Bluejaÿ Security Statement

Bluejaÿ: Your Data, Our Priority

At Bluejaÿ, we know trust is earned, not given. That's why transparency is the cornerstone of our security approach. We believe in giving you complete peace of mind by providing clear insights into how we safeguard your data.

Enterprise-grade Security Built for You:

  • Protecting customer data is our top priority. We deploy industry-leading security solutions and rigorous compliance measures to ensure the continuous security, availability, confidentiality, and integrity of your information.
  • Expertise you can trust: Our dedicated Security and Privacy Teams are the brains behind the operation. They craft robust policies, monitor compliance, and demonstrate our commitment to security through independent audits.
  • Risk-based protection: We take a proactive approach to security, constantly identifying and mitigating potential threats through layered controls and processes tailored to your specific needs.

With Bluejaÿ, you can rest assured knowing your data is in safe hands. We're committed to earning your trust every day.

Built on Security: Your Data Always Protected

At Bluejaÿ, security isn't an afterthought, it's woven into the very fabric of our platform. From how we develop software to protecting your critical data, security is an integral part of everything we do.

Unwavering Commitment:

  • Dedicated expertise: Our robust security program is led by a Chief Information Security Officer (CISO) and a team of passionate security professionals. They're your guardians, constantly vigilant and proactively mitigating risks.
  • Embedded practices: From employee onboarding to product development, security isn't just a tickbox; it's infused into every aspect of our business.
  • Uncompromising data protection: We take your data's safety seriously. All data, including yours, is encrypted in transit and at rest across all layers of our applications.

Rigorous Controls:

  • Secure access: We enforce strict administrative controls, utilizing Single Sign-On with Two-Factor Authentication (SSO with 2FA) to ensure only authorized users access your information.
  • Confidentiality assured: Every employee and contractor signs a confidentiality agreement and undergoes mandatory security training to protect your data.
  • Thorough vetting: All personnel with access to your confidential information go through background checks, giving you an extra layer of peace of mind.

Continuous Improvement:

Our security measures are never static. We constantly strive to evolve our controls, enhancing their effectiveness, auditability, and efficiency to provide you with the most robust protection possible

At Bluejaÿ, your data is our top priority. We're committed to earning your trust, every step of the way.

Compliance Built In, Assurance Guaranteed

At Bluejaÿ, compliance isn't just a box to tick, it's a foundation we build upon. We understand the importance of securing your data and meeting the highest industry standards, which is why we're:

  • ISO 27001:2022 Certified: This rigorous certification demonstrates our commitment to maintaining a comprehensive Information Security Management System (ISMS) that protects your data to the highest level.
  • SOC 2 Type II on the Horizon: We're actively working towards achieving SOC 2 Type II certification, providing you with independent assurance of the effectiveness of our security, availability, and confidentiality controls.
  • Empowering Knowledge: Our team undergoes continuous training and education to stay ahead of the curve in security best practices, expanding our knowledge both within and outside Bluejaÿ.

This approach means you can rely on Bluejaÿ for:

  • Reduced Compliance Burden: We take care of the heavy lifting, so you can focus on what you do best.
  • Enhanced Data Protection: Your data is protected by industry-leading security controls and rigorous compliance standards.
  • Total Peace of Mind: You can trust that your information is in safe hands, backed by independent validation and continuous improvement.

Choose Bluejaÿ and experience the power of a partner that takes compliance seriously.

Privacy

Protecting data is a very serious priority for Bluejaÿ. We are committed to protecting privacy via comprehensive processes, administrative controls, safeguards, and ongoing training for all employees.

Using safeguards such as data encryption at rest, in transit, and in backups, we leverage industry-standard practices to ensure the confidentiality of data while also meeting customer organization’s privacy obligations.

Refer to our privacy policy for more details.

Data Protection

We design our systems to treat all customer data as critical.

Customer data is encrypted at rest and in transit using industry-accepted tools, standards, and best practices.

Customer data is stored in secure facilities, on secure servers, and within secure applications.

We implement fine-grained access controls which limit access to only those with a legitimate business need and granted based on the principle of least privilege. By limiting access to those who need it and regularly monitoring access, we minimise access points and operational risk.

Your Data: Our Fort Knox

At Bluejay AI, we guard your data like it's our crown jewel. That's why every system we design treats customer information with the utmost care.

Rigorous Controls:

  • Fortress-like Security: Your data rests safely encrypted at all times, both in motion and at rest, using industry-approved tools and best practices. Picture it locked away in a secure vault, inaccessible to unauthorized eyes.
  • Secure Foundations: We house your data in impenetrable facilities, on robust servers, and within secured applications. Think of it as an impregnable castle protecting your information.
  • Granular Access Controls: Only authorized personnel with a demonstrable business need are granted access to your data, following the principle of least privilege. We minimize access points and keep a watchful eye on activity, mitigating operational risks.

With Bluejay AI, your data is in safe hands. We treat it with the same respect and vigilance as our own, giving you peace of mind and unwavering confidence.

Continuous Monitoring and Incident Response

Our platform is monitored for operational performance, availability, and security events. The operations team uses a security information and event monitoring (SIEM) platform to help ensure that there are no security ramifications based on any alerts received in relation to authentication, endpoint, web application, and more.

If a suspected incident is identified, an incident response team has an established response plan and accompanying procedures to investigate and ameliorate the situation.

Vulnerability Management and Testing

We understand that the threat landscape is continuously evolving and to evaluate these ever-changing threats we have established methods to identify and remediate risks in our platform, including:

  • Vulnerability scanning
  • Code scanning
  • Third-Party penetration testing
  • Automated testing
CLOSE
Privacy Policy

Bluejay AI Pty Ltd

1. We respect your privacy

(a) Bluejay AI Pty Ltd respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. This policy sets out how we collect and treat your personal information.

(b) We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and to the extent applicable, the EU General Data Protection Regulation (GDPR).

(c) "Personal information" is information we hold which is identifiable as being about you. This includes information such as your name, email address, identification number, or any other type of information that can reasonably identify an individual, either directly or indirectly.

(d) You may contact us in writing at Suite 2003, 109 Pitt St, Sydney, New South Wales, 2000 for further information about this Privacy Policy.

2. What personal information is collected

(a) Bluejay AI Pty Ltd will, from time to time, receive and store personal information you submit to our website, provided to us directly or given to us in other forms.

(b) You may provide basic information such as your name, phone number, address and email address to enable us to send you information, provide updates and process your product or service order.

(c) We may collect additional information at other times, including but not limited to, when you provide feedback, when you provide information about your personal or business affairs, change your content or email preference, respond to surveys and/or promotions, provide financial or credit card information, or communicate with our customer support.

(d) Additionally, we may also collect any other information you provide while interacting with us.

3. How we collect your personal information

(a) Bluejay AI Pty Ltd collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our website and when we engage in business activities with you. We may receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.

(b) By providing us with personal information, you consent to the supply of that information subject to the terms of this Privacy Policy.

4. How we use your personal information

(a) Bluejay AI Pty Ltd may use personal information collected from you to provide you with information about our products or services. We may also make you aware of new and additional products, services and opportunities available to you.

(b) Bluejay AI Pty Ltd will use personal information only for the purposes that you consent to. This may include to:

  • (i) provide you with products and services during the usual course of our business activities;
  • (ii) administer our business activities
  • (iii) manage, research and develop our products and services;
  • (iv) provide you with information about our products and services;
  • (v) communicate with you by a variety of measures including, but not limited to, by telephone, email, sms or mail; and
  • (vi) investigate any complaints.



If you withhold your personal information, it may not be possible for us to provide you with our products and services or for you to fully access our website.

(c) We may disclose your personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, legal proceedings or in response to a law enforcement agency request.

(d) If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases.

5. Disclosure of your personal information

(a) Bluejay AI Pty Ltd may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this privacy policy.

(b) If we do disclose your personal information to a third party, we will protect it in accordance with this privacy policy.

6. General Data Protection Regulation (GDPR) for the European Union (EU)

(a) Bluejay AI Pty Ltd will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.

(b) We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.

(c) We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.

(d) We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.

(e) We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.

(f) We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.

(g) We do not collect or process any personal information from you that is considered "Sensitive Personal Information" under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.

(h) You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.

7. Your rights under the GDPR

(a) If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. Bluejay AI Pty Ltd complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU

(b) Except as otherwise provided in the GDPR, you have the following rights:

  • (i) to be informed how your personal information is being used;
  • (ii) access your personal information (we will provide you with a free copy of it);
  • (iii) to correct your personal information if it is inaccurate or incomplete;
  • (iv) to delete your personal information (also known as "the right to be forgotten");
  • (v) to restrict processing of your personal information;
  • (vi) to retain and reuse your personal information for your own purposes;
  • (vii) to object to your personal information being used; and
  • (viii) to object against automated decision making and profiling.



(c) Please contact us at any time to exercise your rights under the GDPR at the contact details in this Privacy Policy.

(d) We may ask you to verify your identity before acting on any of your requests.

8. Hosting and International Data Transfers

(a) Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. These may include, but are not limited to the UK and the USA.

(b) We and our other group companies have offices and/or facilities in Australia, the
UK and the USA. Transfers to each of these countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Bluejay AI Pty Ltd's Data Protection Officer.

(c) The hosting facilities for our website are situated in Australia and the USA. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Bluejay AI Pty Ltd, Data Protection Officer.

(d) Our Suppliers and Contractors are situated in Australia, New Zealand, India and the UK. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from Bluejay AI Pty Ltd's Data Protection Officer.

(e) You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

9. Security of your personal information

(a) Bluejay AI Pty Ltd is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

(b) Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.

(c) The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

10. Access to your personal information

(a) You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth), and to the extent applicable the EU GDPR. If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at privacy@bluejay-ai.com.

(b) We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act or any other applicable law.

11. Complaints about privacy

(a) If you have any complaints about our privacy practices, please feel free to send in details of your complaints to privacy@bluejay-ai.com. We take complaints very seriously and will respond shortly after receiving written notice of your complaint.

12. Changes to Privacy Policy

(a) Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy.

13. Website

(a) When you visit our website When you come to our website (www.bluejay-ai.com), we may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site, such that we can improve our service.

(b) Cookies
We may from time to time use cookies on our website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website. Our website may from time to time use cookies to analyses website traffic and help us provide a better website visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google AdWords. These ads may appear on this website or other websites you visit.

(c) Third party sites
Our site may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third-party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Bluejay AI Pty Ltd is not responsible for the privacy practises of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.

CLOSE
Close Cookie Preference Manager
Cookie Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. More info
Close Cookie Popup
Cookie Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. More info
Accept All Cookies
Cookie Settings
Cookies Preferences
100
%
Join Us
Do you want to change the world or, at least, a specific part of it?
Are you driven to be a part of a true paradigm shift?

Experience an elite professional environment in which the best and brightest get to make their mark. Where you can make a genuine impact on a global scale.

Where your career will be propelled by your ability to surprise and amaze.
CLOSE
To send us a CV, click here
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Food Manufacturing
Banking
Super
Insurance

Manage your control environment with far greater fidelity at a fraction of the cost

Why Bluejaÿ?
Bluejaÿ uses incisive and predictive analytics to resolve control environment challenges. This allows businesses to protect their reputations, and redirect energy and savings from control spend towards more important strategic objectives.

Industry Challenges

Even with best current practice, managing the control environment has become expensive and outcomes are ineffective. A new capability is needed that includes analytical and predictive insights highlighting where controls may fail, allowing them to be proactively rectified before failures can manifest. 

Insurance Sector
Superannuation Sector
Banking Sector
What is a control, and what are the challenges?
How big are the challenges?
Globally 67% of banks expect regulatory budgets will increase or stay the same.
67%
Compliance costs are expected to double by 2022 and creep up to 10% of revenues.
10%
Control risk loss provisions have increased 113% in the EU, and a 137% in the US. In Australia, bank control risk loss provisions are 10x of spend in the control enviornment.
x10
Only 32% of global firms are satisfied with their internal risk reporting dashboard showing Key Risk Indicators.
32%

Our Products

We provide market-leading predictive and incisive insights on the control environment at a fraction of current costs and timeline.

Learn more

We prevent control failures by predicting control weak points across the entire control population in real time and 24x7.

Our i-Control Risk product is an extension of customer's existing Governance Risk and Compliance systems (GRCs) and has six modules and caters to different levels of non-financial risk management maturity.

Who we work with

Understanding Risk

Insights from some of the world's most experienced and qualified specialists.

Subject matter specialists bring a wealth of knowledge and experience to the Bluejaÿ knowledge platform. Bookmark this page for updated news, expert opinions on control environment challenges, industry trends, or in-depth analyses of complex issues.

Featured Contributors
Link to hide for CMS nestingLink to hide for CMS nesting
Christian Hunt
Chief Product Officer
The dog did not eat your homework
February 11, 2022
"You can blame the dog as much as you like, but ultimately you're the one who gets in trouble, not the dog"
Continue Reading
Link to hide for CMS nesting
Robert Mancini
Chief Executive Officer of Americas
SRA Consulting and Bluejaÿ AI Forge Strategic Partnership to Revolutionize Risk Management in the Banking Sector
March 12, 2024
News
News
"SRA Consulting and Bluejaÿ AI continue partnering to offer a risk management solution combining human expertise with AI forecasting for improved operational resilience. "
Continue Reading
Link to hide for CMS nesting
Karina Kwan
Non Executive Director and Chair of Audit & Risk Committees
How to Solve Control Environment Complexity?
July 3, 2023
News
News
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"the operational complexity of an organization tends to grow as the organization expands"
Continue Reading
Link to hide for CMS nesting
James Stavrou
Product Executive at Bluejaÿ
Embracing new technologies for effective and real time risk oversight and assurance
October 24, 2022
Insight
Insight
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"Our risk and compliance functions need to complement traditional sample testing with advanced diagnostic tools to provide effective assurance and free up risk and compliance effort to focus more broadly on areas that require urgent and timely attention."
Continue Reading
Link to hide for CMS nesting
Luke Kelly
Managing Director at DKG
A proactive approach to risk control?
October 5, 2022
News
News
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"A robust control environment, when in place, will provide an operational resilience framework, but even with the best control environment in the world, GRC will always be a moving target."
Continue Reading
Link to hide for CMS nesting
Rob Wilson
Chief Technology Transformation Officer Bank of Queensland
Creating room for transform by "solving" the regulatory and control environment challenges!
October 18, 2023
Insight
Insight
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"A path that provides security, sustainability and is affordable - to solve our current problems and generate the room for investment in the necessary transformation to earn a place in the digital future."
Continue Reading
Christian Hunt
Chief Product Officer
Rob Wilson
Chief Technology Transformation Officer Bank of Queensland
Luke Kelly
Managing Director at DKG
Karina Kwan
Non-Executive Director & Chair of Audit & Risk Committees
James Stavrou
Product Executive at Bluejaÿ
Featured Article
Rob Wilson
Chief Technology Transformation Officer Bank of Queensland
Creating room for transform by "solving" the regulatory and control environment challenges!
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"A path that provides security, sustainability and is affordable - to solve our current problems and generate the room for investment in the necessary transformation to earn a place in the digital future."
Read full article
Christian Hunt
Chief Product Officer
The dog did not eat your homework
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"You can blame the dog as much as you like, but ultimately you're the one who gets in trouble, not the dog"
Read full article
Luke Kelly
Managing Director at DKG
A proactive approach to risk control?
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"A robust control environment, when in place, will provide an operational resilience framework, but even with the best control environment in the world, GRC will always be a moving target."
Read full article
James Stavrou
Product Executive at Bluejaÿ
Embracing new technologies for effective and real time risk oversight and assurance
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"Our risk and compliance functions need to complement traditional sample testing with advanced diagnostic tools to provide effective assurance and free up risk and compliance effort to focus more broadly on areas that require urgent and timely attention."
Read full article
Karina Kwan
Non Executive Director and Chair of Audit & Risk Committees
How to Solve Control Environment Complexity?
Non et sit amet odit dolor omnis corporis non non. Non sed veniam vel laudantium voluptates maiores et laboriosam ut. Esse est blanditiis modi sapiente id nobis sint animi.Et dolorem quisquam dolorem non possimus. Eos architecto ea modi. Nesciunt molestias libero quia animi nisi beatae nam et sit. Illum in eum expedita sed id.
"the operational complexity of an organization tends to grow as the organization expands"
Read full article
Robert Mancini
Chief Executive Officer of Americas
SRA Consulting and Bluejaÿ AI Forge Strategic Partnership to Revolutionize Risk Management in the Banking Sector
"SRA Consulting and Bluejaÿ AI continue partnering to offer a risk management solution combining human expertise with AI forecasting for improved operational resilience. "
Read full article