BlueLux Pool Service

Privacy Policy

Last Updated: 3/1/2026

Introduction

BlueLux Pool Services ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our pool maintenance and cleaning services, visit our website, or interact with us through various channels.

Information We Collect

Personal Information

  • Contact information (name, address, phone number, email address)
  • Property information (pool specifications, access codes, special instructions)
  • Service history and preferences
  • Payment information (processed securely through third-party payment processors)
  • Emergency contact information

Automatically Collected Information

  • Website usage data and analytics
  • Device information and IP addresses
  • Service appointment data and locations
  • Communication records (emails, text messages, phone calls)

Financial Data Protection

Your Financial Security is Our Priority:

BlueLux never stores your financial information. All payment data, including bank account numbers, credit card details, and ACH information, is processed securely through Stripe, our PCI DSS Level 1 compliant payment processor. This means your sensitive financial data is protected by the highest industry security standards and never touches our servers.

Address Verification and Fraud Prevention

To protect you and prevent fraudulent activity, we may cross-verify your billing address with your service address. This verification process helps ensure:

  • Payment authenticity and reduces risk of unauthorized transactions
  • Accurate service delivery to the correct property
  • Protection against identity theft and payment fraud
  • Compliance with financial industry anti-fraud requirements

Data Jurisdiction and Storage

U.S.-Only Data Storage: All your personal and service information is stored exclusively within approved U.S. data centers. We do not transfer your data outside the United States, ensuring compliance with U.S. data protection standards and maintaining the highest level of security oversight.

How We Use Your Information

  • Provide and maintain pool cleaning and maintenance services
  • Schedule appointments and send service reminders
  • Process payments and manage billing through secure third-party processors
  • Verify addresses for fraud prevention and accurate service delivery
  • Communicate about service updates, weather-related changes, or emergency issues
  • Improve our services and customer experience
  • Comply with legal obligations and industry regulations
  • Send promotional offers and seasonal maintenance recommendations (with your consent)

SMS/Text Messaging

SMS Consent and Terms:

By providing your mobile phone number, you agree to receive SMS text messages from BlueLux Pool Services. These messages may include service reminders, appointment confirmations, billing notifications, weather alerts affecting your pool service, emergency communications, and promotional offers. Message and data rates may apply. Message frequency varies based on your service plan and seasonal needs.

You can opt out of receiving text messages at any time by replying "STOP" to any message. For help, reply "HELP" or contact us directly. Carriers are not liable for delayed or undelivered messages.

Data Sharing and Third Parties

Your Data Will NOT Be Shared:

We do not sell, rent, or share your personal information with third parties for their marketing purposes.Your contact information, service history, and personal data remain confidential and are used solely for providing our pool services to you.

Limited Sharing for Service Delivery

We may share information only in these specific circumstances:

  • Stripe Payment Processing: Payment data is securely transmitted to Stripe (PCI DSS Level 1 compliant) for processing. Stripe maintains the highest security certifications and never shares your financial data with us or other parties
  • Service providers who assist in delivering our services (scheduling software, communication platforms)
  • Legal compliance when required by law or to protect safety
  • Business transfers (only if ownership changes, with continued privacy protection)
  • Emergency situations affecting pool safety or property security

Data Security and Industry Standards

We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security framework includes:

Technical Safeguards

  • End-to-End Encryption: All data transmission and storage uses industry-standard AES-256 encryption
  • Multi-Factor Authentication: All staff accounts require strong authentication for system access
  • Role-Based Access Controls: Personal information access is restricted on a need-to-know basis
  • Regular Security Audits: Ongoing monitoring and testing of our security infrastructure
  • Secure API Integrations: All third-party connections use encrypted, authenticated channels

Financial Data Security

Your payment information benefits from Stripe's enterprise-grade security infrastructure, including PCI DSS Level 1 compliance, SOC 2 Type II certification, and continuous security monitoring. No financial data ever resides on our systems.

Security Compliance Framework

BlueLux is committed to maintaining the highest security standards. We align our practices with industry-leading frameworks to ensure comprehensive data protection:

  • SOC 2 Alignment: Our security controls align with SOC 2 Type II principles for security, availability, and confidentiality
  • ISO 27001 Practices: We follow ISO 27001 information security management best practices
  • NIST Framework: Our security approach incorporates NIST cybersecurity framework guidelines
  • Continuous Improvement: Regular security assessments and updates to maintain industry standards

While we are not formally certified under these frameworks, we maintain our security practices to align with these industry standards and continuously work toward formal compliance as our business grows.

Your Rights and Data Control

General Data Rights

  • Access and review your personal information
  • Request corrections to inaccurate information
  • Request deletion of your personal information (subject to service and legal requirements)
  • Opt out of marketing communications at any time
  • Withdraw consent for SMS messaging by replying "STOP"

Financial Data Rights

Special Rights for Payment Information:

  • Correction Requests: Request correction of billing address or payment method information within 24 hours
  • Deletion Rights: Request deletion of stored payment methods and billing information at any time
  • Access Rights: View all stored billing information and payment history through your account
  • Dispute Resolution: Contest any billing discrepancies with expedited review process
  • Data Portability: Request export of your payment history and billing information

How to Exercise Your Rights

To exercise any of these rights, contact us using the information provided below. For financial data requests, we will respond within 24-48 hours. For general data requests, we will respond within 30 days as required by law.

Data Retention

We retain your information for as long as necessary to provide services, comply with legal obligations, and resolve disputes. Service records may be kept for tax and business purposes as required by law. Upon termination of services, we will securely delete or anonymize your personal information unless legal retention requirements apply.

Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by email or through our website. Your continued use of our services after such modifications constitutes acceptance of the updated Privacy Policy.

California Residents' Rights (CCPA)

The California Consumer Privacy Act (CCPA) provides California residents with specific rights regarding their personal information.

Your CCPA Rights

  • Right to Know: You have the right to request disclosure of the personal information we have collected about you in the past 12 months, including the categories of information, sources, business purposes, and third parties with whom it was shared.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, fraud prevention).
  • Right to Opt-Out: You have the right to opt-out of the "sale" of personal information. We do not sell your personal information.
  • Right to Non-Discrimination: You have the right to not receive discriminatory treatment for exercising your CCPA rights.

Categories of Personal Information We Collect

  • Identifiers: Name, email address, phone number, IP address
  • Commercial Information: Service preferences, pool specifications, quote requests
  • Internet Activity: Website interactions, form submissions, device information
  • Geolocation Data: Approximate location based on IP address, service address

Business Purposes for Collection

We collect personal information for the following business purposes:

  • Providing pool maintenance and service quotes
  • Communicating about services and appointments
  • Processing employment and partnership applications
  • Improving website functionality and user experience
  • Complying with legal obligations

Third Parties We Share With

We may share your personal information with:

  • Service Providers: Cloud hosting (Supabase/AWS), email services (Resend), analytics (Google Analytics)
  • Legal Authorities: When required by law or to protect our rights

We do not sell personal information to third parties.

How to Submit CCPA Requests

To exercise your CCPA rights, you may:

We will verify your identity before processing your request and respond within 45 days. If additional time is needed, we will notify you of the extension and the reason.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Typically:

  • Customer service records: 7 years for tax and legal compliance
  • Marketing contacts: Until you opt-out or request deletion
  • Job applications: 1 year from submission date
  • Website analytics: 26 months (Google Analytics default)

Contact Information

For privacy-related questions or CCPA requests, please contact us:

BlueLux Pool Services

Email: team@bluelux.com

Phone: +1-601-BLUE-LUX (601-258-3589)

Address: PO Box 8831, Rancho Santa Fe, CA 92067