Blueleaf has aligned our policies and procedures with the General Data Protection Regulation (GDPR). This page provides a high-level summary. We are aware of our obligations as a sub-processor under the GDPR and will remain committed to helping to support our partners and customer’s compliance efforts.
Right to Access
You have a right to request a copy of the Personal Information that Blueleaf holds.
Right to Rectification
If you believe that any Personal Information that Blueleaf holds is incorrect, you have the right to correct that information.
Right to Erasure, Restriction, or Objection to Processing
If you believe we do not have the right to process your information or you object to our processing for a particular purpose, or if you want us to erase your Personal Information altogether, we are happy to comply.
Right to Withdraw Consent
If you gave us consent to process your Personal Information for a particular purpose, you have the right to withdraw that consent.
You have the right to obtain the Personal Information that you have directly submitted to Blueleaf in a format you can transfer to another service provider.
We have processes in place to honor data subject requests. Blueleaf will export, correct, or delete data upon request by a customer. If we receive a request directly from a customer, we will work with the customer and associated processor of data.
Blueleaf uses third party sub-processors, such as cloud computing providers to provide our services. We enter into GDPR-compliant data processing agreements with each subprocessor, extending GDPR safeguards everywhere personal data is processed.