Need support or have a question?

Privacy Policy

1. General Information on Data Processing

This privacy policy describes the collection and use of personal data in connection with the use of our website humblytics.com ("Website") and our web application app.humblytics.com ("web app") in accordance with the requirements of the General Data Protection Regulation ("GDPR"). Processing activities that are not covered by this privacy policy may be supplemented by further privacy policies that must be noted separately.

1.1 Person Responsible

Responsible person in the sense of the GDPR is

Humblytics

14985427 CANADA INC.

("humblytics"/"we"/"us")

19 Bathurst Street,

Toronto, Ontario, M5V 0N2,

Canada

1.2 Data Protection

If you have any questions about the collection, processing, or use of your personal data, or if you wish to exercise your rights under data protection law, please contact us by email at:

support@humblytics.com

1.3 Affected Party Rights and Supervisory Authority

You may exercise the following rights:

Right of access by the data subject (Art. 15 GDPR),

Right to rectification (Art. 16 GDPR),

Right to erasure ('right to be forgotten', Art. 17 GDPR),

Right to restriction of processing (Art. 18 GDPR),

Right to data portability (Art. 20 GDPR),

Right to object (Art. 21 GDPR),

If we process your data on the basis of your consent, you have the right to revoke your consent at any time with effect for the future (Art. 7 para. 3 GDPR).

To exercise your rights, you can contact us by e-mail at support@humblytics.com.

Please note that in this case we will need to verify your identity and therefore identify you by appropriate means. The processing of your request and the identification of your person is based on Art. 6 para. 1 lit. c GDPR.

You may at any time pursuant to Art. 77 GDPR, file a complaint with a supervisory authority, e.g. with the competent supervisory authority of the federal state in which you reside or with the authority responsible for us.

1.4 Processing of Data, Purpose and Legal Basis

We process your personal data in accordance with the provisions of the GDPR and other applicable data protection laws.

In particular, your data will be processed on the basis of the following legal grounds:

Art. 6 para. 1 lit. a GDPR - your consent,

Art. 6 para. 1 lit. b GDPR - contract performance or pre-contractual measures,

Art. 6 para. 1 lit. c GDPR - fulfillment of a legal obligation,

Art. 6 para. 1 lit. e GDPR - public interest or exercise of official authority,

Art. 6 para. 1 lit. f GDPR - legitimate interests.

Several legal bases may apply to a single processing activity. You will receive further information in the context of the several processing activities mentioned below.

1.5 Retention Period

We will take all reasonable steps to ensure that your personal data is processed only for the period required by the purpose of processing in each case. If the retention period is not specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for retention ceases to apply. Personal data will not be deleted if retention is required by law, for example under tax law. Furthermore, we may store your personal data until the expiry of the statutory limitation periods (usually 3 years; in individual cases, however, up to 10 years or longer), provided that this is necessary for the assertion, exercise or defense of legal claims.

1.6 Data Security

To protect the security of your data during transmission, we use technical and organizational security measures, in particular the encryption of our website to prevent unauthorized access by third parties. Our security measures are continuously improved and adapted according to technological developments.

1.7 Transmission to Service Providers

We use service providers for the provision of our offers. These service providers act only according to our instructions and are contractually obligated to comply with the provisions of Art. 28 GDPR.

1.8 Data Transfer to Third Countries

Unless otherwise stated below, your data will not be transferred to a third country outside the European Union. Your personal data will only be transferred to third countries if the requirements of Art. 44-49 GDPR are met (this includes in particular the conclusion of the standard contractual clauses adopted by the EU Commission, binding corporate rules and adequacy decisions by the EU Commission).

1.9 No Obligation to Provide Data/No Profiling

There is no legal or contractual obligation to provide us with data. However, some services can only be provided if the necessary data is provided by you. Your personal data will not be used for automated individual decision-making including profiling.

2. Website

Our website offers different areas with different functionalities for the visitor, which are described in more detail below.

2.1 Server Log Files

Nature and purpose of data processing:

When you access our website, information of a general nature is automatically collected. This information, known as server log files, includes: IP address, name of access provider, browser type, browser software version and browser language, operating system, date and time of access, content of access, amount of data transferred, access status (successful transfer/error), website(s) to which access was redirected, websites visited.

The processing is carried out for the following purposes: to ensure a connection to the website without malfunctions, to ensure seamless use of our website, to evaluate the system security and stability.

Legal basis:

The processing is carried out pursuant to Art. 6 para. 1 lit. f GDPR based on our legitimate interest in hosting the website and as well as improving and monitor the security, stability and functionality of the website.

Recipient:

The recipient of the data is a technical service provider responsible for the operation and maintenance of our website. As a processor, the service provider is obliged to process the data only within the scope of our instructions.

Retention period:

The server log files are deleted after 14 days at the latest.

2.2 Newsletter

Nature and purpose of data processing

You have the option to subscribe to an email newsletter that includes information on product updates, upgrades, tariff options, additional features, and other news. In addition, we may send newsletters with purely informational content, such as version changes, security aspects, and legal information, for the purpose of keeping you informed. For this purpose, we need to process your email address. This data is processed in order to send you this information.

Legal basis:

The processing is based on your consent (Art. 6 para. 1 lit. a GDPR) or, where the information is necessary for the performance of the contract (Art. 6 para. 1 lit. b GDPR).

Right to withdraw consent:

You have the right to withdraw your consent at any time and thereby object to the use of your data with effect for the future (e.g., by clicking the unsubscribe link in one of our newsletters).

Recipients:

The recipient of the data is a technical service provider. As a processor, the service provider is contractually obliged to process the data only in accordance with our instructions.

Data transfers to third countries:

Data is generally processed within the EU. Any transfer to a third country will only take place where appropriate safeguards are implemented to ensure an adequate level of data protection, such as an adequacy decision by the European Commission or Standard Contractual Clauses approved by the European Commission.

Retention period:

We process your data until you unsubscribe from our newsletter, withdraw your consent, or request us to delete the data within 30 days. The data used for newsletters that are sent on the basis of an existing contract will no longer be used for this type of processing once the contractual relationship has ended.

2.3 Contact Form

Nature and purpose of processing:

In order to provide you with the best possible support when using our services, we offer you the option to contact us via contact form, email, through the support banner, our FAQ or via social media. In this context, we may process your IP address, email address, name, and the content of your inquiry.

Legal basis:

The data is processed for the performance of pre-contractual measures (Art. 6 para. 1 lit. b GDPR). In addition, the processing is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in providing our customers with straightforward customer service.

Recipient:

The recipient of the data is a technical service provider. As a processor, the service provider is obligated to process the data only in accordance with our instructions.

Data transfer to third countries:

Data is generally processed within the EU. Any transfer to a third country will only take place where appropriate safeguards are implemented to ensure an adequate level of data protection, such as an adequacy decision by the European Commission or Standard Contractual Clauses approved by the European Commission.

Retention period:

The data will be deleted once it is no longer required. The necessity of retention is reviewed at regular intervals.

2.4 Website Analytics

Nature and purpose of data processing:

This website uses our own privacy-friendly analytics technology to analyze general usage patterns and improve the functionality, security, and user experience of our website. Reports are generated on site activity without identifying individual users. We do not set cookies or use local storage identifiers. Instead, anonymization takes place via a one-way hash of IP addresses and device characteristics, with raw IP addresses being discarded immediately. The data is not used to create user profiles, nor is it shared with third parties.

Legal basis:

The processing is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in understanding how our website is used.

Recipients:

Generally, data is processed by us. Only for specific services, such as hosting, do we rely on processors who act strictly on our instructions. These processors are located within the EU and are bound by contract to comply with applicable data protection laws.

Retention period:

Raw IP addresses are discarded immediately after anonymization and are not stored. The anonymized data is retained only for as long as necessary to analyze usage patterns and improve the functionality, security, and user experience of our website.

3. Processing in Connection with the Web Application

You may register for our web application. In this context, your data will be processed as follows:

3.1 Processing, Purpose, Legal Basis and Retention Period

Account and authentication data:

For the use of our web application, we process account and authentication data (name, e-mail address, login credentials) for the purpose of providing the service and customer dashboards (Art. 6 para. 1 lit. b GDPR). The data is stored for the duration of the contractual relationship, until the expiry of the regular statutory limitation period or, where required, for the applicable statutory retention periods thereafter.

Anonymized analytics data:

For the purpose of operating and improving our services, usage data is anonymized at the earliest possible stage and the anonymized data is used for analysis. The legal basis for the anonymisation is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, namely to ensure the functionality, stability and optimisation of our services. Personal data is not stored; it is immediately anonymized and therefore deleted in its identifiable form.

Email marketing and automated reports:

For the purpose of providing our services, we send necessary e-mails such as registration confirmations, password resets, billing information or contractual reports. This processing involves your email address and name and is based on Art. 6 para. 1 lit. b GDPR (performance of a contract). In addition, we may use your contact details to inform you about updates, new features or similar information in order to foster customer engagement. This processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Personal data is stored for as long as you maintain your account or unless statutory retention periods apply.

Internal admin dashboard data:

For the purpose of customer support, debugging and service improvement, we process internal admin dashboard data (such as account status, usage records and error logs). The legal basis is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, namely to ensure the proper functioning, security and optimisation of our services. Data is retained while the account is active and may also be stored until the expiry of the regular statutory limitation period.

Payment and subscription data:

For the purpose of processing payments and managing subscriptions, we process payment and subscription data (such as billing address, payment details, subscription status and transaction records). The legal basis is Art. 6 para. 1 lit. b GDPR (performance of a contract). In addition, certain data may be retained to comply with statutory accounting and tax retention requirements. Data are stored for the duration of the contractual relationship, until the expiry of the regular statutory limitation period or, where required, for the applicable statutory retention periods thereafter.

Support data:

For the purpose of processing support requests and providing customer service, we process support data (such as name, e-mail address, account information and the content of your request). The legal basis is Art. 6 para. 1 lit. b GDPR (performance of a contract), insofar as the request relates to the fulfilment of contractual obligations, and Art. 6 para. 1 lit. f GDPR (legitimate interest) in all other cases, namely our interest in responding to inquiries and improving our services. Data are stored for the duration of the contractual relationship, until the expiry of the regular statutory limitation period or, where required, for the applicable statutory retention periods thereafter.

3.2 Recipients and Location of Processing

All personal data are generally processed within the European Union. Recipients are service providers acting as data processors on our behalf. With all such processors, data processing agreements (DPAs) have been concluded in accordance with Art. 28 GDPR. Should a transfer to a third country occur, it will only take place if adequate safeguards are in place to ensure an appropriate level of data protection, such as an adequacy decision by the European Commission or Standard Contractual Clauses approved by the European Commission.

4. Data Processing on Our Social Media Pages

Our social media pages allow us to communicate with you and provide you with interesting information. Through your comments, shared images, messages and reactions, we may receive further data from you, which we process to communicate with you. If you use social media on multiple devices, data may be analyzed across devices.

In addition, social media site providers may also use cookies and tracking technologies to analyze and improve their services.

We operate pages on the following social media channels:

X: X Internet Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, see also: https://x.com/en/privacy

LinkedIn: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, see also: https://www.linkedin.com/legal/privacy-policy

YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, see also: https://policies.google.com/privacy

When you visit our social media pages, data is processed both by us and by the respective social media provider as the responsible party.

The respective social media provider assumes the data protection obligations towards you as a user, such as providing information about data processing, and is the contact for your rights. This results from the fact that such a provider has direct access to the relevant information on the social media site and the processing of your data.

Data processing is carried out with your consent or for the purpose of responding to your inquiry (Art. 6 para. 1 lit. a, b GDPR) or on the basis of legitimate interest in improving services and external presentation (Art. 6 para. 1 lit. f GDPR).

When using these social media plattforms, the data may also be processed outside the EU.

5. Changes to the Privacy Policy

We reserve the right to adapt this privacy policy so that it always complies with the current legal requirements or to make changes in our privacy policy concerning our offers. This privacy policy was created by simpliant.eu.