Privacy Policy
This policy explains how Blue Lifeline handles personal data when you visit this website or contact us. Blue Lifeline provides water-benefit verification and registry services for corporate water-disclosure teams. This website is informational: there is no account sign-up, no online form, and no payment processing.
1. Who we are
This website, Blue Lifeline, is operated by Vallar Ltd (“Vallar”, “we”, “us”, “our”), the controller of the personal data described in this policy. Vallar Ltd is based in the United Kingdom.
For any question about this policy or your personal data, contact us at privacy@bluelifeline.org.
2. What this policy covers
This policy applies to visitors to this website and to people who contact us by email. Where we later process personal data on behalf of a customer under a contract, that processing is governed by that contract; the customer is responsible for its own privacy notice.
3. The personal data we process
- Information you send us. If you email us — including through the “Request a conversation” link — we receive your name, your email address, and anything else you choose to include.
- Technical logs. Our hosting provider automatically records standard server logs, such as IP address, browser type, the pages requested, and the date and time of access, in order to deliver and secure the site.
We do not ask for, or intentionally collect, special-category (sensitive) personal data. Please do not send it to us.
4. Cookies, analytics and tracking
This website does not use cookies, analytics, advertising, or third-party tracking. Fonts are served from this website itself, so no data is shared with font providers. If we add analytics or a contact form in future, we will update this policy and add a consent mechanism where required.
5. How we use personal data, and our lawful bases
- To respond to your inquiry and correspond with you — our legitimate interests, and taking steps at your request before any contract.
- To operate, maintain and secure this website — our legitimate interests.
- To comply with the law — our legal obligations.
Where we rely on legitimate interests, we do so only where they are not overridden by your rights and interests.
6. How we share personal data
- Providers acting on our instructions as processors — our website hosting provider and our email provider.
- Professional advisers — for example legal and accounting advisers, where needed.
- Authorities — where we are required to by law.
We do not sell personal data, and we do not share it for advertising.
7. International transfers
Some of the providers we use to host this website and handle our email may process personal data outside the UK or the EEA. Where that happens, we rely on a safeguard recognized under UK and EU data protection law — such as an adequacy decision, the UK International Data Transfer Agreement or Addendum, the European Commission’s Standard Contractual Clauses, or the EU–U.S. and UK Data Privacy Framework where the provider is certified. You can ask us for more information about the safeguards we use.
8. How long we keep personal data
We keep personal data only for as long as we need it for the purposes set out in this policy. In practice, we keep email correspondence for as long as needed to deal with your inquiry and any ongoing relationship, and for a reasonable period afterwards in case of follow-up, disputes, or legal claims. Standard server logs are kept by our hosting provider for a limited period for security and operational purposes. When we no longer need personal data, we delete it or keep it only as the law requires.
9. Security
We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, and disclosure. No method of transmission or storage is completely secure.
10. Your rights
If you are in the UK or EEA, you may have the right to access, correct, erase, restrict, or port your personal data, to object to processing based on legitimate interests, and to withdraw consent where we rely on it. You may also complain to a supervisory authority — in the UK, the Information Commissioner’s Office (ICO).
If you are a resident of California or another US state with privacy rights, you may have the right to confirm, access, correct, delete, and obtain a copy of your personal data, to opt out of the sale or sharing of personal data (we do not sell or share it), and not to be discriminated against for exercising your rights.
To exercise any of these rights, email privacy@bluelifeline.org. We may need to verify your identity before we respond.
11. Children
This website is intended for business users and is not directed to children under 16. We do not knowingly collect personal data from children.
12. Changes to this policy
We may update this policy from time to time. When we do, we will change the “Last updated” date above and, where required, provide further notice.
13. Contact
Questions, or to exercise your rights: privacy@bluelifeline.org.