Privacy Policy

Effective date: October 27th, 2020

Your privacy is important to Humby (Humby GmbH) ("Humby", "we", "us" or "our"). This Privacy Policy covers what we collect and how we use, disclose, transfer, and store your information when you visit our website. In GDPR terms, this means we are the controller. For additional policies that may apply when you use us as a processor instead, please check the Terms and Conditions.

This Privacy Policy applies to the humby.io and hum.by websites, including all subpages, subdomains, and successor pages (collectively referred to as the “Website”). It also applies to all software and services that we offer, including services that we offer through our Website when you register for a Humby account (collectively referred to as the “Application Services”). By using our Website or Application Services, you are accepting the practices described in this Policy.


Contact

Data controller is

Humby GmbH
Pappelallee 78/79
10437 Berlin

Email: privacy@humby.io

Represented by: Niels Madan, Georg Bremer

Entry in commercial registry.
Register court: Amtsgericht Charlottenburg
Register number: HRB 221648 B


What kind of information do we collect?

We may collect information in three ways.

Visitor data

If you do nothing during your visit but browse through the website, read pages, or download information, we will gather and store certain information about your visit automatically. This information is anonymized and does not identify you personally. You may think of the following.

Account data

When you register for an account on our site or otherwise voluntarily provide the information to us, we may collect the following data.

System Generated Data

The Application Services automatically create and store metadata on basis of the other types of data, e.g.:

What do we use your information for?

Any of the information we collect from you may be used for one or more of the following purposes.

The emails we send may contain:

We agree to the following:

How do we protect your information?

Humby implements the following technical, physical, and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access, and against all other unlawful forms of processing.

Availability

The Application Services utilize the extensive features of the cloud environment to ensure high availability, like full redundancy, load balancing, automatic capacity scaling, continuous data backup and geo-replication along with a traffic manager for automatic geographical failover on datacenter level disasters. All failover mechanisms are fully automated.

Integrity

To ensure integrity, all data transits are encrypted to align with best practices for protecting confidentiality and data integrity. E.g. all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider’s database only to be accessible by those who are authorized to access such systems and who are required to keep the information confidential.

Confidentiality

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.

Transparency

Humby will at all times keep you informed about changes to the processes to protect data privacy and security, including practices and policies.

Monitoring

We do not use vulnerability scanning and/or scanning to PCI standards. An external PCI compliant payment gateway handles all payment transactions. We use regular Malware Scanning.

Compromise of Personal Information

In the event that personal information is compromised as a breach of security, Humby will promptly notify our customers in compliance with applicable law.

Cookies and other tracking technologies

We use cookies and other tracking technologies to improve your experience, personalize content and ads, and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. By continuing to use our website you consent to this practice.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your consent. You can set your browser to notify you before you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies; however, if you do this, some or all of our Website may not work properly. Your cookie consent applies to the following domains:

You can at any time change or withdraw your consent by sending an email to our Data Privacy Officer.

Types of cookies

Essential

These cookies are necessary to provide you with services available through Humby websites and to use some of its features, like access to secure areas of the website. Without this data, most of our Service will not not be available.

These may include 3rd party cookies which are solely used to provide you with our service.

Preferences

These cookies are used to store your settings like preferred language or chosen input devices. If you block these in your browser, various functions of our Service may not work as expected.

Statistics

These cookies help us understand how visitors interact with Humby websites. Most of the information that these cookies collect is aggregated and therefore anonymous, although for users of our Service this can be related to their accounts for support and debugging purposes.

These may include 3rd party cookies from companies which use the data collected for different purposes than mentioned in this document. You will be prompted explicitly to give your consent.

You may also disable any of these cookies via your browser settings. If you do so, we will only be able to provide very limited support and you will not contribute to improve our Service.


Disclosure of information to outside parties

Humby does not sell, trade or otherwise transfer to outside parties any personally identifiable information. This does not include trusted third parties, affiliates, or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.

Some 3rd parties may use your data for additional processing, for example Google Analytics. In these cases we will only share your data with your explicit consent.

We may share your personally identifiable information with third parties, affiliates, or subcontractors to assist us in providing you with the Humby service. The types of service may include

We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety. Furthermore, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

In addition, in the event of a merger, acquisition, re-organization, bankruptcy, or other similar events, any information in our possession may be transferred to our successor or assignee.

Legally required disclosure

Humby will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Humby, Humby strives to limit the disclosure. Humby will only release specific data mandated by the relevant legal demand. If compelled to disclose your data, Humby will promptly notify you and provide a copy of the demand, provided we are not legally prohibited from doing so.

Where do we store the information?

Personal data will be stored or backed up primarily in the European Union. However, sub processors may provide access to your personal data to entities outside of the European Union. Humby aims for all sub processors uphold European Privacy laws and treat your personal information with the same standards as put forth within this Privacy Agreement

Access, data portability, migration, and transfer back assistance

You may at any time obtain confirmation from Humby as to whether or not personal data concerning you are being processed. You may at any time order a complete data copy, which you may transmit to another controller of the data. Your data will be delivered within 20 working days by Humby in machine-readable form. Logical relations between datasets will be preserved in the form of unique identifiers.

Request for rectification, restriction or deletion of the personal data

For any inquiries regarding your personal data, please reach out to us.

Rectification

You may at any time obtain without undue delay rectification of inaccurate personal data concerning you.

Restriction of processing personal data

You may at any time request Humby to restrict the processing of personal data if any of the following applies.

Deletion

You may without undue delay request the erasure of personal data concerning you, and Humby shall erase the personal data without delay if one of the following situations applies.

Data retention

If you do not have created an account on our Service, your data will usually be deleted after 1 Month of inactivity.

If you have an account, your data will be stored until you delete your account.

If you have purchased a service or signed a contract with us, due to tax regulations, your Account Data will be retained for up to five full fiscal years from your cancellation of your Application Services account.

Data retention for compliance with legal requirements

You cannot require Humby to change any of the default retention periods, except for the reasons for erasure pursuant to clause 9.3, but may suggest changes for compliance with specific sector laws and regulations.

Data restitution and/or deletion

No data except Account Data will be retained after the termination of the contract. You may request a data copy before termination. You must not cancel the Application Services account until the data copy has been delivered, as Humby otherwise will not be able to deliver the data copy.

Cooperation

Humby will cooperate with you in order to ensure compliance with applicable data protection provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.

Third-party links

Our website has links to the websites of other organizations. Once you visit another site, you are subject to the privacy policy of the new site.

Use of this Website by minors

Humby is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website, products and services are all directed at people who are at least 18 years old or older.

Terms of Service

Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of our website. Your Consent By using our site, you consent to this Privacy Policy.

Changes to our Privacy Policy

If we decide to change our Privacy Policy, we will post those changes on this page.

Complaint

You may at any time lodge a complaint with a supervisory authority regarding Humby’s collection and processing of your personal data.