Data Protection Contact Information
Blue State maintains the following records of its data processor information and its Data Protection Officer, as part of its GDPR and general data compliance program.
Data Processor Information
Blue State Digital Inc.
41 Flatbush Ave, Brooklyn NY 11217
Tel: +1(646) 205-1155
Data Protection Officer Information
Please contact [email protected] to reach our Data Protection Officer.
1. Information Collection
Information You Provide To Us
When you use the Site, we or our service providers may collect Personal Information (information that could reasonably be used to contact you or to identify you personally) such as your name, e-mail address, telephone number, mobile phone number, or mailing address. We may also collect demographic and profile data (e.g., age, gender). We or our service providers may also may also collect payment card data you provide through the Site.
Information Collected Automatically
Usage Information. Whenever you visit or interact with the Site, Blue State, as well as any third-party advertisers and/or service providers, may use a variety of technologies that automatically or passively collect information about how the Site is accessed and used (“Usage Information”). Usage Information may include, in part, browser type, operating system, the page served, the time, and the preceding page views. This statistical data provides us with information about the use of the Site, such as how many visitors visit a specific page on the Site, how long they stay on that page, and which hyperlinks, if any, they “click” on. This information helps us keep our website fresh and interesting to our visitors and tailor Site content to a visitor’s interests.
Device Identifiers. Blue State may also automatically collect your IP address or other unique identifier (“Device Identifier”) for the computer, mobile device, technology or other device (collectively, “Device”) you use to access the Site. A Device Identifier is a number that is automatically assigned to your Device when you access a web site or its servers, and our computers identify your Device by its Device Identifier. We may use a Device Identifier to, among other things, administer the Site, help diagnose problems with our servers, analyze trends, track users’ web page movements, help identify, and gather broad demographic or firmagraphic information for aggregate use.
Cookies; Pixel Tags. The technologies used on the Site to collect Usage Information, including Device Identifiers, may include but are not limited to: cookies (data files placed on a Device when it is used to visit the Site), mobile analytics software and pixel tags (transparent graphic image, sometimes called a web beacon or tracking beacon, placed on a web page or in an email, which indicates that a page or email has been viewed). Cookies may also be used to associate you with social networking sites like Facebook and Twitter and, if you so choose, enable interaction between your activities on the Site or Quick Donate, and your activities on such social networking sites. We, or our vendors, may place cookies or similar files on your Device for security purposes, to facilitate site navigation and to personalize your experience while visiting our Site (such as allowing us to select which content, ads or offers are most likely to appeal to you, based on your interests, preferences, location, or demographic or firmagraphic information). A pixel tag may tell your browser to get content from another server. Similarly, we use Google Analytics to help us track and analyze usage of our Site, using cookies, pixels and other tracking technologies.
To learn how you may be able to reduce the number of cookies you receive from us, or delete cookies that have already been installed in your browser’s cookie folder, please refer to your browser’s help menu or other instructions related to your browser. If you do disable or opt out of receiving cookies, please be aware that some features and services on our Site may not work properly because we may not be able to recognize and associate you with your account(s). In addition, the offers we provide when you visit us may not be as relevant to you or tailored to your interests. Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so note that our systems are not configured to recognize Do Not Track headers or signals from some or all browsers.
You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser.
For more information on advertising using cookies and how to opt out of advertising cookies specifically, please see Targeted Advertising below.
Information Received from Other Sources
We may also receive information about you from our clients, partners and service providers, (including, for example, business partners, analytics vendors, advertising networks and search information providers). To provide our services Blue State may license online data from third party data providers (including website owners, app owners, data aggregators) and make this data available to our clients. This data is called “Third Party Data”. Blue State uses this Third Party Data to create data segments associated with certain interests, behaviors, and attributes (for example, an interest in non-profits or political campaigns). These data segments are associated with cookies and advertising identifiers, so that clients can send relevant advertisements to consumers on their computers and other mobile devices.
2. How We Use the Information Collected
Any information you submit on the Site will be used for a variety of business purposes, including for example, to: respond to your questions and requests; provide you with access to certain areas and features of the Site; verify your identity; communicate with you about your activities on the Site; tailor content, advertisements, and offers we serve you; market research, Site analytics and operations; improve the Site and for internal purposes; contact you with regard to your use of the Site, and, in our discretion, changes to any Blue State policy; and for purposes disclosed at the time you provide your Personal Information or otherwise with your consent.
3. Sharing of Information
Third Parties. In order to carry out your requests, to make various features, services and materials available to you through the Site, and to respond to your inquiries, we may share your Personal Information with third parties that perform functions on our behalf, such as companies or individuals that: host or operate our Site; analyze data; provide customer service; advertisers; sponsors or other third parties that participate in or administer our promotions. Your Personal Information may also be used by us or shared with our affiliates, sponsors, partners, advertisers or other third parties, including lead generation companies to provide you with product information and promotional and other offers.
Business Transfers. Your Personal Information may also be used by us or shared with our subsidiaries, affiliates and other entities in the family of companies controlled by WPP for internal reasons, primarily for business and operational purposes. As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or all or substantially all of our assets, or assets related to the Site, Personal Information, Usage Information, and any other information that we have collected about the users of the Site may be disclosed to such entity as part of the due diligence process and will be transferred to such entity as one of the transferred assets. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.
Legal Disclosure. Blue State may transfer and disclose information, including your Personal Information, Usage Information and Device Identifier, (including IP address), to third parties to comply with a legal obligation; when we believe in good faith that the law requires it; at the request of governmental authorities conducting an investigation; to verify or enforce our Terms and Conditions or other applicable policies; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, visitors to our Site or the public.
4. Targeted Advertising
If you do not want to receive the benefits of targeted advertising, you may opt out of some network advertising programs that use your information by visiting the NAI Opt-Out Page at http://www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance consumer choice page at www.aboutads.info/choices. Please note that even if you choose to remove your information (opt out), you will still see advertisements while you’re browsing online. However the advertisements you see may be less relevant to you and your interests. Additionally, many network advertising programs allow you to view and manage the interest categories they have compiled from your online browsing activities. These interest categories help determine the types of targeted advertisements you may receive. The NAI Opt-Out Page and the DAA consumer choice page provide mechanisms to opt out of receiving cookies from those companies. Please note that if you opt-out of targeted advertising, we may still track your visits to the Site for our own analytics, operations and security purposes.
5. Your Choice and Access
You may always direct us not to share your Personal Information with third parties, not to use your Personal Information to provide you with information or offers, or not to send you newsletters, e-mails or other communications by: (i) sending us an e-mail at [email protected]; (ii) contacting us by mail at 41 Flatbush Avenue, 8th Floor, Brooklyn, NY 11217 USA, or (iii) following the removal instructions in the communication that you receive. Your opt-out request will be processed within 30 days of the date on which we receive it.
If you wish to verify, correct, or update any of your Personal Information collected through the Site, you may contact us at the above address or e-mail. In accordance with our routine record keeping, we may delete certain records that contain Personal Information you have submitted through the Site. We are under no obligation to store such Personal Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Personal Information. In addition, you should be aware that it is not always possible to completely remove or delete all of your information from our databases without some residual data because of backups and other reasons.
The Site is not directed to children under 13. We do not knowingly collect Personal Information from anyone under 13 years of age. If we determine upon collection that a user is under this age, we will not use or maintain his/her Personal Information without the parent/guardian’s consent.
7. Security of Your Information
We use certain reasonable security measures to help protect your Personal Information. However, no electronic data transmission or storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure or warrant the security of any information you transmit to us, and you use the Site and provide us with your information at your own risk.
8. Other Sites
The Site may contain links to other sites that we do not own or operate. This includes links from service providers, advertisers, sponsors and partners that may use our logo(s) as part of a co-branding agreement. We do not control, recommend or endorse and are not responsible for these sites or their content, products, services or privacy policies or practices. These other web sites may send their own cookies to your Device, they may independently collect data or solicit Personal Information and may or may not have their own published privacy policies. You should also independently assess the authenticity of any site which appears or claims that it is one of our Sites (including those linked to through an email or social networking page).
9. Consent to Processing
The Site is governed by and operated in, and in accordance with the laws of the United States. We make no representation that the Site is governed by or operated in accordance with the laws of any other nation. If you are located in the European Union, Canada or elsewhere outside of the United States, please be aware that information we collect may be transferred to and processed in the United States. By using the Site, or providing us with any information, you (a) acknowledge that the Site is subject to the laws of the United States, (b) consent to the collection, processing, maintenance and transfer of such information in and to the United States and other applicable territories in which the privacy laws may not be as comprehensive as or equivalent to those in the country where you reside and/or are a citizen, and (c) waive any claims that may arise under those laws.
Terms & Conditions
These Terms & Conditions apply to use of the web site located at the URL: www.bluestate.co (the “Site”) – whether accessed via computer, mobile device or other technology. The Site is offered by Blue State Digital Inc. (“Blue State”, “we”, “us”, “our”). The Site is governed by the Terms and Conditions set forth below, as well as any applicable laws, statutes, ordinances and regulations. By browsing, visiting or otherwise accessing or using the Site, you agree to abide by the Terms and Conditions set forth below. We reserve the right, at any time, to modify or update these Terms and Conditions, and you agree to be bound by such modifications or updates.
The Site is for your personal and informational use only. Any other use requires our prior written consent.
The Site and the content on the Site including all content, video, audio, data and other information, are owned by Blue State, its clients, or its content suppliers and are protected by copyright and other intellectual property laws. Absent the prior written consent of Blue State or the owner of such materials, you agree not to copy, distribute, modify or make derivative works of any materials on the Site without the prior written consent of the owner of such materials. All rights not granted under these Terms and Conditions are reserved by Blue State.
You may not use spiders, robots, data mining techniques or other automated devices or programs to catalog, download, store or otherwise reproduce, store or distribute content available on the Site. You may not resell access to the Site, or any content contained within the Site, to any third party. You may not use the Site for your own commercial purposes (other than considering or engaging in business with Blue State) without the prior written consent of Blue State.
For the convenience of users of the Site, Blue State may permit one or more links to other websites from time to time. The internet websites to which links are provided in the Site are not under the control of Blue State. Blue State assumes no responsibility for the contents of any non-Blue State linked internet website, or for any potential damage arising out of or in connection with the use of any such link.z
In addition, the existence of a link between the Site and any other website is not and shall not be understood to be an endorsement by Blue State of the owner or proprietor of the linked internet website, nor an endorsement of Blue State by the owner or proprietor of such linked website.
THE SITE, INCLUDING ALL CONTENT MADE AVAILABLE ON OR ACCESSED THROUGH THE SITE, IS PROVIDED “AS IS” AND Blue State MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER FOR THE CONTENT ON THE SITE. FURTHER, TO THE FULLEST EXTENT PERMISSIBLE BY LAW, BLUE STATE DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, NON-INFRINGEMENT, TITLE, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WE DO NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SITE OR ANY MATERIALS OR CONTENT CONTAINED THEREIN WILL BE COMPLETELY SECURE, UNINTERRUPTED OR ERROR FREE, THAT DEFECTS WILL BE CORRECTED, OR THAT THE SITE OR THE SERVER THAT MAKES IT AVAILABLE IS FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. WE SHALL NOT BE LIABLE FOR THE USE OF THE SITE, INCLUDING, WITHOUT LIMITATION, THE CONTENT AND ANY ERRORS CONTAINED THEREIN PROVIDED BY THIRD PARTIES. IN NO EVENT WILL BLUE STATE BE LIABLE UNDER ANY THEORY OF TORT, CONTRACT, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR OTHER CONSEQUENTIAL DAMAGES, LOST PROFITS, LOST DATA, LOST OPPORTUNITIES, COSTS OF COVER, EXEMPLARY, PUNITIVE, PERSONAL INJURY/WRONGFUL DEATH, EACH OF WHICH IS HEREBY EXCLUDED BY AGREEMENT OF THE PARTIES REGARDLESS OF WHETHER OR NOT WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Because some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages, some of the above limitations may not apply to you. In such jurisdictions, Blue State’s liability is limited to the greatest extent permitted by law.
Indemnity. You agree to defend, indemnify and hold harmless Blue State, its officers, directors, employees, business partners and agents, from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including but not limited to attorney’s fees) arising from: (i) any breach by you of any of these Terms and Conditions, (ii) your use of materials or features available on the Site (except to the extent a claim is based upon infringement of a third party right by materials created by Blue State or (iii) a violation by you of applicable law or any agreement or terms with a third party to which you are subject.
Governing Law. The laws of the State of New York shall govern these Terms and Conditions. YOU HEREBY EXPRESSLY CONSENT TO EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS LOCATED IN NEW YORK COUNTY, NEW YORK FOR ALL MATTERS ARISING IN CONNECTION WITH THESE TERMS AND CONDITIONS OR YOUR ACCESS OR USE OF THE SITE.
Any claims asserted by you in connection with the Site must be asserted in writing to Blue State within one (1) year of the date such claim first arose, or such claim is forever waived by you. Each claim shall be adjudicated individually, and you agree not to combine your claim with the claim of any third party.
Severability. If any part of these Terms and Conditions shall be held or declared to be invalid or unenforceable for any reason by any court of competent jurisdiction, such provision shall be ineffective but shall not affect any other part of these Terms and Conditions.
Waiver; Remedies. The failure by Blue State to partially or fully exercise any rights or the waiver of any breach of these Terms and Conditions by you, shall not prevent a subsequent exercise of such right by us or be deemed a waiver by us of any subsequent breach by you of the same or any other term of these Terms and Conditions. Blue State’s rights and remedies under these Terms and Conditions shall be cumulative, and the exercise of any such right or remedy shall not limit our right to exercise any other right or remedy.
Contact Information. If you have any questions or concerns regarding these Terms & Conditions, please contact us at:
Attn: Blue State Legal Department
Address: 41 Flatbush Ave, 8th Floor, Brooklyn, NY 11217 USA
Re: Blue State Website Terms & Conditions
Telephone: (+1) 646.205.1155
E-Mail: [email protected]
Responsible Disclosure Policy
Blue State (“We”, “Us”, “Our”) appreciates and values the identification and reporting of security vulnerabilities carried out by well-intentioned, ethical security researchers (“You”).
This vulnerability disclosure policy applies to any vulnerabilities you are considering reporting to us. We recommend reading this vulnerability disclosure policy fully before you report a vulnerability and always acting in compliance with it.
We do not offer a bug bounty program or monetary rewards for responsible disclosures and compensation requests will not be considered in compliance with this Responsible Disclosure Policy.
If you believe you have found a security vulnerability, please submit your report to us using the following email address: [email protected]
Your report should include details of:
- The website, domain, IP or page where the vulnerability can be observed.
- Steps to reproduce which should be a benign, non-destructive, proof of concept. This helps to ensure that the report can be triaged quickly and accurately.
If you have any concerns or queries with regard to reporting, please email [email protected] for advice.
What to expect
We aim to confirm receipt of your vulnerability report within 5 working days and triage your report within 10 working days. We also aim to keep you informed of our progress and completion of any remediation activities. We may contact you if we require further information regarding your report.
Remediation of any reported vulnerabilities are assessed based upon their impact, severity and exploit complexity. Vulnerability reports might take some time to triage or address. You are welcome to enquire on the status but we ask that you avoid doing so more than once every 14 days to allow our teams to focus on the remediation.
You must NOT:
- Break any applicable law or regulations.
- Access unnecessary, excessive or significant amounts of data or modify data in our systems or services.
- Disrupt our services or systems, use high-intensity invasive or destructive scanning tools to find vulnerabilities or attempt any form of denial of service.
- Submit reports detailing non-exploitable vulnerabilities, or reports indicating that the services do not fully align with “best practice”, for example missing security headers.
- Submit reports detailing TLS configuration weaknesses, for example “weak” cipher suite support or the presence of TLS1.0 support.
- Social engineer, ‘phish’ or physically attack our staff or infrastructure.
- Demand financial compensation in order to disclose any vulnerabilities.
- Always comply with data protection rules and must not violate the privacy of our users, staff, contractors, services or systems. You must not, for example, share, redistribute or fail to properly secure data retrieved from the systems or services.
- Securely delete all data retrieved during your research as soon as it is no longer required or within 1 month of the vulnerability being resolved, whichever occurs first (or as otherwise required by data protection law).
This policy is designed to be compatible with common vulnerability disclosure good practice. It does not give you permission to act in any manner that is inconsistent with the law, or which might cause us to be in breach of any legal obligations.