be disclosed to trusted third parties, only under specific circumstances:
Subcontractors providing secure hosting, cloud storage, email delivery, or analytics
Payment processors and financial institutions handling billing
Legal or regulatory authorities when compelled by court order
Business partners with whom you initiate a third-party integration
Prospective buyers in the case of a business acquisition, merger, or asset sale Each third-party partner is subject to strict data handling agreements and compliance reviews.
6. INTERNATIONAL DATA TRANSFERS
Data may be stored or processed in jurisdictions outside your country, including the United Kingdom, European Economic Area (EEA), and the United States. We use legal mechanisms to ensure protection during international transfers, such as:
Standard Contractual Clauses (SCCs)
UK International Data Transfer Agreement (IDTA)
Data Processing Agreements (DPAs) with all vendors
Binding corporate rules and encryption protocols
7. DATA RETENTION
We retain information only as long as necessary to fulfill our legal, regulatory, and operational obligations. Our general retention policy includes:
Billing and transaction records: 7 years (for financial compliance)
Support tickets and email logs: 2 years after resolution
Inactive user accounts: Deleted 12 months after inactivity
Marketing consent data: Retained until revoked
Aggregated or anonymized data: Retained indefinitely for research
8. YOUR DATA RIGHTS
Under applicable data protection laws, you are entitled to the following rights:
Right to Access: Request a copy of the personal data we hold about you
Right to Rectification: Request corrections to incorrect or outdated information
Right to Erasure: Request deletion of data where it is no longer necessary
Right to Restriction: Ask us to suspend processing under certain conditions
Right to Object: Opt-out of specific data uses such as direct marketing
Right to Portability: Receive your data in a structured, machine-readable format
Right to Withdraw Consent: At any time where processing is based on consent
Requests can be submitted by emailing [email protected]. We will respond within 30 days unless extended by law.
9. SECURITY MEASURES
Protecting your data is at the core of BlueMont Aegis. We implement strong technical and organizational safeguards:
AES-256 encryption for data at rest
TLS encryption for all data in transit
Secure access via MFA and RBAC
Isolated data environments and intrusion prevention systems
Regular penetration testing and vulnerability scanning
Real-time monitoring of all infrastructure components
All employees are subject to security training and strict access policies.
10. COOKIES & TRACKING TECHNOLOGIES
Our website and platform use cookies and tracking tools to personalize content, analyze traffic, and serve advertisements. Types include:
Essential Cookies: Allow you to navigate the website and access features
Performance Cookies: Measure how users interact with content
Functional Cookies: Remember preferences and login credentials
Marketing Cookies: Tailor ads based on your browsing behavior You may configure cookie preferences via your browser or our consent manager.
11. THIRD-PARTY LINKS
Our website may contain links to external websites or services not owned or controlled by BlueMont Aegis. We are not responsible for their privacy practices. You are encouraged to review third-party privacy notices before sharing information.
12. CHILDREN’S PRIVACY
Our platform is intended solely for business use by individuals aged 16 and above. We do not knowingly collect personal data from children. If we become aware of data collected from minors, we will take immediate steps to delete it.
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy periodically to reflect changes in technology, regulations, or services. Updates will be reflected by a new “Effective Date” at the top of this policy. Material changes will be notified via email or in-platform alerts.
You are encouraged to review this policy regularly to stay informed about how we protect your information.
14. CONTACT US
If you have any questions, requests, or concerns regarding this Privacy Policy or how your personal data is handled, please reach out to us at [email protected]
At BlueMont, protecting your digital identity and safeguarding your data is not just a policy—it’s a promise.