Privacy Notice
This privacy policy was last updated on December 15th, 2024 We regularly review and update this notice to ensure it reflects changes in our practices and compliance with applicable laws. If any significant changes are made, we will provide clear notice on our website.
BABLE is an exchange platform for the Smart City community - a digital toolkit to facilitate implementation of Smart City Solutions. To provide our services effectively and improve your experience, we collect and use your personal data. As a responsible company. we are strongly committed to protecting your privacy.
This privacy policy explains how our organization uses this personal data we collect from you when you use our website and services and also covers the personal data you share with us for business purposes. It describes our policies and procedures on the collection, use and disclosure of your information.
By using our Services and/or creating an account with us, you agree to our Terms and Conditions and to the collection and use of information in accordance with this Privacy Notice.
We periodically update this Privacy Policy. We will post any privacy policy changes on this page and, if the changes are material, we will provide a more prominent notice by sending you a notification on your dashboard.
1. Key Terms
The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
For the purposes of this Privacy Notice:
- Account means a unique account created for you to access our Service or parts of our Service.
- Company (referred to as either "the Company", “BABLE”, "we", "us" or "our" in this Agreement) refers to BABLE GmbH, Seyfferstrasse 34, 70197 Stuttgart.
- Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.
- Country refers to: Germany (and if legally necessary e.g. due to conflicting regional laws, to the German State of Baden-Württemberg)
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- Personal Data refers to any information relating to an identified or identifiable individual, including identifiers such as names, email addresses, IP addresses, cookies, device information, and location data. It does not include anonymized or aggregated data that cannot be used to identify a specific individual. This definition applies to both direct identifiers (e.g., name, email) and indirect identifiers (e.g., cookies, IP addresses), which are considered personal data under GDPR.
- Service refers to the Website, Tools, Applications, Newsletter and any other service offered by the Company.
- Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
- Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- Website refers to BABLE, accessible from https://www.bable-smartcities.eu/
- you and your means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
2. What data do we collect?
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. If you are 16 years of age or younger, you need permission from a legal guardian to be part of our community.
The personal information we collect includes the following:
2.1 Personal Data
We collect the following personally identifiable information provided by you while registering for and using our Services:
while registering for and using our Services:
Mandatory
- Email address
- First name and last name
Optional
- Telephone Number
- Profile Picture
- Position
- Address, State, Province, ZIP/Postal code, City
- Billing Information
- Link to Social Media Channels
- The content you create on BABLE
Legal Basis for Processing:
- Mandatory data is processed under GDPR Article 6(1)(b) as necessary for providing our Services.
Optional data is collected with your explicit consent under GDPR Article 6(1)(a).
2.2 Usage Data
Usage Data is collected automatically when using the Service. This includes: information such as your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, device type, ID for listing, geo-location information and other diagnostic data.
Mobile Device: When you access the Service by or through a mobile Device, we collect certain information automatically. This includes, but is not limited to: the type of mobile device you use, your mobile device unique ID, geo-location information, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
Browser Data: We also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device. This includes: computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, and your IP address.
Purpose and Legal Basis: This data is collected to monitor and improve the functionality, security, and usability of our Service. The legal basis for this processing is our legitimate interest in maintaining and enhancing our platform (GDPR Article 6(1)(f)).
2.3 Embedding Videos and other content
If you provide us with access to video content hosted on third-party platforms (e.g., social media), you agree that we may share or obtain information about this content in accordance with your privacy settings on those platforms. The processing of such data is based on your explicit consent, which you can withdraw at any time by contacting us.
Retention: Unless you withdraw your consent earlier, we may retain this data for up to two years to provide and improve our services.
2.4 Cookies and Tracking Technologies
We use cookies on this website and our other Services, for the following purposes:
- To enable you to use and access the BABLE Platform and the Payment Services.
- To enable, facilitate and streamline the functioning of and your access to the BABLE Platform.
- To better understand how you navigate through and interact with the BABLE Platform and to improve the BABLE Platform.
- To show you content that is more relevant to you.
- To monitor and analyse the performance, operation, and effectiveness of the BABLE Platform and BABLE advertisements.
- To enforce legal agreements that govern use of the BABLE Platform.
- For fraud detection and prevention, and investigations.
- For purposes of our own customer support, analytics, research, product development, and regulatory compliance.
Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse Our Service. The technologies we use include:
- Cookies or Browser Cookies:
A Cookie is a small file placed on your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. If you have not adjusted your browser setting to refuse Cookies, our Service may use Cookies. - Web Beacons.
Certain sections of our Service (including our Newsletter) contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on your personal computer or mobile device after you go offline, while Session Cookies are deleted as soon as you close your web browser. We use both Session and Persistent Cookies for the purposes set out below: - Necessary / Essential Cookies
Type: Session Cookies
Administered by: BABLE
Purpose: These Cookies are essential to provide you with services available through the Website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services. - Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: BABLE
Purpose: These Cookies identify if users have accepted the use of Cookies on the Website. - Functionality Cookies
Type: Persistent Cookies
Administered by: BABLE
Purpose: These Cookies allow us to remember choices you make when you use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the Website. - Matomo
We use Matomo to analyse the use of this Website. Matomo generates statistical and other information about Website use by means of Cookies, which are stored on users' computers. The information generated relating to our Website is used to create reports about the use of the website. We store and use this information safety on our system.
Matomo is processing the following personal data:- Cookies
- IP address
- User ID
- Custom Dimensions
- Custom Variables
- Order ID
- Location of the user
- Date and time
- Title of the page being viewed
- URL of the page being viewed
- URL of the page that was viewed prior to the current page
- Screen resolution
- Time in local timezone
- Files that were clicked and downloaded
- Link clicks to an outside domain
- Pages generation time
- Country, region, city
- Main Language of the browser
- User Agent of the browser
- Session recording, mouse events (movements, content forms and clicks)
3. Who do we share your data with?
We may disclose your personal information to employees of our company or to third party Service Providers. We do this to provide you access to our Services; to comply with our legal obligations; to enforce our Terms and Conditions; to facilitate our marketing and advertising activities; to prevent, detect, mitigate or to investigate fraudulent or illegal activities related to our Service. We minimise the amount of personal information we disclose to what is directly relevant and necessary to accomplish the specified purpose. We do not disclose your personal information to third parties for their marketing and advertising purposes without your explicit consent.
We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
We may disclose your personal information to the following parties and for the following purposes:
3.1 Internal
Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. This information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
3.2 Service Providers and financial institutions partners
Third party service providers may also be provided with your Personal Data. These are organisations who help us to provide our Service and assist us in providing customised advertising. These are also organisations who assist us with the prevention, detection, mitigation and investigation of potentially illegal acts as well as with violations of our Terms and Conditions, fraud and/or security breaches, bill collection, affiliate and rewards programs, co-branded credit cards and other business operations.
We use the following external services:
- Hubspot for customer relationship management
- Data Shared: First Name and Last Name, E-Mail, Phone No., Position
- Hubspot’s Privacy Policy: https://legal.hubspot.com/privacy-policy
- Microsoft Office 365 Suite for our day-to day business activities including Outlook for E-Mail, and Sharepoint and One Drive for Storage.
- Data Shared: First name, Last Name, E-Mail and Phone No.
- Microsoft’s Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement
- Slack for our day-to day business activities including communications.
- Data Shared: First Name and Last Name, E-Mail, Phone No., Position
- Slack Privacy Policy: https://slack.com/intl/de-de/trust/privacy/privacy-policy
- Stripe for managing payments on the platform
- Data Shared: First names, Last name, E-mail, Payment Details (Credit Card no., Bank account details)
- Stripe’s Privacy Policy: https://stripe.com/en-de/privacy
- Cloudflare for security, performance, and reliability of the platform
- Data Shared: Device Information, Geographical Data, Interaction Data
- Cloudflare Privacy Policy: www.cloudflare.com/privacypolicy/
3.3 Law enforcement, legal proceedings, and as authorized by law
We may release your Data:
- to comply with our legal requirements, enforce our Terms and Conditions, respond to claims that a listing or other content violates the rights of others or protect anyone's rights, property or safety.
- to law enforcement or governmental agencies, or authorized third-parties, in response to a verified request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User ID history, IP address, fraud complaints, or bidding and listing history.
- to third parties involved in a legal proceeding, if they provide us with a subpoena, court order or substantially similar legal procedure, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity.
3.4 Change of Ownership
If we were to merge with, be acquired by another company, have a change in our ownership structure, type legal entity or settle legally in a different country, we may share information with the involved stakeholders in accordance with our global privacy standards. Should such an event occur, we will require that the new (combined) entity follow this Privacy Notice with respect to your personal information. If your personal information is collected, used, disclosed, or retained for any purposes not covered in this Privacy Notice, you will receive prior notification of the processing of your personal information for the new purposes.
If your data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, are in place to protect your information. For more details about these safeguards, please contact us.
4. How do we store Your data?
We store your personal data on secure servers located in Germany and managed by trusted service providers. Data is encrypted in transit and at rest to prevent unauthorized access. Access controls and regular security audits ensure the ongoing protection of your data.
In addition, your data is stored in the servers of our Service Providers including but not limited to: Hubspot, Slack and Microsoft.
5. How long do we keep your data?
The Company will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes or enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Log files are stored for a period of two weeks, whereas google analytics stores usage data for a period of 14 months.
After it is no longer necessary for us to retain your personal information, we dispose of it in a secure manner.
Once you make a public posting, you may not be able to change or remove it. Upon your request, we will close your account and remove your personal information from view as soon as reasonably possible, based on your account activity and in accordance with applicable national laws.
6. How is your data secured?
The security of your Personal Data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We protect your information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centre, and information access authorisation controls. If you believe your account has been abused, please contact us following the instructions in the Contact Us section.
In case of a possible leak of data, our data processor and site administrator will notify us immediately after discovering or becoming aware of any such incident. Following the report of the incident, we will carry out an assessment with our contractors and partners to identify corresponding measures We will inform you about the situation, the gravity of the situation and the solution as soon as possible.
We use industry-standard security measures to protect your data, including:
- SSL/TLS encryption for data transmitted over the internet.
- Multi-factor authentication for access to sensitive systems.
- Regular penetration testing and vulnerability scans.
- Physical access controls at our data centers.
While we take every precaution, no security system is entirely foolproof. If you suspect unauthorized access to your data, please contact us immediately.
7. What are your data protection rights?
Our Company would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to make a request for copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – You can see, review and change your personal information by signing in to your account. Please update your personal information immediately if it changes or is inaccurate. You have the right to request that our Company correct any information you believe is inaccurate. You also have the right to request to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that our Company erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that our Company restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to our Company’s processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.
Where you have a statutory right to request access or request the modification or erasure of your personal information, we still might need to withhold that access or decline to modify or erase your personal information in some cases in accordance with applicable national laws In such a case, we will provide you with the reasoning.
It is important to note that if you withdraw your consent for the use or disclosure of your personal information for purposes set out in this Privacy Notice, you may not have access to all our Services and we might not be able to provide you all of the Services and customer support offered to our users and authorized under this Privacy Notice and our Terms and Conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us following the instructions in the Contact Us section.
If you disagree with the processing of your Data or the information we provide, you may submit a complaint to the following regulatory authority:
Concerned Supervisory Authority
Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart - Germany
Telephone: +49 711 61554 10 Telefax: +49 711 615541 15
E-Mail: [email protected]
8. Contact Us
8.1 Contact details of the person responsible for data processing
Responsible person within the meaning of the General Data Protection Regulation, other data protection laws in the Member States of the European Union and other provisions with data protection character is the company:
BABLE GmbH
Legal representation: Alexander Schmidt
Reuchlinstr. 27,
70176 Stuttgart – Germany
Telephone: +49 711 968813 10
E-Mail: [email protected]
8.2 Contact details of the data protection officer
If you have any questions regarding the collection, processing or use of your personal data and your inquiries regarding information, correction, blocking, deletion or restriction of processing, please contact our data protection officer:
Gregory O‘Connor
E-Mail: [email protected]