Privacy

Hubbub Labs GDPR Policy 2024, In Accordance with GDPR

Hubbub Labs is committed to protecting the privacy and security of the personal data of our clients, partners, employees, and other individuals. This policy outlines the measures we take to comply with the General Data Protection Regulation (GDPR) and ensures that all personal data we collect, process, and store is handled with care, respect, and transparency.

Core GDPR Principles

We align our practices with the core principles of GDPR, which include:

  • Lawfulness, Fairness, and Transparency: Personal data is processed lawfully, fairly, and transparently.
  • Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data Minimization: Only data that is necessary for the purposes outlined is collected.
  • Accuracy: Data is kept accurate and up-to-date.
  • Storage Limitation: Personal data is retained only for as long as necessary.
  • Integrity and Confidentiality: Appropriate security measures are in place to protect personal data.
  • Accountability: Hubbub Labs takes responsibility for GDPR compliance, with a dedicated compliance officer in place (George Chilton, CMD).

Definition of Personal Data

Under the GDPR, personal data refers to any information relating to an identified or identifiable natural person. Examples include:

  • Contact information: names, addresses, telephone numbers, email addresses.
  • Financial information: payment details, billing addresses.
  • Sensitive personal data: health information, religious beliefs (processed only with explicit consent or legal basis).
  • Technical data: IP addresses, cookies, geolocation data, and browser/device identifiers.

Data Collection and Processing

Hubbub Labs collects and processes personal data for legitimate and lawful purposes, such as:

  • Providing services to clients.
  • Fulfilling contractual obligations.
  • Communicating with clients, partners, and stakeholders.

We ensure that:

  • Individuals are informed about the data being collected and its purpose through privacy notices.
  • Personal data is collected only when necessary and relevant to the specified purposes.

Data Storage and Security

Hubbub Labs stores personal data on secure servers and employs robust security measures, including:

  • Encrypted storage for sensitive documents
  • Secure and encrypted password management.
  • Multi-factor authentication for system access.
  • Alerts for unusual login activity.
  • Website and server maintenance, including security patches.

In the event of a data breach:

  • We will notify the relevant Data Protection Authority (DPA) within 72 hours.
  • Affected individuals will be promptly informed with recommendations for protective actions.

Data Sharing and Transfers

Hubbub Labs will share personal data with third parties only:

  • When necessary to provide our services.
  • When required by law.
  • With processors that demonstrate GDPR compliance through Data Processing Agreements (DPAs).

For transfers outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs).
  • Adequacy decisions by the European Commission.

We do not share sensitive personal information related to finances, health, or religious beliefs. Where necessary, consent is obtained before sharing.

Data Retention

Hubbub Labs retains personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods include:

  • Contact Information: Deleted within one month of a deletion request, with confirmation sent.
  • Job Applicant CVs: Retained only during the hiring process and deleted once the position is filled or the process ends.
  • Client Contacts: Deleted when the individual leaves the client organization.
  • Mailing Lists: Double opt-in required, with an easy unsubscribe option.
  • Project-Specific Data: Deleted after the project concludes unless otherwise agreed.

Regular audits of our databases are conducted to ensure compliance.

Data Subject Rights

Under GDPR, individuals have the right to:

  • Access their personal data.
  • Rectify inaccuracies.
  • Request erasure (“right to be forgotten”).
  • Restrict or object to data processing.
  • Request data portability.
  • Withdraw consent at any time (for data processed on the basis of consent).

Requests should be sent to [email protected]. We will respond within one month of receiving a valid request.

Cookies and Tracking

Where cookies or similar technologies are used, Hubbub Labs:

  • Provides clear, upfront information about their use.
  • Ensures explicit consent is obtained where required.
  • Allows users to manage their cookie preferences at any time.

Policy Review and Accountability

This policy is reviewed annually or whenever there are significant changes to legal requirements or business practices. Hubbub Labs ensures all employees handling personal data receive GDPR training and adhere to this policy.

Contact Information

If you have any questions about this policy or how Hubbub Labs processes personal data, please contact us at:

[email protected]
Carrer de Rocafort 122, E-1, 08015, Barcelona, Spain 

(00 34) 672661609

UPDATE: Last reviewed November, 2024

About cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies that we use

We use cookies for the following purposes:

(a) security – we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally.

(b) analysis – we use cookies to help us to analyse the use and performance of our website and services

(c) cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally.

Cookies used by our service providers

Our service providers use cookies and those cookies may be stored on your computer when you visit our website.

We use Google Analytics 4 to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

We use HubSpot Lead Management and CRM to track your form entries and keep track of emails

Cloudflare helps keep our website and data safe

Facebook Ads conversion tracking (Facebook pixel) allows us to build audiences on Facebook and Instagram, which we occasionally serve ads to.

Google reCAPTCHA ensures you’re not a robot, on occasion. It’s always good to check.

Typeform helps us collect responses to surveys and other questions on the website.

Google Analytics 4 – we like to know how our website is working. This helps us keep an eye on things.

Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);

(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);

(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);

(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);

(e) https://support.apple.com/kb/PH21411 (Safari); and

(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

12.2 Blocking all cookies will have a negative impact upon the usability of many websites.

12.3 If you block cookies, you will not be able to use all the features on our website.

Our details

This website is owned and operated by Hubbub Labs S.L.

We are registered in Spain under registration number NIF: B67110031, and our registered office is at Carrer Viladomat 45, BARCELONA


13.3 Our principal place of business is at

Carrer de Rocafort 122, E-1, 08015, Barcelona, Spain 

13.4 You can contact us:

(a) by post, to the postal address given above;

(b) using our website contact form;

(c) by telephone, on the contact number published on our website from time to time; or

(d) by email, using [email protected] or [email protected]

14. Data protection officer

14.1 Our data protection officer’s contact details are: [email protected]