Privacy Policy (EU & US)

Effective Date: June 15, 2026
Last Updated: June 15, 2026

BloApCo (“we,” “us,” or “our”) is committed to protecting the privacy and personal data of all individuals who visit our website, engage with our services, or otherwise interact with us.

We process personal data in accordance with applicable privacy laws, including:

  • The EU General Data Protection Regulation (EU GDPR),
  • The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018,
  • The U.S. state privacy laws, including the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), Virginia VCDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA, and other applicable U.S. laws,
  • Other relevant data protection regulations in jurisdictions where we operate.

This Global Privacy Notice explains how we collect, use, share, and protect your personal data across jurisdictions and how you can exercise your privacy rights, regardless of where you live.

We are the data controller for personal data collected via our website and services. In some cases, we may also act as a data processor when processing data on behalf of our clients.

1. Data Controller & EU Representative

BloApCo
1725 E. Delavan Drive
Janesville, Wisconsin 53546
Email: info@bloapco.com
Phone: (800) 959-0880

If required under Article 27 GDPR, we may designate an EU Representative, whose contact details will be made available here or upon request.

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Contact Information: name, email address, phone number, postal address (if provided).
  • Communications Data: inquiries, messages you send, feedback, requests.
  • Technical & Usage Data: IP address, browser type, device identifiers, operating system, pages visited, time stamps, referring URL, and other analytics data collected via cookies or similar technologies.
  • Marketing & Preference Data: your preferences for receiving communications or promotional content.

We do not intentionally collect sensitive personal data (e.g., health information, race, religion, sexual orientation) through this Website.

3. Legal Basis for Processing (GDPR)

Purpose Description Legal Basis
Service Delivery & Support Responding to inquiries, managing projects, and providing services Contract performance or legitimate interest
Marketing & Communication Sending newsletters, promotional updates (if opted in) Consent
Analytics & Improvement Monitoring and improving website performance and security Legitimate interest
Compliance & Protection Meeting legal obligations and protecting legal rights Legal obligation

When processing is based on consent, you can withdraw your consent at any time without affecting prior processing.

4. How We Use Personal Data

We use personal data to:

  • Respond to inquiries and provide requested services.
  • Operate, maintain, and improve the Website.
  • Send marketing communications (when consent has been given).
  • Analyze website usage and improve user experience.
  • Detect and prevent fraud, abuse, or security issues.
  • Comply with legal or regulatory requirements.

We will not use your personal data for purposes other than those described in this policy without your consent or legal permission.

5. Sharing & Disclosure

We may share your personal data with:

  • Service providers who support our operations (e.g., hosting, analytics, marketing tools).
  • Third-party platforms (e.g., social media integrations, advertising networks) where applicable.
  • Legal or regulatory authorities, when required to comply with the law.
  • Professional advisers under confidentiality obligations.

All third parties must process data securely and in compliance with GDPR Article 28.

6. International Transfers

If your personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Additional security measures, where required

You can request details of these safeguards at info@bloapco.com.

7. Data Retention

We retain personal data only as long as necessary for the purposes described, or to comply with legal obligations. Retention periods depend on:

  • The type of data,
  • The purpose of processing, and
  • Legal or regulatory requirements.

Data that is no longer required is securely deleted or anonymized.

8. Cookies & Tracking

We use cookies and similar technologies to:

  • Enable website functionality,
  • Analyze usage and performance,
  • Personalize content and marketing (where consented).

Non-essential cookies (e.g., analytics or advertising cookies) are only used if you give consent via our cookie banner. You can withdraw consent at any time via the banner or your browser settings.

See our Cookie Policy for details.

9. Your GDPR Rights

If you are in the EU/EEA, you have the following rights:

  • Access: to request a copy of your data.
  • Rectification: to correct inaccurate information.
  • Erasure: to request deletion (“right to be forgotten”).
  • Restriction: to limit processing in certain circumstances.
  • Portability: to receive data in a portable format.
  • Objection: to object to processing, including marketing.
  • Withdrawal of consent: at any time.
  • Complaint: to your local supervisory authority.

We will respond to rights requests within 30 days, extendable by 60 days for complex cases.

10. Marketing Opt-Out

You can opt out of marketing communications at any time by:

  • Clicking the “unsubscribe” link in marketing emails, or
  • Emailing info@bloapco.com with “Opt-Out of Marketing” in the subject line.

You may still receive service or legally required notifications.

11. Security Measures

We use technical and organizational measures to protect personal data, including:

  • SSL/TLS encryption,
  • Secure servers,
  • Access control,
  • Staff training,
  • Regular security assessments.

No system is completely secure, but we strive to protect your information with industry best practices.

12. Children’s Privacy

This Website is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If we learn we have inadvertently collected data from a child, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy periodically. If material changes are made, we will update the Last Updated date and, where appropriate, provide notice on the Website.

14. Contact Us

For questions or to exercise your rights under this policy:

BloApCo
N114W19125 Clinton Drive
Germantown, WI 53022
Email: info@bloapco.com
Phone: (800) 959-0880

If required, our EU Representative’s details will be provided here.

U.S. Privacy Rights Addendum

(For California, Virginia, Colorado, Connecticut, Utah residents)

This section supplements our Privacy Policy to comply with applicable U.S. state privacy laws, such as the California Consumer Privacy Act (CCPA/CPRA) and similar laws in other states.

A. Your U.S. Privacy Rights

Depending on your state, you may have the right to:

  • Know what personal information we collect and how we use it.
  • Access a copy of your personal information.
  • Request correction of inaccurate personal information.
  • Request deletion of your personal information.
  • Opt out of the sale or sharing of personal information (we do not sell data).
  • Limit the use or disclosure of sensitive personal information (if applicable).
  • Use an authorized agent to make a request on your behalf.
  • Not be discriminated against for exercising your privacy rights.

B. “Do Not Sell or Share” Disclosure

We do not sell or share personal information as defined under CCPA/CPRA.

If this changes in the future, we will update this policy and provide a clear opt-out mechanism.

C. Authorized Agent

If you are a California resident, you may designate an authorized agent to exercise your privacy rights. We may require verification of your identity and the agent’s authority to act on your behalf, as permitted by law.

D. How to Exercise Your Rights

To exercise your rights, email us at info@bloapco.com with “U.S. Privacy Request” in the subject line.

We will respond within 45 days (or 90 days for complex requests) as required by law.

E. Non-Discrimination

We will not deny services, charge different prices, or provide a different quality of service because you exercised your privacy rights.