Security & Reliability

Application Security

Encryption in Transit

Blue J takes encryption seriously. We support TLS 1.3, the latest version of the security protocol, to secure your data during transit. Blue J’s SSL configuration is routinely audited to ensure we keep an A+ rating from


HSTS tells a browser that a site should only be accessed via encrypted channels (HTTPS). The Blue J platform uses HSTS configured in accordance with industry best practices to ensure all your traffic is encrypted.

Encryption at Rest

Blue J uses military grade AES-256-GCM to encrypt data at rest.

Account Protection

Our IAM (Identity Access and Management) system intervenes against popular attacks like brute force logins or suspicious amounts of traffic from an account.

Employee Onboarding

Every new Blue J employee goes through a rigorous background check and goes through Blue J onboarding before they are given access to Blue J systems.

Operational Security

Hosted on AWS

The Blue J platform (including all applications and data) is hosted using Amazon Web Services. Amazon is the global leader in cloud computing. Amazon’s data centers are some of the most regulated and secure environments in the world. Amazon data centers are SOC1, SOC2, SOC3, PCI-DSS, ISO-27001 certified. A complete list can be found here.

Built with Automation

Automation is heavily used at Blue J to ensure our services and configurations are built and maintained in their desired states. Changes at Blue J are made by automation to ensure consistency and repeatability as well as to reduce human error. In addition to all the other benefits of automation, our verification tools ensure that our environments continually match the state we built them in with every change.

Least Privilege

One of the major focal points of computer security is the concept of least privilege. At Blue J we work hard to ensure we stick to this concept. Our engineers ensure that our applications run using non-privileged accounts to run our workloads.


The only thing worse than a disaster is not being prepared for a disaster. That is why Blue J databases backup all transactions every 5 minutes, with full database backups occurring every 24 hours. So if disaster strikes it doesn’t matter if data was needed from 30 minutes ago or 3 days ago, it’s there.

Contact Us

Please contact us at the address set out below if you have any questions or comments about Security or if you otherwise have a question or complaint about the manner in which we or our service providers treat your personal information.

Chief Operating Officer

Data Protection Rights

Purpose of Processing

Providing a research and analysis platform for legal issues.
More information on the collection and use of Personally Identifiable Information (PII) can be found here:

Basis for Collection & Processing

The Blue J platform is designed to require minimal PII. The PII that is collected and processed within Blue J is in accordance with the Blue J Terms Of Use. The Blue J Terms Of Use can be found here:

Data Subject Access Requests (DSAR)

For data access, modification or deletion requests please contact our Data Protection Officer (“”) at

Data Privacy & Cookie Policies

Blue J’s privacy policy contains all relevant information in regards to data privacy and Blue J’s cookie policy. The privacy policy can be found here:

Data Retention

Blue J retains customer information indefinitely as long as they continue to use our products. We only capture information necessary for the purposes of providing our services as described in our privacy policy here:
Customers can submit a deletion request to our Data Protection Officer (“DPO”) at should they opt to have their data removed at any point.

Breach Notification

In the event of a breach Blue J will promptly report to required parties to comply with all applicable regulatory requirements.

Individual Responsible for Compliance

Brett Janssen, CTO