Privacy Policy

This is the privacy policy (“Privacy Policy”) for any application or service owned or operated (collectively the “Platform”) provided by Blanq Labs BV, registered at the Dutch Chamber of Commerce with registration number 86844784, with its registered office address at Singel 542, Amsterdam 1017 AZ, The Netherlands (“our”, “we”, or “Blanq”). Blanq is the controller of your personal data collected through the Platform and we are committed to protecting and respecting your privacy.

1. Introduction

   
   

   This Privacy Policy explains who we are, why and how we process personal data collected through your use of the Platform and, if you are the subject of any of the personal data concerned, what rights you have and how to get in touch with us if you need to. When you supply any personal data to us we have legal obligations towards you in the way we use that data. We must collect the information fairly and explain to you how we will use it.

   
   

   It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice that we may provide at or around the time that we collect or process personal data about you so that you are fully aware of how and why we are using that data.

   
   

   This Privacy Policy supplements other notices and legal documents including the Terms of Service (“Terms”) and is not intended to override or replace them.

   
   

   If, for any reason, you do not agree to the terms of this Privacy Policy, please stop using the Platform.

   
   

   We reserve the right to revise or amend this Privacy Policy at any time to reflect changes to our business or changes in the law. Where these changes are significant we will endeavor to email all of our registered users to make sure that they are informed of such changes.

   
   

   Please note that the Platform is not intended for use by or directed at anyone under the age of 18 and we do not knowingly collect data relating to children. If you believe we have collected personal information about your child, you may contact us at [email protected] and request that we remove information about them.

   
   

2. What information we collect?

   1. What is personal data?

      Where this Privacy Policy refers to ‘personal data’ it is referring to data about you from which you could be identified – such as your name, your date of birth, or your contact details.

      
      

      By law all organizations who process your personal data in Europe and in the UK are obliged to process your personal data in certain ways and to ensure that you are given an appropriate amount of information about how they use it. You also have various rights to seek information from those organizations about how they are using your data, and to prevent them from processing it unlawfully. For more information about these rights, please see the ‘Your Rights’ section of this Privacy Policy.

      
      
   2. How and what types of data we collect from you when you use the Platform?

      When you use the Platform to register an account, fill in forms provided on the Platform, subscribe to our services (such as Blanq Guardian’) or report a problem with the Platform, we may collect, store and use certain personal information that you disclose to us.

      
      

      The information we collect from you may include (but is not limited to): your IP address, email address, telephone number, feedback and log-in information.

      
      

      We shall also collect information about you when you visit and interact with the Platform through the use of technologies such as cookies. The following are examples of information we may collect:

      
      
      • information about your device, browser or operating system * time zone setting * your IP address * information about interactions you have with the Platform (such as scrolling and clicks) * information about the way you use and the actions you take within the Platform * length of time on the Platform and time spent within certain sections * response times * download errors
      
      

      Please refer to your device’s help material to learn what controls you can use to remove cookies, block cookies, or disable IDFA tracking. If you do this, it may affect your use of our website or mobile application.

      
      

      We may also partner with third parties who may collect anonymous usage or statistical data through your use of the Platform (including, for example, sub-contractors in technical, payment and/or delivery services, business partners, advertising networks, analytics providers).

      
      

      We may also collect information about how you use the Platform through Google Play’s Android Advertising ID technology and Apple iOS’s Advertising Identifier. This is used only by us and our trusted third party service providers (see “Service Providers” section of this Privacy Policy) for advertising and user analytics. The advertising identifier will only be connected to personally identifiable information where you have provided us with your explicit consent. We will respect your user selections for this technology and will not use the data in any way which you have asked us not to. We are committed to abiding by Google and Apple’s terms of use and you may contact us (at [email protected]), Google or Apple directly if you have any questions regarding our use of this technology.

      
      
   3. Updating your information

      If you want to update the information you have previously given to us, you can contact us at [email protected].

3. How and why we use/share your information?
   1. Lawful basis for processing your information

      We will only use your personal data when the law allows us to. Most commonly we will use your personal data in any of the following circumstances:

      
      
      • Where you have asked us to do so, or consented to us doing so. * Where we need to do so in order to perform a contract we have entered into with you. * Where it is necessary for our legitimate interests (or those of a third party) and your fundamental rights do not override those interests * Where we need to comply with a legal or regulatory obligation
      
      
   2. Marketing

      You will receive marketing messages from us if you have given us your consent to do so or if you have provided feedback on our Platform and have not opted out of receiving marketing messages (and it is within our legal rights, when balanced against your rights and freedoms as an individual, to serve you with marketing).

      
      

      To unsubscribe from marketing emails at any time, please click on the unsubscribe link at the bottom of any marketing email and update your account preferences. You may also contact us to inform us if you do not wish to receive any marketing materials from us.

      
      
   3. Sharing your information

      Depending on how and why you provide us with your personal data, we may share it in any of the following ways:

      
      
      • Where you have asked us to do so, or consented to us doing so. * We may share your personal information with any member of our group where there is a valid and lawful reason to do so, which means our subsidiaries, our ultimate holding company and its subsidiaries. * With selected third parties including business partners, suppliers and subcontractors for the performance of any contract we enter into with them or you (see “Service Providers” section of this Privacy Policy) * With analytics that assist us in the improvement and optimisation of the Platform.
      
      

      We may also disclose your personal information to third parties in any of the following events:

      
      
      • If we were to sell or buy any business or assets, in which case we might disclose your personal information to the prospective seller or buyer of such business or assets. * If Blanq or substantially all of its assets are acquired by a third party, in which case personal information held by us about our customers will be one of the transferred assets. * If we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply the Terms; or to protect the rights, property, or safety of our company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
      
      
   4. Service Providers

      Our service providers provide us with a variety of administrative, statistical, and technical services. We will only provide service providers with the minimum amount of personal data they need to fulfill the services we request, and we stipulate that they protect this information and do not use it for any other purpose. We take these relationships seriously and oblige all of our data processors to sign contracts with us that clearly set out their commitment to respecting individual rights, and their commitments to assisting us to help you exercise your rights as a data subject. Our third party service providers currently include: Amazon Web Services, Google Analytics, Plausible, Messagebird, Stripe, and Firebase.

      
      

      Our use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy , including the Limited Use requirements.

      
      
   5. Other Disclosures

      During your use of the Platform, your app store provider, mobile network operator, third party APIs or others may also collect personal information about you regarding your use of the Platform such as your identity, your usage and location.

      
      

      These third parties shall act as separate and independent controllers of that personal data and shall process it in accordance with their own privacy policy.

      
      
   6. Links to third party sites

      The Platform may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. We may also provide links to third party websites that are not affiliated with the Platform. Third party websites are out of our control and are not covered by this Privacy Policy. If you access third party sites using the links provided, the operators of these sites may collect information from you that could be used by them, in accordance with their own privacy policies. Please check these policies before you submit any personal data to those websites.

4. Security

   Blanq takes the protection of your information very seriously. We have put in place appropriate physical, electronic and managerial security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed, including use of secure servers, passwords and industry standard encryption for data both in transit and at rest (for data in transit we use up-to-date versions of SSL and for data at rest we use AES-256).

   
   

   Where we have given you a password that enables you to access certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

   
   

   In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

   
   

   We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

5. How long we keep your information?

   We only keep your data for the time necessary to fulfill the purpose of collection. We are able to store personal data for longer periods with a valid legal ground, or when the data is sufficiently (for example) pseudonymised or anonymised.

6. International data transfers

   Please note that some of our service providers may be based outside of the European Economic Area (the “EEA”) and the United Kingdom ("UK"). These service providers may work for us or for one of our suppliers and may be engaged in, among other things, the fulfillment of your request for information, products and services, the processing of your payment details and the provision of support services.

   
   

   Where we transfer your data to a service provider that is outside of the EEA and/or the UK we seek to ensure that appropriate safeguards are in place to make sure that your personal data is held securely and that your rights as a data subject are upheld. Transfers of personal data are either made:

   
   
   • to a country recognised by the European Commission and/or the UK Secretary of State as providing an adequate level of protection; or * to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission, the UK International Data Transfer clauses or by implementing other appropriate cross-border transfer solutions to provide adequate protection.
   
   

   By submitting your personal information, you agree to this transfer, storing or processing. If you would like more information about the mechanism via which your personal data is transferred please contact [email protected].

7. Your rights

   As a data subject you have a number of rights in relation to your personal data. Below, we have described the various rights that you have as well as how you can exercise them.

   
   
   1. You have the right to be informed (article 13 GDPR)

   We provide you with the necessary information regarding the collection and usage of your personal data. We do this by means of this Privacy Statement.

   
   
   2. You have the right to access the personal data we hold about you (article 15(1) GDPR)

   If you file a data access request, we will provide you with a copy of all the personal data we have collected about you. You also have the right to receive this information in a way that is structured, commonly used and machine-readable.

   
   
   3. You may request that we delete your personal data (article 17(1) GDPR)

   We will delete the personal data we have collected about you. We will only delete your data if you are no longer an active user with us. Furthermore, Dutch law requires us to keep certain information for up to 10 years.

   
   
   4. You may request that we rectify incorrect or incomplete information about you (article 16(1) GDPR)

   If you spot anything in your personal information that is either incorrect or incomplete, let us know! We will change it as soon as possible.

   
   
   5. You may object to the processing of your personal data by us (article 21(1) GDPR)

   We process certain data on the basis of legitimate interest. In this case, you can object to the processing.

   We will consider your request and determine whether we have an overriding reason to process the data you’re objecting to. If this is the case, we will refuse your request.

   
   
   6. You may ask us to restrict the processing of your personal data (article 18 GDPR)

   Restriction of processing means that we will temporarily suspend processing of your personal data. You can ask us to do so if:

   • you contest the accuracy of the information; * our processing is unlawful but you don’t want us to delete the data; * our processing is unlawful, but you need us to maintain the information in connection to a legal claim; or * you have objected to the processing and we’re evaluating your request.
   
   
   7. You also have the right not to be subject to a decision that was made solely on the basis of automated processing, including profiling, which produces legal effects that concern you or that similarly significantly affect you (Article 22 GDPR)
   
   

   Furthermore, you may lodge a complaint with the data protection supervisory authority responsible for you (in the member state where you commonly reside, where your place of work is located or where the alleged infringement took place) in accordance with Article 77 of the GDPR if you are of the opinion that the processing of your personal data violates the GDPR.

8. Contact details

   If you have any queries regarding this Privacy Policy, if you wish to exercise any of your rights set out above or if you think that the Privacy Policy has not been followed, please contact us by emailing at [email protected].

   
   

   In case you disagree with the handling of your complaint, you are able to file a complaint at the Autoriteit Persoonsgegevens.