Effective Date: April 30, 2025
At BluChip, we prioritize security and are committed to surpassing industry standards when it comes to safeguarding your data’s privacy and security.
Infrastructure
Our services are fully hosted in the cloud, and we do not manage our own routers, load balancers, DNS servers, or physical servers. Our infrastructure is built on secure data centers that adhere to rigorous security standards and comply with a variety of industry certifications.
Data Centers
BluChip Scout operates out of data centers that provide 24/7 physical security, state-of-the-art fire suppression systems, redundant utilities, and biometric access control to ensure the safety of your data.
Network Security
We take extensive measures to protect your data and prevent unauthorized access. All network traffic is encrypted using SSL/HTTPS, the most widely trusted and secure communications protocol on the internet.
System Security
We are committed to continuous improvement in securing your data. Our systems are regularly updated and patched, and we ensure system consistency with configuration management, up-to-date images, and continuous deployment.
Security Operations
We monitor our systems 24/7 to quickly detect and address any potential security threats. If we identify an issue, we take swift action to resolve it and prevent future occurrences.
Restricted Access
Access to production systems is tightly controlled and limited only to key members of the BluChip Scout engineering team. We enforce strict policies against the use of passwords to further enhance security.
Application-Level Security
We physically separate our database instances from application servers to minimize the risk of unauthorized access.
Account Cancellation
If you decide to cancel your account, we ensure that your data remains secure. Contact your account manager or our Customer Success team to cancel your account, which will immediately disable access to BluChip Scout. Upon request, we will also delete all data associated with your account.
DDoS Attack Protection
We use Cloudflare’s globally distributed and intelligent always-on DDoS protection to shield our services from potential attacks.
Data Encryption at Rest
All user data, including passwords, is encrypted at rest using strong encryption algorithms provided by our database provider, AWS, ensuring that your information is always protected.
Disaster Recovery
We regularly back up critical assets and test the restoration process to ensure rapid recovery in the event of a disaster. All backups are encrypted for additional security.
Payment Processing
BluChip outsources all payment processing to Stripe, a PCI Level 1 Service Provider, ensuring that your payment information is securely handled. We do not collect or store any payment information ourselves and are therefore not subject to PCI obligations.
GDPR Compliance
BluChip is committed to maintaining compliance with the General Data Protection Regulation (GDPR), which governs data protection and privacy for all individuals within the European Union.
CCPA Compliance
BluChip ensures full compliance with the California Consumer Privacy Act (CCPA), which grants privacy rights and protections to residents of California.
We continually review our security practices to ensure that your data remains protected and that we meet the highest standards of privacy and compliance.