Privacy Policy and Notice
This policy describes how Blinks Labs GmbH (“Blinkist”, “we”, “us”) collects, receives, processes, uses, discloses, or shares your information. When you use our sites, products, or services or otherwise form a relationship with us, we may obtain data from you and the devices you are using to do so.
This policy is designed to provide transparency into our privacy practices and principles in a format you can navigate, read, and understand easily.
We commit to treating your personal information with care and respect and encourage you to contact us using the methods provided below should you have any questions or concerns about the use of your information.
The Scope of this Policy
This Policy describes the processing of personal information provided or collected on our sites, applications, products or services. In some instances, we may provide additional data privacy notices specific to certain products, practices, or regions. Those terms should be read in conjunction with this policy.
If you provide information to us on a third-party site or platform, the information you provide may be separately collected by the third-party site or platform. That third-party site or platform’s privacy practices will govern the use of your information. Choices you make on that third-party platform will not apply to our use of the information we have collected through our sites, products, or services.
We acknowledge our obligations to all recipients of our products and services, including visitors to our website, our registered users and administrators of our products and services on behalf of our customers to collect, manage, process, and use their personal information (“Personal Data”) in accordance with the laws and regulations of each of the countries in which we operate.
With the term ‘applicable data protection law’ (or ‘applicable law’) we mean any data protecion law that is applicable at your location, e.g. the GDPR when you are located in the EU/EEA. Any reference to the ‘GDPR’ means the European General Data Protection Regulation but also implicitly includes the corresponding regulation of the United Kingdom, in which the European GDPR has been implemented into national law (UK GDPR).
Information Collected or Processed
Blinkist may have collected or processed the categories of Personal Data that are identified below. We generally collect the information listed below to secure, improve, and provide our services to our customers.
- Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
- Customer records information such as a name, credit card number, debit card number, or other payment information, or information about a purchased subscription.
- Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with an internet website application, or advertisement.
- Geolocation data.
- Professional or employment-related information.
- Education information.
- Content Data: Information that you provide to us while using our features and products (e.g. input to our AI features, direct messages, chat messages).
- Video recordings of your person and voice: In case you opt to turn your camera on in our webinars, workshops, fireside chats or similar online learning sessions.
- Inferences drawn from any of the information identified in this subdivision to reflect your preferences, characteristics, behavior, attitudes, abilities, and aptitudes.
Sources and purposes of Information
The sources from which Personal Data may have been collected or processed are the following: information that you provided to us, online tracking technologies, automatic data collection technologies, social media platforms and networks, business partners, service providers etc. The purpose of such collection or processing include: providing our products and services, evaluation of your user behavior for test and product development purposes, communicating with you, administering programs, security and fraud prevention, legal obligations, core business functions, the job applicant and employment process, marketing and promotional purposes (which may include targeted advertising), analytics and personalization etc. Further details can be found in the relationship-specific details that can be accessed here.
How We Disclose Information
In the process of providing services to you and to operate economically as a company, we use various external companies to which we may disclose your Personal Data. Such groups of recipients include:
- Hosting provider: We do not operate our own servers but engage certified service providers to host our website and services as well as other IT systems like the CRM system.
- IT service provider and SaaS provider: We use the services of various service providers who help us to provide you with our services.
- Advertising and marketing service provider: We want to provide our customers with an attractive product and convince more customers to choose us. To this end, we engage advertising and marketing service providers.
- Affiliated companies: We are a globally active company with teams spanning several countries and companies and therefore transfer personal data to our subsidiary and other companies of the group.
- Employers of B2B users: If you use our services via a subscription of your employer, we share aggregate usage data with your employer. In some cases, we may also share Personal Data to your employer, e.g. in order to provide a learning certificate.
- Public Authorities: To comply with legal requirements or to respond to court orders or similar official requests, we may transfer Personal Data.
- Payment provider: In order to process payments, we pass on your Personal Data to payment providers and banks that process your data as controllers and/or processors.
- Participants of our online learning sessions: Our online learning sessions may be recorded. This will be clearly communicated to you in each case. Copies of the recordings may be made available to participants and other subscribers of our service.
- Other recipients: We may also transfer your Personal Data to organizations such as postal and delivery services, our bank, tax consultants/auditors or the tax authorities, as well as to service providers for the destruction of data.
We carefully select our service providers and business partners, especially with regard to the suitability of the technical and organizational measures taken by them. In each case, we take all reasonable measures to ensure that your Personal Data is protected (such as appropriate data processing agreements).
We may also disclose your Personal Data to service providers and third parties when necessary to comply with laws and regulations; respond to subpoenas and court orders; exercise our legal rights or defend against legal claims; investigate, prevent, or take action regarding illegal activities, suspected fraud, potential threats to our property or the physical safety of any person, or violations of our usage instructions and applicable terms and conditions; facilitate the financing or insuring of our business or a disposition of all or part of our business or assets, or as otherwise permitted or required by law. We may disclose anonymized or aggregated data at our discretion, in accordance with applicable laws.
If you post your information or content to our online forums or media sites (for example, on our Instagram account), this information is public on the internet. We are unable to prevent or control further use of this information and refer you to the third-party sites’ privacy policies and terms of use to learn more about their privacy practices.
We share Personal Data with service providers and other companies within the group of companies for legitimate business purposes or based on your consent. We provide further information if and how Personal Data is shared within the relationship-specific details that can be accessed here.
How long we store your Personal Data
Unless otherwise stated in the following information, we only store the data for as long as is necessary to achieve the purpose of processing or to fulfil our contractual or legal obligations. Such statutory retention obligations may arise in particular from commercial or tax law regulations. From the end of the calendar year in which the data was collected, we will retain such Personal Data contained in our accounting data for ten years and retain Personal Data contained in commercial letters and contracts for six years. In addition, we will retain data in connection with consents requiring proof and with complaints and claims for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to the processing for this purpose.
Our Commitment to Protecting Information Belonging to Children
Our services are not intended for children. We do not knowingly collect information via our sites, products, and services from children. If you use our Services, you represent that you are at least the age of majority under the laws of the jurisdiction of your place of residence, or that, if possible, your legal representatives have provided their consent to use our services.
If you believe your child has provided us with personal information, please alert us at [email protected]. If we learn that we have collected personal information from a minor without their legal representatives’ consent, we will promptly take appropriate steps to delete such information and terminate the minor’s account.
Cookies and Other Technologies
We use Cookies and similar technologies on our website and in the provision of our services. Cookies are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us, for example, how and when pages and features in our services are visited and by how many people. More information about how we use these technologies can be found in our Cookie Consent Manager, which can be accessed via the footer of our website. There you will also find a list of other companies that place cookies on our websites, a list of cookies that we place and an explanation of how you can refuse certain types of cookies.
You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features. We recommend you keep cookies activated.
Our Global Data Transfer Practices
Since we are a globally operating company, we store and process your Personal Data in different locations worldwide. Therefore, our data processing activities may involve the transfer of your Personal Data to “third countries”, i.e. countries that may not provide the same level of data protection for your personal data (especially where the GDPR is not applicable law). Such a transfer is permissible if the European Commission or the UK government (as applicable) has determined that an adequate level of data protection is provided in the relevant third country. Please find a list of the European Commission’s adequacy decisions here. Information regarding UK adequacy decisions can be found here.
If such an adequacy decision of the European Commission or the UK government (as applicable) does not exist, a transfer of your Personal Data to a third country will only take place if appropriate safeguards exist (Art. 46 et seq. GDPR), or if one of the conditions listed in Art. 49 GDPR is met.
Unless an adequacy decision is in place, we use the EU Standard Contractual Clauses (EU SCCs) or the Standard Data Protection Clauses approved by UK’s supervisory authority (UK SCCs) as appropriate safeguards for the transfer of Personal Data to third countries that fall outside the scope of the GDPR. You have the option of receiving or viewing a copy of these EU or UK SCCs. Please contact us at the address given under “How to Contact Us”.
In exceptional circumstances, if there is no adequacy decision for a third country or other appropriate safeguard in place, if you consent to the transfer of Personal Data to third countries, any such transfer will take place on that legal basis (e.g. Art. 49 (1) (a) GDPR).
Our Group-Wide Data Transfer Practices
Blinkist is part of a group of companies working together to provide you with even better services. We may transfer Personal Data to other companies within this group of companies or otherwise grant them access to your Personal Data. Insofar as this disclosure is for administrative purposes, the disclosure of the data is based on our legitimate business and economic interests (Art. 6 para. 1 lit. f GDPR) or otherwise, if it is necessary to fulfill our contractual obligations (Art. 6 para. 1 lit. b GDPR) or if your consent (Art. 6 para. 1 lit. a GDPR) or otherwise a legal basis is present. If we transfer Personal Data to other companies within our group of companies, we are doing this on the basis of Internal Data Transfer Agreements (“IGTA”), to ensure compliance with relevant laws and the security of your Personal Data.
Your Privacy Rights
If you are a resident of certain states or countries, you have the right to exercise your data subject rights against us. You have the following rights within the framework of the data protection laws applicable to you:
- Right to be informed about the way your Personal Data is processed and get access to your Personal Data;
- Right to request that we rectify your Personal Data;
- Right to request deletion of your Personal Data;
- Right to request the restriction of the processing of your Personal Data;
- Right to receive the Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller (right to data portability);
- Right to withdraw your consent at any time if you have given us separate consent to data processing activities; such a withdrawal does not affect the legality of the processing that was carried out on the basis of consent until withdrawal;
- Right to opt-out from certain types of processing (e.g., targeted advertising, the sale of Personal Data, limiting the use and disclosure of sensitive information, and profiling, as defined by the applicable data protection laws).
If, and to the extent that, we process your Personal Data on the basis of a legitimate interest, in particular if we pursue our legitimate interest to conduct direct marketing or to apply profiling in connection with direct marketing, you have the right to object to such use of your Personal Data at any time. If you object to the processing of your Personal Data for direct marketing purposes, we will promptly stop processing your Personal Data for these purposes. In all other cases, we will carefully consider your objection and stop further use of the information in question, subject to compelling reasons for further processing that may take precedence over your interest in objecting, or if we need to use the information for the justification, exercise or defense of legal claims.
If you choose to exercise any of these options, we will not discriminate against you for making that decision.
You can exercise your privacy rights by contacting us at [email protected]. When we receive a request to exercise a privacy right, we will review information we have collected about you (if any) with identifying information you may have provided us (such as a login, email address, mailing address, or transaction or order number) to authenticate your identity. If you use an authorized agent to submit a request, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to directly confirm with us that you provided the authorized agent permission to submit the request.
There may be situations where we cannot grant your request regarding your privacy rights. In such a situation, we will explain our reasoning to you and will honor your right to appeal where applicable.
If you exercise your rights in accordance with applicable data protection laws, we process the personal data transmitted for the purpose of exercising these rights by us and to be able to provide proof of this. We will only process data stored for the purpose of providing and preparing information for this purpose and for the purposes of data protection monitoring and will otherwise restrict processing.
Your Controls and Choices regarding Marketing Messaging
We may use the email address you provide when registering for our products, webinars or other services to inform you about our own similar products and services. You can object to this at any time. You can control how and when you want to receive marketing messaging, for example emails, from Blinkist by clicking on the “unsubscribe” link located at the bottom of our email communications to you, or by sending an email to [email protected]. Please note that this will not affect your receipt of administrative emails (for example, emails about your account, transactions, or policy changes) for your registered account, and further, that the lawfulness of the processing that was done before will not be affected.
How to Contact Us
If you have any questions about how we process your information, you can contact us at:
Blinks Labs GmbH
Sonnenallee 223
12059 Berlin
Germany
Email: [email protected]
You can reach our data protection officer using the following contact details:
Email: [email protected]
Herting Oberbeck Datenschutz GmbH
https://www.datenschutzkanzlei.de.
Contacting Supervisory Authorities
If you would like to lodge a complaint against us, you may contact your local privacy regulator. You can make a complaint, for example, to:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Telephone: +49 30 13889-0
E-Mail: [email protected]
You may also complain to another competent supervisory authority. If you have trouble locating a competent authority, please contact our privacy office at [email protected] and they will help you contact the appropriate enforcement agency.
Relationship-Specific Details
You can find more Relationship-Specific Details here.
This policy was last updated on: January 24, 2025