Privacy Policy
How the Blimp update server and website handle your data.
Last updated: June 15, 2026
This Privacy Policy describes how the Blimp development team handles information in connection with your use of Blimp statistical software.
1. Overview
Blimp is a locally installed desktop application. Your research data, analysis output, syntax, and any datasets you open or create in Blimp remain entirely on your local computer and are never transmitted to the Blimp development team or to any third party.
Blimp does not transmit information about you or your use of the software. The only network activity Blimp initiates is the automatic software update check and the download of update files described in Section 3. Those are ordinary HTTP requests to a Blimp-operated update server. As is the case with any web server, the update server is able to observe the requests it receives and records limited, pseudonymous information about each one, as described below.
Separately, the Blimp development team operates the Blimp website and the online user guide. When you open those pages in a web browser, your browser contacts a Blimp-operated server, which records the same limited, pseudonymous request information described in Section 3. This is the only situation in which a web browser—rather than the Blimp software—initiates contact with a Blimp-operated server.
2. Data You Provide or Analyze
Any datasets, syntax, output, or other files you create or open within Blimp are processed entirely on your local machine. This data is never transmitted to the Blimp development team or to any external server. The Blimp development team has no access to your research data.
3. Server Logging (Software Updates and Website Visits)
Blimp Studio (the desktop application) and rblimp (the companion R package) each periodically contact a Blimp-operated update server to check whether a newer version of the software is available, and to download update files when one is available. The update server runs on third-party cloud infrastructure (see Section 5).
Blimp does not send information about you or your use of the software to the update server. The communication is a standard web request for an update manifest or file. As with any web server, the update server is able to observe the requests it receives and records a limited log entry for each one, which the Blimp development team uses solely to understand aggregate usage of the software. Each entry contains:
- Technical information about the request (the request method, the file or software component requested, any byte-range requested, the size of any file served, the HTTP response status, and the time of the request)
- Information about the requesting environment (operating system family and the version of the update tool or browser making the request)
- Approximate network origin (country, the network operator / ASN serving the request, and the Cloudflare edge data center handling the request), as derived from your network address by the infrastructure provider
- A one-way pseudonymous identifier derived from your network address and request information combined with rotating salts; this identifier cannot be reversed to recover your network address, and rotates over time so that the same installation appearing later produces a different identifier
Your raw network (IP) address is not stored in this log. The pseudonymous identifier exists only to estimate the number of distinct installations and cannot be used to identify you personally. Because every stored entry contains only the pseudonymous fields described above, the duration of retention does not enable identification of individual users.
The Blimp website and the online user guide—including the documentation hosted at docs.blimpstats.com—are served from Blimp-operated infrastructure. When you load one of these pages in a web browser, the server records a log entry of the same kind, and for the same purposes (Section 6), as described above for software update requests. No cookie or persistent identifier is set in your browser, and your browser's referring-page (referrer) URL is not recorded.
Logged data is retained for as long as the Blimp development team considers it useful for the purposes described in Section 6.
4. Information We Do Not Collect or Store
The Blimp development team does not collect or store:
- Your name, email address, institution, or other personally identifying information
- Your research data or any data files you analyze
- Behavioral analytics about how you use features inside the software
- Crash reports or error logs (Blimp does not transmit these)
- Cookies or persistent identifiers placed on your computer
- Your raw network (IP) address (only the pseudonymous identifier described in Section 3 is stored)
- Referrer URLs, browser screen size, language headers, or request body content
- Information that links a single installation to itself across identifier-rotation boundaries
5. Infrastructure and Third-Party Sub-Processors
The Blimp update server is operated using Cloudflare, Inc. (101 Townsend Street, San Francisco, CA 94107, USA), which acts as a data processor on behalf of the Blimp development team. In the ordinary course of routing internet traffic, Cloudflare receives full request metadata, including your IP address and HTTP headers. Cloudflare's own handling of edge traffic is governed by Cloudflare's privacy policy, available at cloudflare.com/privacypolicy.
The Blimp development team's stored, queryable analytics data is limited to the fields listed in Section 3 and does not include your raw IP address.
Blimp incorporates third-party software libraries (see the accompanying license files). These components operate locally and do not independently collect or transmit data. The update functionality uses the QtAutoUpdater / Qt Installer Framework components; no data beyond what is described in Section 3 is transmitted by these components.
6. Purpose and Legal Basis for Processing
The limited information described in Section 3 is processed for the following purposes:
- To deliver software updates to your installation
- To understand, in aggregate, where and how Blimp is being used so that the development team can support the user community and plan continued development of the software
- To detect and mitigate abuse of the update server (for example, automated scraping or denial-of-service traffic)
For users in the European Economic Area, the United Kingdom, and Switzerland, the legal basis for this processing is the legitimate interest of the Blimp development team in maintaining, improving, and securing the software (Article 6(1)(f) GDPR / UK GDPR), balanced against the minimal, pseudonymous nature of the data collected and the short retention period.
7. Your Rights and Choices
Disabling update checks. You may disable automatic update checks in Blimp's application preferences. When update checks are disabled, no requests are sent to the Blimp update server and no log entry is created.
Website and user-guide analytics. The page-view logging described in Section 3 happens only when you load a page of the Blimp website or online user guide; it does not run inside the Blimp software. Because no cookie or persistent identifier is stored on your device, there is nothing to delete from your browser.
GDPR / UK GDPR rights. If you are in the EEA, the United Kingdom, or Switzerland, you have rights under applicable data-protection law, including the rights of access, rectification, erasure, restriction, objection, and the right to lodge a complaint with a supervisory authority. Because the Blimp update server does not retain your network address and stores only pseudonymous identifiers that rotate over time, the Blimp development team is generally unable to identify a stored log entry as belonging to a specific individual; as permitted by GDPR Article 11, the team may therefore be unable to action access or erasure requests against a specific data subject without additional information. You may exercise your right to object to processing at any time by disabling update checks as described above.
California residents (CCPA / CPRA). The Blimp development team does not sell, share, or rent personal information as those terms are defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act. California residents have rights to know, delete, and correct personal information, subject to the same identifiability limitation described in the preceding paragraph.
8. Data Security
Because Blimp processes all research data locally on your machine and does not transmit it, the security of your research data depends on the security practices of your own computing environment. The Blimp development team recommends following your institution's data security policies when handling sensitive research data.
The pseudonymous logs described in Section 3 are stored within Cloudflare infrastructure and are accessible only to authorized members of the Blimp development team.
9. Children's Privacy
Blimp is research and academic software intended for use by researchers and professionals. It is not directed at children under the age of 13, and the Blimp development team does not knowingly collect information from children.
10. Changes to This Policy
The Blimp development team may update this Privacy Policy from time to time. Any changes will be reflected in an updated version distributed with new releases of Blimp, and the "Last updated" date at the top of this policy will reflect the date of the most recent revision. Material changes affecting how data is processed will be described in the release notes for the corresponding version.
11. Contact
If you have questions about this Privacy Policy, or wish to exercise any of the rights described in Section 7, please contact the Blimp development team:
privacy@blimpstats.com
Brian T. Keller
Craig K. Enders