PRIVACY POLICY

 

1.Content

  1. WHO WE ARE
  2. RESPONSIBLE PERSON AND DATA PROTECTION OFFICER
  3. DATA PROCESSING ON THE OOBLEE PLATFORM
    3.1. INFORMATION FROM USERS OF THE OOBLEE PLATFORM
    3.2. DATA FROM USERS OF THE OOBLEE SOCIAL NETWORK
    3.3. BUSINESS CUSTOMER DATA
    3.4. DATA FROM CUSTOMERS
  4. DATA PROCESSING ON THE OOBLEE WEBSITE
    4.1. DATA FROM VISITORS TO THE OOBLEE WEBSITE
    4.2. DATA AT OOBLEE CUSTOMER SERVICE
  5. HOW LONG DO WE KEEP PERSONAL DATA?
  6. HOW SECURELY IS YOUR PERSONAL INFORMATION STORED?
  7. DATA TRANSFER TO THIRD PARTIES AND PROCESSORS
    7.1. GENERAL INFORMATION ON DATA TRANSFER
    7.2. WHEN WE MAY DISCLOSE THE PERSONAL DATA OF USERS OF THE SOCIAL NETWORK OOBLEE?
    7.3. WHEN CAN WE DISCLOSE THE DATA OF BUSINESS CUSTOMERS?
    7.4. WHEN ELSE CAN WE SHARE DATA?
  8. DATA TRANSFER TO THIRD COUNTRIES
  9. DATA SUBJECT RIGHTS
  10. CHANGES IN THE PRIVACY POLICY

 

1.  Who we are

 

ooblee is a privacy focused platform and in this privacy notice we would like to introduce how we process your personal data on our platform.

 

ooblee is a startup company founded with the goal of democratizing online shopping and creating a modern and dynamic online shopping community of sellers and buyers by building a social shopping network. Our goal is to creatively connect online supply and demand in a city and provide a different online sales and shopping experience for our customers through interesting city shopping events, shopping with friends, shopping influencer activities, and supporting social responsibility and sustainability projects.

 

Through our platform, business customers can easily and efficiently increase their online visibility and place their offers directly in the local community through a new sales channel. End customers of ooblee get a new and more fun online shopping experience, integrated with their local environment and closer to the expectations of modern online shoppers.

 

Whether you are just a member of ooblee’s social network, an active customer (ooblee end user, end user) or an ooblee user who is active on our platform (business customer , business user), we will only collect, adequately protect and carefully handle the necessary personal related data from you as described in this Privacy Notice.

 

The terms in this document are consistent with the terminology used in the “Terms of Use of the ooblee Platform” and if you are unsure of how any part of the ooblee Platform works, please refer to this document.

 

2. Responsible person and data protection officer

 

Responsible for data processing is ooblee Europe GmbH i.G., Potsdamer Platz 11, 10785 Berlin, office@ooblee.de.

 

Questions about the privacy policy or requests regarding the collection or processing of your personal data can be directed to our data protection officer at dpo@ooblee.me or to ooblee user support at support@ooblee.me.

 

3. Data processing on the ooblee platform

 

3.1  Information from users of the ooblee platform

 

We collect only the data necessary for the functioning, optimization and protection of our marketplace social commerce platform, the sustainability of its monetization models, the maintenance and improvement of our technical solutions, the communication with our end and business customers and ensuring the quality of their customer experience.

 

In order to provide our users with a platform that connects interests, supply and demand in a local community, we collect personal data (data that can uniquely or indirectly identify an individual) from you.

 

Like most social and online shopping platforms, we collect from you the information that web browsers, mobile devices and customers typically provide, including browser type, IP address, unique device identifiers, language settings, access date and time, and operating system.

 

Your IP address allows us to determine the approximate location of your device. We collect and use this data for non-personalized statistical analysis, such as data about the number of platform visits from certain geographic areas.

 

If you grant us permission on your cell phone’s operating system, we may access certain data on your mobile devices through our mobile applications. For example, if you give us permission to access photos on your cell phone, you may access them through our mobile application when you post content to ooblee’s social network or when you post a new product to your ooblee online store. If you allow access to your camera, you can use it directly to take photos while posting content on our platform.

 

The legal basis for the processing of your personal data is the fulfillment of the contract with them according to Art. 6 para. 1 lit. b) or lit. f) DSGVO.

 

3.2  Data from users of the ooblee social network

 

When opening a new account on the ooblee shopping social network (ooblee end users), users enter personal information, including but not limited to their first and last name, city of residence, email address (which the user must verify via the link in the email), gender and shopping interests, and optionally their profile photo. ooblee highly respects the privacy of its users and, by default, wishes to collect a minimum of personal data from them in order to appropriately place content, communicate on the shopping social network or make purchases on the ooblee platform.

 

Users of the ooblee social network can post various content (photos, texts…) to the network through their user profile. The ooblee social network can be used in a way that is common for worldwide social networks – you can edit your user profile, post and share content, follow other users’ profiles and fol-low each other (friendships), etc.

 

The ooblee social network processes your profile data (username, profile photo, pictures…), your actions and relationships with other users (likes, profile follow, mutual follow, pins, group shopping…), as well as commentare according to the established terms of use of the ooblee platform.

 

ooblee has no interest in processing special categories of personal data. This includes data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for unique identification, health data, data concerning sexual life or sexual orientation. We will not ask for this data and ask you not to provide it to ooblee.

 

The legal basis for the processing of your personal data is the fulfillment of the contract with you according to Art. 6 para. 1 lit. b) DSGVO. For the personal data that is not necessary for the fulfillment of the contract when using the social network, the legal basis is your consent pursuant to Art. 6 para. 1 lit. a) DSGVO.

 

3.3 Business customer data

 

ooblee business customers are members of the ooblee social network who have opened an online store on our platform.

 

Upon initial registration of an ooblee business account, we collect information such as the business customer’s name and logo or profile picture, the name of the country in which the business operates, and contact information such as address, card location, phone number, and email address (verification of each business customer’s phone number and email address is required). To set up a business profile on our Platform, you must select up to two basic shopping categories in which you would like to offer products, and it is possible to select or enter additional page tags that can describe business areas to ensure better positioning in product searches and listings within our Platform and better visibility of published content to buyers interested in listings from those categories.

 

We collect the above information about business users in order to identify the company that wishes to do business on our platform and the responsible persons of that company, to collect contact information for communicating with business users, and to establish business relationships with them in accordance with the terms of use of the ooblee platform, this Privacy Notice, and the laws and regulations of the country in which the company registered on our platform operates.

 

In order to set up an online store for business customers, ooblee asks for information about the store name, description, location addresses, delivery service information (cities, delivery price list), contact information and store hours. We collect this information about our business customers’ outlets to make it available to end users or their potential customers. In order to implement the marketplace functionality and provide the business customers with the desired payment options, ooblee may exchange basic information about its business users who have previously registered on the ooblee platform and their responsible persons (name) via API communication with integrated systems of certified financial institutions and payment providers (name of the business user, email address and phone number, address, first and last name of the responsible person).

 

For opening new or linking existing accounts with certified financial institutions or payment providers, business users can use their existing business accounts with third parties whose integrated services they wish to use on the ooblee platform (e.g. PayPal, Stripe…) or enter the platform by opening a new user account. The usage and privacy policies of the respective providers apply.

 

ooblee may enter into a partnership with certain business users (ooblee business partners). For this purpose, ooblee collects additional information or personal data from the responsible persons. By entering into such a partnership, business users of ooblee may exchange additional information necessary for the functionality of the ooblee wallet with the ooblee platform in order to obtain relevant content for the ooblee platform and to support business users by creating attractive or exclusive offers for potential customers on the platform. This data includes records of financial incentives granted and used for doing business on the platform (top-up), money paid out (redemption), participation in shopping events, and revenue generated to evaluate the effectiveness of the current partnership. By participating in the ooblee Partnership Program, the Business Customers give their consent for the promotion of the realized partnership and the joint use of all the content created by the activities envisaged by this partnership (promotion of content and offers, dis-tribution of joint promotional materials and shopping events…) on the ooblee Platform and through other channels (social networks, newsletter communi-cations…), in accordance with the rights and obligations of the partnership arising from the Terms of Use of the ooblee Platform.

 

The legal basis for the processing of their personal data is the performance of the contract in accordance with Art. 6 (1) lit. b) DSGVO.

 

3.4  Data from customers

 

Customers are the ooblee users who already have an account on the ooblee social network and who place an order or make an online purchase on the ooblee platform via the ooblee mobile application for Android or iOS.

 

When the customer places the first order, if required for the delivery method, additional information is collected that is necessary for the implementation of the delivery method (delivery address, information about the payment method). For the online payment of a product, the customer can choose one of the offered online payment models on the ooblee marketplace provided by the business customer. If the credit card payment option is selected, the customer is prompted to enter his credit card data. This data is stored directly on third-party systems that provide a certified PCI DSS service for online pay-ment purposes on the ooblee marketplace platform.

 

Customers have information about their orders and online stores in their account, as well as opportunities for direct communication with the business user with whom they initiated the purchase. ooblee only establishes a communication channel between the end customer and the business user on its platform and has no visibility into these communications, unless these communications need to be shared with ooblee customer support to resolve a dispute (opened dispute).

 

In order to provide a high quality and personalized user experience, ooblee collects end-user purchase data to personalize content on the Platform, as well as for statistical and other analysis performed to improve the Platform and enhance the user experience.

 

The legal basis for the processing of their personal data is the fulfillment of the contract pursuant to Art. 6 para. 1 lit. b) DSGVO. With regard to data processing that goes beyond the purpose of fulfilling the contract, the legal basis is the protection of our legitimate interests pursuant to Art. 6 (1) (f) DSGVO.

 

Kunden sind die ooblee Nutzer, die bereits über ein Konto im sozialen Netzwerk ooblee verfügen und die über die mobile ooblee Anwendung für Android oder iOS eine Bestellung oder einen Online-Kauf auf der ooblee-Plattform tätigen.

 

4. Data processing on the ooblee website

 

Visitors to the ooblee website are Internet visitors who access the website through an official ooblee Internet domain (and who are not required to have any type of user account on the ooblee platform) or any of its subdomains to seek information, customer assistance, instructions on how to use the platform, as well as users who communicate with an ooblee customer service (web form, call center, chat…).

 

4.1 Data from visitors to the ooblee website

 

ooblee websites do not have a user registration system and their visitors do not need to have an ooblee account or provide their personal information to view content or contact ooblee customer service outside of the ooblee platform.

 

Non-personal and non-personally identifiable information is initially collected from visitors to the ooblee website about the location from which they are visiting the website (anonymized IP address), the type of operating system they are using, their browser, and the device from which they are accessing the website through cookies to obtain information about realized website traffic used by visitors as potential users of some ooblee services.

 

Cookies and similar technologies place information on the user’s terminal device when you visit a website or application that you have visited. Cookies enable a personalized experience when using the website or application, as they store your preferences (language, currency, have you been to a website before or are you there for the first time so you need some instructions for use…) and use them the next time you visit the same website to improve the user experience.

 

ooblee uses cookies on its websites to identify and track visitors, as well as to track and measure the effectiveness of some of our campaigns via email or to provide targeted advertising on the Internet.

 

ooblee informs users about the use of cookies on the ooblee websites and obtains user consent for cookies that are not necessary for their function (e.g., for analysis and branding purposes). The Platform can also be used without the use of cookies requiring consent, but with a lower quality of user experience.

 

The legal basis for the use of technically necessary cookies is Art. 6 para. 1 lit. f) DSGVO. With regard to the cookies used for analysis and marketing, the legal basis is your consent pursuant to Art. 6 para. 1 lit. a) DSGVO.

 

4.2 Data at Ooblee Customer Service

 

Users who initiate communication with ooblee’s technical support may be asked to provide additional information for communication, solely for the purpose of transmitting and improving the user experience on the platform or responding to user requests. The legal basis for the processing of their personal data is their consent pursuant to Art. 6 (1) a) DSGVO. With regard to data processing that goes beyond consent, the legal basis is the protection of our legitimate interests pursuant to Art. 6 para. 1 lit. f) DSGVO.

 

5. How long do we keep personal data?

 

The stored data is kept until the purpose of the processing ceases to apply or the parties terminate the cooperation and no statutory retention periods prevent deletion. These can range from two to ten years. Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§195 ff. of the German Civil Code (BGB), are usually 3 years, but in certain cases can be up to 30 years.

 

If the ooblee user initiates the permanent deletion of the account on the ooblee platform and it is not possible to do so at that time, the personal data will be retained on the ooblee platform until the conditions for its deletion are met.

 

6. How securely is your personal information stored?

 

ooblee uses best practices in security management and takes into account technical and administrative safeguards, information protection by its employees, and ongoing training and awareness of information security and personal data protection. Despite our efforts to protect our information system as much as possible and to assess and address all risks to the security of personal data in a timely manner, unfortunately, security on the Internet cannot be fully and 100% guaranteed to anyone, so ooblee cannot guarantee the absolute security of your personal data stored and processed on the ooblee platform.

 

7. Data transfer to third parties and processors

 

7.1  General information on data transfer

 

Due to the idea of targeting local communities and a business concept that is completely opposed to aggressive placement of targeted marketing or monitoring of user behavior on the Internet, ooblee completely excludes the possibility of sharing personal data for marketing purposes or sharing personal data with other companies for other purposes.

 

ooblee will disclose the personal data of its users to third parties solely for the purpose of providing services on the platform, to fulfill obligations arising from applicable laws and regulations, and to prevent fraud and illegal activities.

 

This includes information that providers need to provide us with their services, such as the provision of online payment services, in particular the processing of credit and debit card data transactions, fraud prevention advisory (AML) services, cloud hosting services, merchandise delivery, email, chat, analytics services, Internet domain registrations, and services that help us place and optimize our marketing activities.

 

In addition, ooblee user data may be shared with third parties in order to prevent, investigate and protect the ooblee platform, its employees, partners and users from possible illegal activities and activities that violate applicable laws.

 

The legal basis for the processing of personal data is the fulfillment of the contract between ooblee and the user pursuant to Art. 6 para. 1 lit. b) DSGVO.

 

7.2  When we may disclose the personal data of users of the social network ooblee?

 

ooblee is an processor for the online stores located on the platform. In doing so, ooblee collects and stores the personal data of the customer that the respective online store requires to process your order with it. The online store is controller in this relationship and there is a data processing relationship between the online store and ooblee within the meaning of Art. 28 DSGVO.

 

ooblee only passes on the user’s contact data (name and e-mail address) to financial institutions and payment providers for the purpose of processing a payment. Bank and card data are exclusively collected and processed by the payment service providers themselves. When activating payment options, only the services of financial institutions and payment providers with the appropriate PCI DSS (Payment Card Industry Data Security Standards) certificates are used, and users’ card data is stored exclusively in their systems. For a better user experience and easier and faster use, users’ card data can be displayed in the ooblee applications using tokenization technology (card data is stored on the PCI DSS servers of the integrated third-party providers while being accessed through a depersonalized token stored on the oob-lee platform).

 

7.3  When can we disclose the data of business customers?

 

ooblee may disclose the personal data of its business users to third parties in order to provide certain services for the operation of the business users’ online store, in the manner and under the conditions specified in the terms of use of the ooblee platform and in this privacy notice. Various third-party services are integrated on the ooblee platform in order to provide the functionalities required for the modern online business of the business users. These services include the selection of available online pay-ment methods and delivery services, the selection of which may vary depend-ing on the country in which the seller operates on the ooblee platform.

 

Basic data of registered business customers may be exchanged with selected third parties (business customer’s name, email address and phone number, address, first and last name of the responsible person) in order to connect to integrated online payment services or delivery via API communication. For these purposes, business customers may use their existing business accounts with third parties whose integrated services they wish to use on the ooblee platform, or enter the platform by opening a new user account, which may involve leaving company data or personal data of the responsible persons on external and certified portals of the third parties.

 

The legal basis for the processing of personal data is the fulfillment of the contract between ooblee and the business customer according to Art. 6 para. 1 lit. b) DSG-VO.

 

7.4 When else can we share data?

 

ooblee may also disclose the data of its users to third parties if this is necessary to comply with a legal requirement, to respond to valid judicial requests or orders, as well as to requests from government agencies dealing with national security or the enforcement of applicable laws.

 

The legal basis for processing personal data for the purpose of legal obligations is Article 6(1)(c) DSGVO.

 

Due to the idea of targeting local communities and a business concept that is completely opposed to aggressive placement of targeted marketing or monitoring of user behavior on the Internet, ooblee completely excludes the possibility of sharing personal data for marketing purposes or sharing personal data with other companies for other purposes.

 

8. Data transfer to third countries

 

The GDPR ensures an equally high level of data protection within the European Union. When selecting our service providers and cooperation partners, we therefore rely on European partners wherever possible if your personal data is to be processed. If this is not possible, we will have data processed outside the European Union or the European Economic Area in the context of using third-party services.

 

Data transfers to a third country will only take place if the special requirements of Art. 44 et seq. DSGVO are fulfilled. This means that your data may only be processed on the basis of special guarantees, such as the officially recognized determination by the EU Commission of a level of data protection that corresponds to the EU or the observance of officially recognized special contractual obligations, the so-called “standard contractual clauses”.

 

The ooblee platform and all related software solutions for testing and production are hosted by cloud providers that meet strict standards of information security and personal data protection. ooblee stores the personal data it collects from its users exclusively on its platform and within its information system, and due to its locally focused business model, personal data collected in one country’s market is not shared and exposed to platform services available in another country.

 

The data is processed directly by ooblee in data centers in Europe. In addition, companies are also involved that are either based in the USA or whose parent company is based in the USA. For all data, there may therefore be third-country contact. If the data is transferred to the USA or another country that does not have an equivalent level of data protection, or if there are ac-cess options from the USA, we would like to point out that there is a theoreti-cal risk that data may be processed by US authorities for control and monitor-ing purposes without the data subjects possibly having any legal remedies.

 

9. Data subject rights

 

In addition to our intention to make the handling of your personal data on our platform as transparent as possible through the text of this privacy notice, our users from the European Union have the following rights:
  1. Right to revoke your consent under data protection law pursuant to Art. 7 (3) p. 1 DSGVO

 

You may revoke your consent to the processing of your personal data at any time with effect for the future. However, the lawfulness of the processing carried out until the revocation is not affected by this.
  1. Right to information according to Art. 15 DSGVO

 

You have the right to request confirmation as to whether we are processing personal data relating to you. If this is the case, you have the right to information about this personal data as well as further information, e.g. the processing purposes, the categories of processors of personal data, the recipients and the planned duration of storage or the criteria for determining the duration.
  1. Right to rectification and completion according to Art. 16 DSGVO

 

You have the right to request the rectification of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.
  1. Right to erasure (“right to be forgotten”) according to Art. 17 DSGVO

 

You have a right to erasure insofar as the processing is not necessary. This is the case, for example, if your data is no longer necessary for the original purposes, you have revoked your declaration of consent under data protection law or the data was processed unlawfully.
  1. Right to restriction of processing according to Art. 18 DSGVO

 

You have a right to restriction of processing, e.g. if you believe that the personal data is incorrect.
  1. Right to data portability according to Art. 20 DSGVO

 

You have the right to receive the personal data concerning you in a structured, common and machine-readable format.
  1. Right to object according to Art. 21 DSGVO

 

You have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you.
  1. Automated decision in individual cases including profiling according to Art. 22 DSGVO

 

You have the right not to be subject to a decision based solely on automated processing – including profiling – except in the exceptional circum-stances mentioned in Article 22 of the GDPR. Decision-making based exclusively on automated processing – including profiling – does not take place.
  1. Complaint to a data protection supervisory authority pursuant to Art. 77 DSGVO

 

You may also lodge a complaint with a data protection supervisory authority at any time, for example if you are of the opinion that the data processing does not comply with data protection regulations.

 

10. Changes in the privacy policy

 

Our privacy policy may change from time to time. This also includes further developments due to changes in our business as well as adjustments due to a changed legal situation. Corresponding updates of the data protection declaration will be published by us on this page. In the event of significant changes, we will inform you accordingly.

ooblee

Lokalna shopping zajednica

© 2023 Sva prava zadržana

Linkedin-in Facebook-f Twitter Instagram Tiktok Youtube