“Babbel” is a service offered by Lesson Nine GmbH, Max-Beer-Str. 2, 10119 Berlin, Germany. Through this privacy statement, Lesson Nine wishes to inform you of how your personal data are processed and in what form some of these data are made accessible for other users. All personal data are treated with the utmost care at Lesson Nine. All the necessary steps are taken to guarantee the security of these data. This privacy statement supplements the General Terms and Conditions of Business of Babbel. Please write to firstname.lastname@example.org if you have any queries relating to this document.
1. Which data are stored?
1.1. Personal data
When you register with us, we record and save your basic data such as name and email address together with other contact information such as user name and password. We may receive further information from you via the website (e.g. if you fill in your personal profile) or if you communicate with us. The following registration data are accessible for other Babbel users:
- selected language combinations
Other data provided voluntarily are also generally accessible for other users of Babbel; however, you can disable such access at http://www.babbel.com/users/profile/edit. This concerns first name, surname, gender, age and any other voluntary details that you can save in your profile.
One type of cookie automatically expires after your session has ended. This is called a session cookie. Your user settings, in particular, are saved as session cookies so that Babbel can always be used in the form you require. Another permanently stored anonymous cookie contains the version number of your Flash player. When you log in, you also have the option of saving your user name and password locally in encrypted form on your computer. You can save this cookie permanently for automatic log in with the function “Log me in automatically on this computer”. In addition to this, user settings, such as language selection, language recognition settings, user IDs for various applications, are saved in both session cookies and permanent cookies by Babbel in order to facilitate the use of Babbel.
We may use the services of third parties to collect and use anonymous information about your visits to and interactions with our website through the use of technologies such as cookies to personalize advertisements for goods and services. To learn more, or to opt-out of receiving online display advertisements tailored to your interests by our third party partners, visit the Network Advertising Initiative at http://www.networkadvertising.org/choices.
1.3. Log files
Each time a page is called up, access data are saved in a protocol file, the server log. The data record thus saved contains the following data:
- your IP address (by means of which your computer can be unambiguously identified)
- the remote host (name and IP address of the computer requesting the page)
- the time, the status, the quantity of data transferred and the Internet page from which you accessed the requested page (referrer)
- The product and version information of the browser used (user agent)
Lesson Nine uses a standardized webserver logfile format for this purpose. Provided these data are not urgently required for the technical maintenance of the system or for the system security, they are anonymized instantly and the original protocols are deleted. Anonymization takes place by removal or truncation of the IP address by allocating a code not assigned to a user. Any allocation to an identified or identifiable person is therefore no longer possible. Lesson Nine therefore uses the protocol data (logs) exclusively in anonymized form for statistical evaluations, hence without any allocation or references to your personal details. In this way, Lesson Nine determines, for instance, on which days and at which times Babbel is particularly popular and what volume of data is generated on the Babbel web servers. Furthermore, Lesson Nine can detect possible errors through the log files, e.g. faulty links or program errors, and thus use the log files for the ongoing development and refinement of Babbel. Lesson Nine does not link the page requests and usage information to individual persons.
1.4. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how you use the site. As anonymization is activated for the data we collect, your IP address is truncated by Google within member states of the European Union or in other signatory countries to the Treaty creating the European Economic Area and only then is it transferred to the USA.
1.5. Exchange of data with Facebook (Only applies to registered Facebook users)
We are taking part in a statistical program of the company Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, via which Facebook users who display a similar usage profile to our existing customers are detected (“Facebook Custom Audiences – Statistical Twins”). As part of this program, email addresses of customers are transferred in an anonymized form (known as a “hash”) to Facebook. The email addresses cannot be derived from the data transmitted. Using the same method, Facebook itself produces a hash of its users’ email addresses, correlates these with the anonymized data and determines whether one of our users with the same email address is registered with Facebook.
Facebook guarantees that it does not store this correlation or use it outside of the program. This is then employed as the basis on which to determine any third parties who use Facebook in a similar way to the customer, and we obtain an opportunity to address these people directly. You do not receive any additional advertising or messages from us or from Facebook as a result. If you are not registered at Facebook with the same email address as you use for us, Facebook will not receive any information about you. Under no circumstances do we find out whether you are registered with Facebook and do not otherwise receive any data about you.
You hereby give your consent to the anonymized transfer of your email address in the form described previously. Although we do have every reason to trust the assurances provided by Facebook, we wish to point out that Facebook is not subject to German data protection law. You will find further information on the purpose and scope of the data capture and the further processing and use of the data by Facebook as well as optional settings for protecting your privacy in the Facebook data protection guidelines at: https://www.facebook.com/about/privacy/ .
1.6. Social Plugins
In some cases we also use social plugins on our website. This is done using a technology supplied by “ShareIt”. In the process, social plugins are incorporated from Facebook, Twitter and Google+. In the next section we will tell you about the social plugins used here.
Facebook Social Plugin
Social plugins (“plugins”) from the social network facebook.com (“Facebook”) are used on our website. Facebook is run by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304 in USA.
If you call up a page on our website containing such a plugin, your browser will establish a direct connection with Facebook’s servers. The contents of the plugin are transferred by Facebook directly to your browser which incorporates it in the website. By incorporating the plugin, Facebook receives the information that you have called up the relevant page on our website. If you logged into Facebook, it can match your visit to your Facebook account.
The purpose of capturing data and the quantity of data collected including the way in which they are processed and used by Facebook and your rights in this regard and setting options to protect your privacy can be taken from Facebook’s data protection information at: http://www.facebook.com/policy.php If you are a member of Facebook and you do not wish Facebook to collect data on you through our website and link them to your membership data stored by Facebook, you must log out of Facebook before visiting our website.
It is also possible to block Facebook social plugins through add-ons for your browser, e.g. through “Facebook Blocker”.
Use of the Twitter widget
We also use so-called “widgets” from Twitter on our websites. When these web pages are called up, a connection is established with Twitter servers. The Twitter servers are in USA.
When a web page is called up containing a Twitter “widget”, Twitter receives information that you have called up the page. The information includes your IP address, the type of browser, the operating system and the address of the website where the Twitter widget is located.
The Twitter widget also installs a cookie in the browser of your terminal. In connection with the cookie, Twitter can theoretically see which other pages you have visited if there are Twitter widgets implemented on these pages too. Twitter itself states that it may also use these data - if you have a Twitter account - to give you better suggestions on suitable users. According to Twitter, it begins to delete the data after a maximum of 10 days. The deletion itself is then to be completed after a further week at the latest. If you have a Twitter account, you may be able to make further settings on the use of your data in your user account settings. You will find further information in Twitter’s data protection notice which you can call up here: http://twitter.com/privacy
Use of Google “+1 button”
We also use Google’s “+1 button”. When a web page containing a “+1 button” is called up, a connection is established with Google’s servers. Google’s servers are predominantly to be found in USA. When the page is called up, Google receives the information that you have called up the relevant web page. This applies in particular if you happen to be logged into one of Google’s various services at the time when you call up the web pages.
According to Google, the +1 button is not used to record your visits to websites. In particular, Google states that the browser history is not permanently stored. However, they also say that the data regarding your visit are kept for a period of (normally) two weeks.
If you click on the +1 button, according to Google, information on your Google profile, the address of the website on which the +1 button was selected, your IP address and further information are stored by Google. If you withdraw your recommendation by clicking again on the +1 button, these data are deleted again.
We have no influence ourselves over the data which Google collects, processes and uses when you call up a page. Please consult Google’s data protection notice, therefore, which you can call up here: http://www.google.com/intl/de/policies/privacy/
1.7. Further external suppliers
We use further external service providers for the purpose of optimizing our services, carrying out advertising activities or for analyzing our website for errors and in terms of its performance. Such service providers may vary. For the sake of clarity, we have listed these service providers in tabular format at the end of this data protection notice under Clause 8, and in each case we have supplied further information on the processing of data and on any opt-outs.
1.8. Personal vocabulary
To enable Babbel users to conveniently revise their vocabulary, all practiced words and sentences together with all results of exercises are saved in the user’s personal vocabulary. These data can be viewed by other users only in the form of high scores, which do not indicate which specific words or sentences are being practiced but merely reveal how many exercises have been successfully completed.
1.9. Image uploads and image scores
Babbel users can upload images for general use in areas such as the forum.
1.10. Newsletter & E-Mails
We send you emails for a variety of reasons. These may include confirmations of an order or of a registration. However, communication may also concern information about our services, provided you have not revoked your consent for such usage, which you can of course do at any time at http://www.babbel.com/users/settings/edit. Any email messages we send are saved by us and any emails that may be regarded as business letters will not be deleted during the statutory retention period. We also record any email addresses to which a message could not be delivered in order to request an updated email address. Furthermore,In the case of our newsletter emails, we record (e.g. by means of a so-called “tracking pixel”) whether an email is opened and which links in the email are clicked on; we do so to optimize our offers and tailor their design to meet your needs. We use these data to enable us to send newsletter contents to match your profile. If you wish to object to this use of your data, you can do so by canceling. our newsletters. We also use service providers from USA for sending our emails. We make sure that the statutory conditions for the cross-border use of personal details as defined by §§ 4b, 4c BDSG (German Federal Data Protection Act) are fulfilled.
As well as our website, we also offer apps for various smartphone operating systems. Here too we collect data on the use of the application by means of software from external suppliers for the purpose of detecting and correcting errors and to improve our applications. However, no data are collected in the process from which any external supplier could directly establish any personal connection. In this way we receive aggregated information on how the apps are used and which features are especially popular, and from this information we can draw conclusions for future improvements in product development. You can prevent this analysis by changing this in “settings” on the mobile device on which the app is installed. Further information can be found here at: http://optoutmobile.com/.
In addition, we will also be informed if apps crash - if you have enabled this through your device settings. These so-called crash reports are provided by external suppliers. However, no data are processed from which any external supplier could derive any personal connection.
2. Purpose of storing the data
The purpose of gathering, saving, processing and using the data is solely to facilitate, maintain and develop the “Babbel” service provided by Lesson Nine. This also comprises winning new customers and sales to existing ones. In particular, part of the ongoing development involves the use of anonymous statistics on the usage of the services. Movement profiles of individual users on the website are not created.
3. No forwarding of data to third parties
Lesson Nine does not forward the personal data of its users to third parties unless the user has given his/her explicit consent or there is a legal requirement to forward the data. Personal details may also be passed on to third parties if this is legally permissible, and it is necessary to pass them on for the fulfillment of our contractual obligations towards our customers. In the case of payment processing, the data for processing the payment transaction are forwarded to the payment services provider if you do not supply the data directly. If you send your payment data directly to the payment services provider, we receive only very limited data. In such cases, we are merely informed whether or not the transaction relating to a specific transaction number has actually taken place. In such cases we do not receive your account data. If any third-party rights have been violated (in particular rights relating to copyright, trademarks, names and symbols) by the user, the user data will not be forwarded to the rights holder unless the latter conclusively demonstrates his/her claims to Lesson Nine.
As a matter of principle, Babbel is directed towards users who have reached the age of majority. Any use by minors without the consent of their legal guardians is prohibited. Lesson Nine therefore reserves the right to delete all data relating to underage users if no consent from the legal guardians is available.
5. Data security
Lesson Nine employs safety precautions to guarantee that your data are protected against loss, modification or misuse. To this end, Lesson Nine works with constantly updated firewalls meeting the industry standard as well as other security systems. At the same time, the user should be aware of the fact that one hundred per cent protection against attacks cannot be guaranteed because of the continual appearance of new viruses and other means of attacking the protected data systems of Internet services. Lesson Nine will instigate civil and criminal proceedings against any attack by hackers and the like and will inform the users of any cases in which their data have been compromised.
6. Information, correction and deletion
6.1. Right to information on stored data
Every user has the right to obtain information from Lesson Nine on the personal data that has been saved in relation to him/her. If the request for information is not conveyed to Lesson Nine in writing, hence particularly in the case of enquiries by telephone or email, the user must provide a postal address to which the information can then be sent. In the request for information, the user must additionally provide the following details for identification purposes: user name, first name and surname, maiden name (if appropriate), email address, postal address and date of birth. The information is sent by post to the address provided by the user.
If the user alters or corrects the details that he/she has provided and deletes old entries, the data previously entered by the user will be completely deleted automatically. An application for correction or deletion is not required. You can edit your personal data at any time at http://www.babbel.com/users/about/edit. This notwithstanding, the user has the right at all times to demand the correction of any inaccurate data concerning him/her stored with Babbel. However, the easiest option is for users to correct any such entries themselves.
6.3. Deletion of data
Should the user demand any alteration, correction or deletion of his/her personal data, this may take place by email or letter. To ensure correct identification of the user, the request must at least contain the following details:
- User name
- First name and surname
- Email address
- Postal address
Please note that due to caching systems, search engines, the interposition of proxy servers and the like, deleted data may continue to remain accessible even though they are no longer present within our systems.
The trust of our users is important to us. Lesson Nine therefore wishes to provide its users with full information on the processing of their personal data at all times. If any queries remain unanswered by this privacy statement or if more detailed information is required on any point, please contact the following address at any time:
Lesson Nine GmbH, Max-Beer-Str. 2, 10119 Berlin, Germany
8. External suppliers
With reference to Clause 1.7, you will find a list here of further external suppliers:
- New Relic (Optimierung der Webseite, https://newrelic.com/privacy)
- Visual Website Optimizer (Optimierung der Webseite, A/B-Tests,https://vwo.com/opt-out/)
- Google AdWords (Marketing, Kampagnenmessung, http://www.google.de/intl/de/policies/technologies/ads/)
- Google Tag Manager (Marketing, http://www.google.com/policies/privacy/)
- ShareThis (Social Media Plugin, http://www.sharethis.com/legal/privacy)