Welcome

Privacy policy

Latest updated at: 17 July 2023

1. General

1.1. Definitions

BubblyDoo or “we”Bubbly-Doo BV, with company seat at Sint-Pietersvliet 7, 2000 Antwerpen, Belgium and registered with company number 0727.776.548, RPR Antwerp, department Antwerp.
Customer or “you”Individual interacting with BubblyDoo through a touchpoint, e.g. our website, or through a 3rd party retailer
Personalized personThe person used in our personalization process, the person for which a product is made by the customer.

1.2. Who is the data controller?

Bubbly-Doo BV, with company seat at Sint-Pietersvliet 7, 2000 Antwerpen, Belgium and registered with company number 0727.776.548, RPR Antwerp, department Antwerp.

BubblyDoo is reachable for any data processing-related questions at:

Bubbly-Doo BV
Sint-Pietersvliet 7, 2000 Antwerp
Belgium
hello@bubbly-doo.com

1.3. Introduction

BubblyDoo is dedicated to protecting your personal data and that of the children you personalize in our products. We have done our very best to write this document and configure our consent management to give you full control over what we can do with your personal data. In general, BubblyDoo processes most of its customer’s personal data itself, but we sometimes use third-party tools that are hosted in the EU, like PostHog. We do not simply add analytics integrations to our systems but try to limit their access to your personal data as much as possible. We have only a minimal amount of subprocessors, some of which are discussed in this document.

2. For how long do we store your personal data?

We do not store your data longer than necessary for their purpose. This means the data mentioned above can be stored as long as you are a considered a customer of BubblyDoo.

After your last interaction with BubblyDoo, we can actively use your personal data for maximum 5 years after a purchase, for direct marketing and analytical purposes, if you have provided your consent.

We store strictly necessary personal data for a maximum of 10 years after your last interaction, in order to be able to respond to any requests from law enforcement or if it is needed for our legal defense.

When we consider it appropriate we can also delete your data earlier.

See article 3.2. for more

3. What kind of personal data do we store and use, and on what basis?

3.1. Lawful bases

We need your data to provide you our services, including our order and payment processing, a personalized offering for our customers, etc.

For customers in the EU, the GDPR requires us to list the types of personal data we use and on which lawful base. We use the following bases:

The types of personal data we use are listed below (article 3.2.), alongside the lawful bases.

3.2. Types of personal data

Identification, contact and payment data

We store and use the personal data you provide on the website and to third-party providers we integrate with, like our payment provider.

This includes your name, email address, phone number, payment information.

Contractual: This data processing is necessary to fulfill the contract between BubblyDoo and the Customer.

Stored for: 5 years, max 10 years

Product personalization data

We store and use the personal data you have used to personalize our products, like the name of the Personalized person and possibly a picture of the Personalized person.

Contractual: This data processing is necessary to fulfill the contract between BubblyDoo and the Customer.

Stored for: 5 years

Marketing conversion tracking data

In order to run our online advertisements effectively, we need to be able to track which ad you clicked on before you came to the BubblyDoo website. After you made a conversion, we report to the platform that you made a purchase.

This data includes marketing click ids and your IP address.

Legitimate interest: This data processing is necessary for the purposes of the legitimate interest of BubblyDoo. The customer can reject the processing of this data.

Stored for: 5 years

Communication preferences

We store and use your communication preferences, like if you consent to our direct marketing messages. The Customer provides this information directly to us.

Consent: This data processing is consented to by the customer.

Stored for: 5 years

Usage data

If you consented to it, we collect data about how you use our services in order to improve them and to offer you a personalized service.

Consent: This data processing is consented to by the customer.

Stored for: 3 years

Non-personal data

We also store aggregated analytics data, but this doesn’t qualify as personal data.

4. With which parties can my personal data be shared?

4.1. General

We do not sell your personal data to other companies or third parties, and we do not allow third parties to use your data for their own purposes, unless your consent is given. More concretely, your data can be shared with parties of the following kinds:

4.2. Under the GDPR, which entity acts as data processor?

Under the GDPR, BubblyDoo acts both as data controller and data processor. When necessary we transfer your data to subprocessors, listed below. This list is non-exhaustive and subprocessors might be added at any time.

When third parties process your personal data outside the European Economic Area (EEA), we make sure to protect your data by making sure our agreements contain so-called “Standard Contractual Clauses”, unless the European Commission has provided an “adequacy decision” for the country where your data would be processed.

4.3. Categories of recipients of personal data

As is required, we list categories of recipients of personal data below.

See article 4.4 for some of the actual companies that handle your personal data.

4.4. Most important subprocessors

BubblyDoo is not obliged to list its subprocessors, but we list our most important ones out of transparency to the customer.

As mentioned in article 4.2, we do sometimes store personal data outside of the EU. In that case, we will mention the parties and guarantees for the protection of your personal data.

As long as this privacy policy is followed and the protections of the customer’s personal data are taken into account, BubblyDoo retains the right to add and remove subprocessors at any time.

5. Do we use cookies?

Yes, BubblyDoo uses cookies for various purposes. See our cookie policy for more details.

6. What are my data protection rights?

BubblyDoo would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access– You have the right to request BubblyDoo for copies of your personal data. We may charge you a small fee for this service.

The right to rectification– You have the right to request that BubblyDoo correct any information you believe is inaccurate. You also have the right to request BubblyDoo to complete the information you believe is incomplete.

The right to erasure– You have the right to request that BubblyDoo erase your personal data, under certain conditions.

The right to restrict processing– You have the right to request that BubblyDoo restrict the processing of your personal data, under certain conditions.

The right to object to processing– You have the right to object to BubblyDoo’s processing of your personal data, under certain conditions.

The right to data portability– You have the right to request that BubblyDoo transfer the data that we have collected to another organization, or directly to you, under certain conditions.

The right not to be subject to a decision based solely on automated processing - You have the right to avoid decisions based solely on automated processing, including profiling, that lead to legal effects or significantly affect you, unless certain conditions are met. This right does not apply if the decision is necessary for a contract, is authorized by applicable law with measures in place to protect your rights and interests, or is based on your explicit consent.

The right to lodge a complaint with a supervisory authority - If you believe your data protection rights have been breached, you can file a complaint with the supervisory authority in your jurisdiction. See this link to find your supervisory authority.

To contact BubblyDoo, see article 1.2.

7. Note about children’s data

We collect data about children in order to personalize our products and because this data is voluntarily given to BubblyDoo.

Our website and services are meant to be used by adults.

By using our website, it is implied that you have the right to use and upload the data of the person that is used for personalization of our products (”Personalized person”). This implies that when you are a minor, you have received parental consent.

If you believe that BubblyDoo has collected personal data of a minor without parental consent, please contact us via the details provided in article 1.2. This way, we can remove the data as quickly as possible.

We do not sell personal data of “personalized persons” to any third party.

8. Direct marketing

Your personal data can be used for marketing purposes, depending on your consent. Using your data, we can inform you about new offers, promotions, new products, and other information, possibly personalized for you.

You can always use your right to unsubscribe by contacting us via the details in article 1.2 or by updating your consent.

9. Your right to change consent

You have the right to change your consent at all time, however this does not affect the lawfulness of BubblyDoo’s processing of your personal data before you have changed your consent.

10. How do you manage my consent?

BubblyDoo has built its own system to manage your consent.

Our consent manager stores values to determine which cookies can be set, which 3rd-party scripts can be loaded, and which data processing can be done.

These values are stored in a text file that we call the “Consent Record”.

This record is saved together with an order, user or other stored information.

We use this record to determine your consent for future actions, like if we can send you marketing emails and if we can use your personal data for analytical purposes.

In the footer of our website, you can find a button to view and change your consent at all time.

BubblyDoo does not respond to Do Not Track (DNT) signals due to insufficient and varied browser support.