Legal
Last updated: April 15, 2026
Blotwise is a product operated by BYKAR PLASTİK MAKİNA KALIP İTHALAT İHRACAT SANAYİ TİCARET LİMİTED ŞİRKETİ ('we', 'us', or 'our'). We provide an AI data loss prevention platform consisting of a Chrome browser extension and a web-based administration dashboard available at blotwise.com. For the purposes of GDPR, we act as a data processor on behalf of your organization (the data controller) with respect to your employees' personal data.
When you register, we collect your email address and full name. This data is stored in our Supabase-hosted database and is used to provide and administer your account.
The browser extension monitors text input on configured AI tool websites and compares it against your organization's DLP policies. When a policy violation is detected:
Administrative actions (inviting members, changing roles, updating policies) are recorded in an audit log tied to your organization for security and accountability purposes.
We may collect standard server logs including IP addresses, browser type, and request timestamps for security monitoring and fraud prevention. This data is retained for up to 30 days.
We process personal data under the following lawful bases as defined under GDPR Article 6: (a) Contract — processing necessary to perform the Service you or your organization subscribed to; (b) Legitimate Interests — security monitoring, fraud prevention, and abuse investigation, where our interests are not overridden by your rights; (c) Legal Obligation — where we are required to retain or disclose data by applicable law. Where we rely on legitimate interests, you may object to such processing by contacting us at privacy@blotwise.com.
We process personal data only for the following purposes:
We do not sell, rent, or trade your personal data, except as described below. We share data only with the following vetted sub-processors, each operating under a data processing agreement:
Blotwise is not responsible for the privacy practices of these third-party processors beyond our contractual obligations. We may update our list of sub-processors and will provide reasonable notice of material changes. Additionally, in the event of a merger, acquisition, or sale of all or substantially all of our assets, your personal data may be transferred to the acquiring entity, subject to the same protections described in this Policy.
The Service is intended for use by organizations and their adult employees. It is not directed at, and we do not knowingly collect personal data from, individuals under the age of 18. If you become aware that a minor has provided us with personal data, please contact us at privacy@blotwise.com and we will take steps to delete such data.
We retain your account data for as long as your account is active. Incident logs are subject to the retention limits of your plan. Upon account deletion, we will make reasonable efforts to remove your personal data from our primary systems within 30 days; residual copies in backups may persist for up to 90 days before being overwritten. Some data may be retained for longer periods where required by law or for legitimate security purposes.
If you are located in the European Economic Area, you may have the following rights subject to applicable law and our verification of your identity:
To exercise any of these rights, contact us at privacy@blotwise.com. We will respond within 30 days. We reserve the right to verify your identity before processing any request and to decline requests that are manifestly unfounded or excessive.
We use only strictly necessary cookies required for authentication and maintaining your session (Supabase session cookies). We do not use advertising, tracking, or third-party analytics cookies on our dashboard. See our Cookie Policy for full details.
We implement reasonable technical and organizational measures to protect your data, including encryption of sensitive configuration values at rest and transmission of all data over HTTPS/TLS. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You use the Service at your own risk and are responsible for maintaining the security of your account credentials.
The Blotwise Chrome extension:
We use sub-processors that may store or process personal data outside the European Economic Area (EEA), including in the United States and the United Kingdom. Where such transfers occur, we rely on appropriate safeguards as required by applicable data protection law, including Standard Contractual Clauses (SCCs) adopted by the European Commission, or other lawful transfer mechanisms. By using the Service, you acknowledge that your personal data may be transferred to and processed in countries outside your own.
The Service performs automated analysis of text input to detect potential policy violations. This automated processing does not constitute a decision producing legal or similarly significant effects within the meaning of GDPR Article 22. The output of automated analysis is a technical enforcement action configured and controlled by your organization's administrator — Blotwise does not make independent automated decisions about individuals. No profiling for purposes other than DLP policy enforcement takes place.
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page and, where required by law, notify you by email or prominent notice on our website. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy. We encourage you to review this page periodically.
To the maximum extent permitted by applicable law, Blotwise shall not be liable for any loss, damage, or harm arising from unauthorized access to or disclosure of your data caused by your failure to maintain the security of your account, the actions of third parties, or circumstances beyond our reasonable control. Our liability in connection with data processing is subject to the limitations set out in our Terms of Service.
For privacy-related requests, data subject rights, or questions about this policy, contact us at: privacy@blotwise.com