Privacy Notice

Last updated:  09 Mai 2023


The SMC NetZero is an exchange platform for the achieving NET-ZERO through innovation in small and medium-sized cities. To provide our services effectively and improve your experience, we collect and use your personal data. As a responsible entity, we are strongly committed to protecting your privacy.

This privacy policy explains how our entity uses the personal data we collect from you when you use our website and services and when also covers the personal data you share with us for any purpose. It describes our policies and procedures on the collection, use and disclosure of your information.

By using our Services and/or creating an account with us, you agree to the collection and use of information in accordance with this Privacy Notice.

We periodically update this Privacy Policy. We will post any privacy policy changes on this page.

 

 

1.  Key Terms

The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

For the purposes of this Privacy Notice:

·      Organisation (referred to as either “organisation”, “we”, “us” or “our” in this Agreement) refers to BABLE GmbH.

·      Provider refers to BABLE GmbH who is responsible for development and technical maintenance of the platform.

·      Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.

·      Country refers to: Germany (and if legally necessary e.g. due to conflicting regional laws, to the state Baden-Württemberg)

·      Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.

·      Personal Data is any information that relates to an identified or identifiable individual. It does not include anonymised or aggregated data that can no longer be used to identify a specific person, whether in combination with other information or otherwise.

·      Service refers to the Website, Tools, Applications, Newsletter and any other service offered by the Company.

·      Third-party Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.

·      Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.

·      Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

·      Website refers to SMCNetZero, accessible from  https://smcnetzero.eu .

·      you and your means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

 

2.  What data do we collect?

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. If you are 16 years of age or younger, you need permission from a legal guardian to be part of our community.

The personal information we collect includes the following:

1.  Personal Data

We collect the following personally identifiable information provided by you while registering for and using our Services:

Mandatory

·      Email address

·      First name and last name

Optional

·      Telephone Number

·      Address, State, Province, ZIP/Postal code, City

·      Link to Social Media Channels 

2.  Usage Data

Usage Data is collected automatically when using the Service. This includes: information such as your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, device type, ID for listing, geo-location information and other diagnostic data.

Mobile Device: When you access the Service by or through a mobile Device, we collect certain information automatically. This includes, but is not limited to: the type of mobile device you use, your mobile device unique ID, geo-location information, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Browser Data: We also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device. This includes: computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, and your IP address.

3.  Cookies and Tracking Technologies

We use cookies on this website and our other Services, for the following purposes:

·      To enable you to use and access the SMCNetZero.

·      To enable, facilitate and streamline the functioning of and your access to the Platform.

·      To better understand how you navigate through and interact with the SMCNetZero Platform and to improve the Platform accordingly.

·      To show you content that is more relevant to you.

·      To monitor and analyse the performance, operation, and effectiveness of the Platform and its advertisements.

·      To enforce legal agreements that govern use of the Platform.

·      For fraud detection and prevention, and investigations.

·      For purposes of our own user support, analytics, research, product development, and regulatory compliance.

Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse Our Service. The technologies we use include:


·      Cookies or Browser Cookies:

A Cookie is a small file placed on your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. If you have not adjusted your browser setting to refuse Cookies, our Service may use Cookies.

·      Web Beacons. 

Certain sections of our Service (including our Newsletter) contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the BABLE GmbH, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device after you go offline, while Session Cookies are deleted as soon as you close your web browser. We use both Session and Persistent Cookies for the purposes set out below:

·      Necessary / Essential Cookies

Type: Session Cookies

Administered by: Provider

Purpose: These Cookies are essential to provide you with services available through the Website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.

·      Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies

Administered by: Provider

Purpose: These Cookies identify if users have accepted the use of Cookies on the Website.

·      Functionality Cookies

Type: Persistent Cookies

Administered by: Provider

Purpose: These Cookies allow us to remember choices you make when you use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the Website.

·      Matomo Cookies

We use Matomo to analyse the use of this Website. Matomo generates statistical and other information about Website use by means of Cookies, which are stored on users’ computers. The information generated relating to our Website is used to create reports about the use of the website. We store and use this information safety on our system.

Matomo is processing the following personal data:

–      Cookies

–      IP address

–      User ID

–      Custom Dimensions

–      Custom Variables

–      Order ID

–      Location of the user

–      Date and time

–      Title of the page being viewed

–      URL of the page being viewed

–      URL of the page that was viewed prior to the current page

–      Screen resolution

–      Time in local timezone

–      Files that were clicked and downloaded

–      Link clicks to an outside domain

–      Pages generation time

–      Country, region, city

–      Main Language of the browser

–      User Agent of the browser


·       Smush

We use Smush to compress and optimise images to increase site performance. Smush sends images to the WPMU DEV servers to optimise them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.

Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s Privacy Policy can be found here.

Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.


·       Hummingbird

We use Hummingbird to make the website faster. Hummingbird uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.


·       hCaptcha

We use the hCaptcha anti-bot service (hereinafter “hCaptcha”) on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation (“IMI”). hCaptcha is used to check whether the data entered on our website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the “invisible mode” may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Art. 6(1)(f) of the GDPR (DSGVO): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a “data processor” acting on behalf of its customers as defined under the GDPR, and a “service provider” for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha and IMI’s privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms.

 

3. How do we use your data?

We use the personal information we collect to:

·     To provide and maintain our Service, by monitoring the usage of our Service.

·     To provide you with personalised advertising and marketing content such as news, special offers and general information about other goods, services and events which we offer that are similar to those that you already use or have enquired about.

·     To send you our information mailings, such as our newsletter. As highlighted in our Terms and Conditions, once you sign up for our platform, we automatically add you to our mailing list, which is sent via Mailchimp. You can unsubscribe at any time. Only your first name, last name, employer and e-mail address are sent to Mailchimp.

·     To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services. Also, to notify you regarding your account, to troubleshoot problems with your account, to resolve a technical problem, to poll your opinions through surveys or questionnaires, or as otherwise necessary to provide you with customer service

·     For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services you have used or of any other contract with us through the Service.

·     For other purposes: we may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.

 

4. Who do we share your data with?

We may disclose your personal information to employees of the Organisation, the Provider or to third party Service Providers. We do this to provide you access to our Services; to comply with our legal obligations; to facilitate our marketing and advertising activities; to prevent, detect, mitigate or to investigate fraudulent or illegal activities related to our Service. We minimise the amount of personal information we disclose to what is directly relevant and necessary to accomplish the specified purpose. We do not disclose your personal information to third parties for their marketing and advertising purposes without your explicit consent.

We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

We may disclose your personal information to the following parties and for the following purposes:

1.  Technology Provider

BABLE GmbH, as technology provider and responsible company for developing, hosting and maintaining the Platform, has access to all data on the platform with the main purpose of ensuring effective functioning of the platform. The data is essential to maintain the Services in operation and constant improvement.

Your information, including Personal Data, is processed at the Provider’s operating offices and in any other places where the parties involved in the processing are located. This information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Link to BABLE’s Privacy Policy: https://www.bable-smartcities.eu/privacy-notice

 

2.  Service Providers and financial institutions partners

Third party service providers may also be provided with your Personal Data. These are organisations who help us to provide our Service and assist us in providing customised advertising. These are also organisations who assist us with the prevention, detection, mitigation and investigation of potentially illegal acts as well as with violations of our Terms and Conditions, fraud and/or security breaches, bill collection, affiliate and rewards programs, co-branded credit cards and other business operations.

We use the following external services:

1.   Hubspot for customer relationship management

a.   Data Shared: First Name and Last Name, E-Mail, Phone No., Position

b.   Hubspot’s Privacy Policy: https://legal.hubspot.com/privacy-policy


2.   MailChimp for sending and tracking our bi-weekly newsletter

a.   Data Shared: First Name, Last Name and E-Mail

b.   MailChimps Privacy Policy: https://mailchimp.com/legal/privacy/


3.   Microsoft Office 365 Suite for our day-to day business activities including Outlook for E-Mail, and Sharepoint and One Drive for Storage.

a.   Data Shared: First name, Last Name, E-Mail and Phone No.

Microsoft’s Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement


3.  Law enforcement, legal proceedings, and as authorized by law

We may release your Data:

·      to comply with our legal requirements, respond to claims that a listing or other content violates the rights of others or protect anyone’s rights, property or safety.

·      to law enforcement or governmental agencies, or authorized third-parties, in response to a verified request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User ID history, IP address, fraud complaints, or bidding and listing history.

·      to third parties involved in a legal proceeding, if they provide us with a subpoena, court order or substantially similar legal procedure, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity.

 

4.  Change of Ownership

If we were to merge with, be acquired by another organisation, have a change in our ownership structure, type legal entity or settle legally in a different country, we may share information with the involved stakeholders in accordance with our global privacy standards. Should such an event occur, we will require that the new (combined) entity follow this Privacy Notice with respect to your personal information. If your personal information is collected, used, disclosed, or retained for any purposes not covered in this Privacy Notice, you will receive prior notification of the processing of your personal information for the new purposes.


5. How do we store Your data?

We store your personal data in secure and dedicated servers in Germany.

In addition, your data is stored in the servers of our Service Providers including but not limited to: MailChimp, Hubspot, , Microsoft, BABLE and NetzDesign.


6. How long do we keep your data?

The Organisation and the Provider will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes or enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Log files are stored for a period of two weeks, whereas google analytics stores usage data for a period of 14 months.

After it is no longer necessary for us to retain your personal information, we dispose of it in a secure manner.

Once you make a public posting, you may not be able to change or remove it. Upon your request, we will close your account and remove your personal information from view as soon as reasonably possible, based on your account activity and in accordance with applicable national laws.

 

7. How is your data secured?


The security of your Personal Data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

We protect your information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centre, and information access authorisation controls. If you believe your account has been abused, please contact us following the instructions in the Contact Us section.

In case of a possible leak of data, our data processor and site administrator will notify us immediately after discovering or becoming aware of any such incident. Following the report of the incident, we will carry out an assessment with our contractors and partners to identify corresponding measures We will inform you about the situation, the gravity of the situation and the solution as soon as possible.

8. What are your data protection rights?

The Organisation would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

·     The right to access – You have the right to make a request for copies of your personal data. We may charge you a small fee for this service.

·     The right to rectification – You can see, review and change your personal information by signing in to your account. Please update your personal information immediately if it changes or is inaccurate. You have the right to request that we correct any information you believe is inaccurate. You also have the right to request to complete the information you believe is incomplete.

·     The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

·     The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

·     The right to object to processing – You have the right to object to us processing of your personal data, under certain conditions.

·     The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

Where you have a statutory right to request access or request the modification or erasure of your personal information, we still might need to withhold that access or decline to modify or erase your personal information in some cases in accordance with applicable national laws In such a case, we will provide you with the reasoning.

It is important to note that if you withdraw your consent for the use or disclosure of your personal information for purposes set out in this Privacy Notice, you may not have access to all our Services and we might not be able to provide you all of the Services and customer support offered to our users and authorized under this Privacy Notice and our Terms and Conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us following the instructions in the Contact Us section.

If you disagree with the processing of your Data or the information we provide, you may submit a complaint to the following regulatory authority:


Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart – Germany
Telephone: +49 711 61554 10
Telefax: +49 711 615541 15

E-Mail:
poststelle@lfdi.bwl.de

https://www.baden-wuerttemberg.datenschutz.de/

 

9. Contact Us

1.  Contact details of the person responsible for data processing

Responsible person within the meaning of the General Data Protection Regulation, other data protection laws in the Member States of the European Union and other provisions with data protection character is the company:

BABLE GmbH
Legal representation: Alexander Schmidt
Seyfferstraße 34
70197 Stuttgart – Germany
Telephone: +49 711 96 88 13 10

 

2.  Contact details of the data protection officer

If you have any questions regarding the collection, processing or use of your personal data and your inquiries regarding information, correction, blocking, deletion or restriction of processing, please contact our data protection officer:


E-Mail: datenschutz@bable-smartcities.eu