This policy describes how Blinks Labs GmbH (“Loomi”, “we”, “us”) collects, receives, processes, uses, discloses, or shares your information. When you use our sites, products, or services or otherwise form a relationship with us, we may obtain data from you and the devices you are using to do so.
This policy is designed to provide transparency into our privacy practices and principles in a format you can navigate, read, and understand easily.
We commit to treating your personal information with care and respect and encourage you to contact us using the methods provided below should you have any questions or concerns about the use of your information.
This Policy describes the processing of personal information provided or collected on our sites, applications, products or services. First, we will describe some general facts about our data processing activities. Later on, you’ll find some detailed information regarding relation-specific data processing activities.
If you provide information to us on a third-party site or platform, the information you provide may be separately collected by the third-party site or platform. That third-party site or platform’s privacy practices will govern the use of your information. Choices you make on that third-party platform will not apply to our use of the information we have collected through our sites, products, or services.
We acknowledge our obligations to all recipients of our products and services, including visitors to our website, our registered users and administrators of our products and services on behalf of our customers to collect, manage, process, and use their personal information (“Personal Data”) in accordance with the laws and regulations of each of the countries in which we operate.
With the term ‘applicable data protection law’ (or ‘applicable law’) we mean any data protection law that is applicable at your location, e.g. the GDPR when you are located in the EU/EEA. Any reference to the ‘GDPR’ means the European General Data Protection Regulation but also implicitly includes the corresponding regulation of the United Kingdom, in which the European GDPR has been implemented into national law (UK GDPR).
Loomi may collect or process the categories of Personal Data that are identified below. We generally collect the information listed below to secure, improve, and provide our services to our customers.
Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
Customer records information such as a name, credit card number, debit card number, or other payment information, or information about a purchased subscription.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with an internet website application, or advertisement.
Geolocation data.
Education information.
Inferences drawn from any of the information identified in this subdivision to reflect your preferences, characteristics, behavior, attitudes, abilities, and aptitudes.
The sources from which Personal Data may have been collected or processed are the following: information that you provided to us, online tracking technologies, automatic data collection technologies, social media platforms and networks, business partners, service providers etc. The purpose of such collection or processing include: providing our products and services, evaluation of your user behavior for test and product development purposes, communicating with you, administering programs, security and fraud prevention, legal obligations, core business functions, marketing and promotional purposes (which may include targeted advertising), analytics and personalization etc. Further details can be found in the relationship-specific details below.
In the process of providing services to you and to operate economically as a company, we use various external companies to which we may disclose your Personal Data. Such groups of recipients include:
Hosting provider: We do not operate our own servers but engage certified service providers to host our website and services as well as other IT systems like the CRM system.
IT service provider and SaaS provider: We use the services of various service providers who help us to provide you with our services.
Advertising and marketing service provider: We want to provide our customers with an attractive product and convince more customers to choose us. To this end, we engage advertising and marketing service providers.
Public Authorities: To comply with legal requirements or to respond to court orders or similar official requests, we may transfer Personal Data.
Payment provider: In order to process payments, we pass on your Personal Data to payment providers and banks that process your data as controllers and/or processors.
Other recipients: We may also transfer your Personal Data to organizations such as postal and delivery services, our bank, tax consultants/auditors or the tax authorities, as well as to service providers for the destruction of data.
We carefully select our service providers and business partners, especially with regard to the suitability of the technical and organizational measures taken by them. In each case, we take all reasonable measures to ensure that your Personal Data is protected (such as appropriate data processing agreements).
We may also disclose your Personal Data to service providers and third parties when necessary to comply with laws and regulations; respond to subpoenas and court orders; exercise our legal rights or defend against legal claims; investigate, prevent, or take action regarding illegal activities, suspected fraud, potential threats to our property or the physical safety of any person, or violations of our usage instructions and applicable terms and conditions; facilitate the financing or insuring of our business or a disposition of all or part of our business or assets, or as otherwise permitted or required by law. We may disclose anonymized or aggregated data at our discretion, in accordance with applicable laws.
If you post your information or content to our online forums or media sites (for example, on our Instagram account), this information is public on the internet. We are unable to prevent or control further use of this information and refer you to the third-party sites’ privacy policies and terms of use to learn more about their privacy practices.
We share Personal Data with service providers for legitimate business purposes or based on your consent. We provide further information if and how Personal Data is shared within the relationship-specific details below.
Unless otherwise stated in the following information, we only store the data for as long as is necessary to achieve the purpose of processing or to fulfil our contractual or legal obligations. Such statutory retention obligations may arise in particular from commercial or tax law regulations. From the end of the calendar year in which the data was collected, we will retain such Personal Data contained in our accounting data for ten years and retain Personal Data contained in commercial letters and contracts for six years. In addition, we will retain data in connection with consents requiring proof and with complaints and claims for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to the processing for this purpose.
Our services are not intended for children. We do not knowingly collect information via our sites, products, and services from children. If you use our Services, you represent that you are at least the age of majority under the laws of the jurisdiction of your place of residence, or that, if possible, your legal representatives have provided their consent to use our services.
If you believe your child has provided us with personal information, please alert us at support@getloomi.app. If we learn that we have collected personal information from a minor without their legal representatives’ consent, we will promptly take appropriate steps to delete such information and terminate the minor’s account.
We use Cookies and similar technologies on our website and in the provision of our services. Cookies are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us, for example, how and when pages and features in our services are visited and by how many people. More information about how we use these technologies can be found in our Cookie Consent Manager, which can be accessed via the footer of our website. There you will also find a list of other companies that place cookies on our websites, a list of cookies that we place and an explanation of how you can refuse certain types of cookies.
You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features. We recommend you keep cookies activated.
Since we are a globally operating company, we store and process your Personal Data in different locations worldwide. Therefore, our data processing activities may involve the transfer of your Personal Data to “third countries”, i.e. countries that may not provide the same level of data protection for your personal data (especially where the GDPR is not applicable law). Such a transfer is permissible if the European Commission or the UK government (as applicable) has determined that an adequate level of data protection is provided in the relevant third country. Please find a list of the European Commission’s adequacy decisions here. Information regarding UK adequacy decisions can be found here.
If such an adequacy decision of the European Commission or the UK government (as applicable) does not exist, a transfer of your Personal Data to a third country will only take place if appropriate safeguards exist (Art. 46 et seq. GDPR), or if one of the conditions listed in Art. 49 GDPR is met.
Unless an adequacy decision is in place, we use the EU Standard Contractual Clauses (EU SCCs) or the Standard Data Protection Clauses approved by UK’s supervisory authority (UK SCCs) as appropriate safeguards for the transfer of Personal Data to third countries that fall outside the scope of the GDPR. You have the option of receiving or viewing a copy of these EU or UK SCCs. Please contact us at the address given under “How to Contact Us”.
In exceptional circumstances, if there is no adequacy decision for a third country or other appropriate safeguard in place, if you consent to the transfer of Personal Data to third countries, any such transfer will take place on that legal basis (e.g. Art. 49 (1) (a) GDPR).
If you are a resident of certain states or countries, you have the right to exercise your data subject rights against us. You have the following rights within the framework of the data protection laws applicable to you:
Right to be informed about the way your Personal Data is processed and get access to your Personal Data;
Right to request that we rectify your Personal Data;
Right to request deletion of your Personal Data;
Right to request the restriction of the processing of your Personal Data;
Right to receive the Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller (right to data portability);
Right to withdraw your consent at any time if you have given us separate consent to data processing activities; such a withdrawal does not affect the legality of the processing that was carried out on the basis of consent until withdrawal;
Right to opt-out from certain types of processing (e.g., targeted advertising, the sale of Personal Data, limiting the use and disclosure of sensitive information, and profiling, as defined by the applicable data protection laws).
If, and to the extent that, we process your Personal Data on the basis of a legitimate interest, in particular if we pursue our legitimate interest to conduct direct marketing or to apply profiling in connection with direct marketing, you have the right to object to such use of your Personal Data at any time. If you object to the processing of your Personal Data for direct marketing purposes, we will promptly stop processing your Personal Data for these purposes. In all other cases, we will carefully consider your objection and stop further use of the information in question, subject to compelling reasons for further processing that may take precedence over your interest in objecting, or if we need to use the information for the justification, exercise or defense of legal claims.
If you choose to exercise any of these options, we will not discriminate against you for making that decision.
You can exercise your privacy rights by contacting us at support@getloomi.app. When we receive a request to exercise a privacy right, we will review information we have collected about you (if any) with identifying information you may have provided us (such as a login, email address, mailing address, or transaction or order number) to authenticate your identity. If you use an authorized agent to submit a request, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to directly confirm with us that you provided the authorized agent permission to submit the request.
There may be situations where we cannot grant your request regarding your privacy rights. In such a situation, we will explain our reasoning to you and will honor your right to appeal where applicable.
If you exercise your rights in accordance with applicable data protection laws, we process the personal data transmitted for the purpose of exercising these rights by us and to be able to provide proof of this. We will only process data stored for the purpose of providing and preparing information for this purpose and for the purposes of data protection monitoring and will otherwise restrict processing.
We may use the email address you provide when registering for our products or services to inform you about our own similar products and services. You can object to this at any time. You can control how and when you want to receive marketing messaging, for example emails, from Loomi by clicking on the “unsubscribe” link located at the bottom of our email communications to you, or by sending an email to support@getloomi.app. Please note that this will not affect your receipt of administrative emails (for example, emails about your account, transactions, or policy changes) for your registered account, and further, that the lawfulness of the processing that was done before will not be affected.
If you have any questions about how we process your information, you can contact us at:
Blinks Labs GmbH
Sonnenallee 223
12059 Berlin
Germany
Email: support@getloomi.app
You can reach our data protection officer using the following contact details:
Email: dataprotectionofficer@getloomi.app
Herting Oberbeck Datenschutz GmbH
https://www.datenschutzkanzlei.de.
If you would like to lodge a complaint against us, you may contact your local privacy regulator. You can make a complaint, for example, to:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Telephone: +49 30 13889-0
E-Mail: mailbox@datenschutz-berlin.de
You may also complain to another competent supervisory authority. If you have trouble locating a competent authority, please contact our privacy office at support@getloomi.app and they will help you contact the appropriate enforcement agency.
If you visit our website without registering, we process your Personal Data as follows.
Which data do we process? | For what purposes do we use the collected data? | Legal basis for data processing |
Pseudonymous information about the device and browser you are using, server log files, your network connection and your IP address. |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to provide you with a secure, user-friendly and informative website. |
Information about your behaviour on the website. This includes the IP address and user IDs, some of which are assigned by third-party providers. |
| Art. 6 para. 1 lit. a GDPR |
We share the above-mentioned information with service providers for a business purpose or based on your consent. If, and to the extent that, we process your Personal Data on the basis of a legitimate interest you have the right to object to such use of your Personal Data at any time. To object, please contact us at support@getloomi.app.
If, and to the extent that, we process your Personal Data on the basis of consent, you have the right to withdraw consent at any time. You can manage your Cookie preferences in our Cookie Consent Manager, which can be accessed via the footer of every website and in the app. In other cases or if you need help with your Cookie preferences, please contact us at support@getloomi.app.
If you use our services via our website or the mobile app (together, the “Platform”), we process your Personal Data as follows.
Which data do we process? | For what purposes do we use the collected data? | Legal basis for data processing |
Data about you that you provide when you register, such as your name, your e-mail address, information about your interests and learning goals as well as payment information. |
| Art. 6 para. 1 lit. b GDPR |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to provide you with important information regarding our Platform or your account as well as updates regarding the Loomi services. | |
| Art. 6 para. 1 lit. a GDPR | |
| Art. 6 para. 1 lit. c GDPR | |
Data about you that you provide when using our Platform. This includes information about which lessons you have completed. |
| Art. 6 para. 1 lit. b GDPR |
Pseudonymous information about the device and browser you are using, server log files, your network connection and your IP address. |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to provide you with a secure, user-friendly and informative Platform. |
Information about your behaviour on the Platform. This includes the IP address and user IDs, some of which are assigned by third-party providers. |
| Art. 6 para. 1 lit. a GDPR |
Feedback and information you provide in the course of surveys. |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to collect user feedback in order to continuously improve our products and services. |
We may share your Personal Data with service providers for a legitimate business purpose.
If, and to the extent that, we process your Personal Data on the basis of a legitimate interest you have the right to object to such use of your Personal Data at any time. To object, please contact us at support@getloomi.app.
If, and to the extent that, we process your Personal Data on the basis of consent, you have the right to withdraw your consent at any time. You can manage your mailing preferences in your account and withdraw your consent regarding email marketing. In other cases, please contact us at support@getloomi.app.
We may contact you to ask for your participation as a test user for new products and services. In the course of this and if you participate in tests, we process your Personal Data as follows.
Which data do we process? | For what purposes do we use the collected data? | Legal basis for data processing |
Contact information that were collected during the registration to our services. |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to choose and contact suitable users for testing new products and services in order to continuously improve and extend our product portfolio. |
Data about you that you provide in the course of testing the new product or service. These information vary depending on the scope of the product test and the product/service tested. |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to carry out the tests and analyse the results in order to gain insights into the use, functionality and user-friendliness of the new product/service as well as provide user support. |
Information about your behaviour within the new product/service during the test. This includes the IP address and user IDs, some of which are assigned by third-party providers. |
| Art. 6 para. 1 lit. a GDPR |
Regarding the processing of your Personal Data in the course of using our products and services outside of tests, please see the information above (“End Users of the Loomi Service").
We may share your Personal Data with service providers for a legitimate business purpose, or if you provided consent.
If, and to the extent that, we process your Personal Data on the basis of a legitimate interest you have the right to object to such use of your Personal Data at any time. To object, please contact us at support@getloomi.app.
If, and to the extent that, we process your Personal Data on the basis of consent, you have the right to withdraw your consent at any time. You can manage your Cookie preferences in our Cookie Consent Manager, which can be accessed via the footer of every website and in the app. In other cases, please contact us at support@getloomi.app.
If you are a contact person of one of our service providers, suppliers or other business partners or if you are interested to establish a business relationship with us, we process your Personal Data as follows:
Which data do we process? | For what purposes do we use the collected data? | Legal basis for data processing |
Data that you provide to us about yourself and the company in which you work, such as your name, e-mail address and telephone number. |
| Art. 6 para. 1 lit. f GDPR Our legitimate interest is to establish new business relationships and fulfil our contract with the company you are working for.
|
We may share your Personal Data with service providers and other companies within the group of companies for a legitimate business purpose, or if you provided consent.
If, and to the extent that, we process your Personal Data on the basis of a legitimate interest you have the right to object to such use of your Personal Data at any time. To object, please contact us at support@getloomi.app.
We operate company presences on various social media platforms. These give you the opportunity to find out about our company and get in touch with us. In this context, data processing takes place for which we process personal data either jointly with the social media provider or under our sole responsibility.
Some data processing also takes place under the sole responsibility of the social media provider. We have no influence on such data processing.
The following overview provides information about the respective data processing and responsibilities.
Controller | Data Processing | Further Information |
Social media provider | When you visit our social media pages (Facebook, Instagram, TikTok, X), which we use to present our company or individual products and services from our range, certain information about you is processed. | Facebook und Instagram:
TikTok: Privacy Policy of TikTok Technology Limited |
Social media provider and Loomi (Joint Controller) | Most social media providers deliver statistics and insights for our pages in anonymised form, which help us to gain knowledge about the types of actions that people take on our site (so-called "page insights"). These page insights are created on the basis of certain information about people who have visited our site. | Facebook and Instagram:
TikTok
|
Loomi | We process information that you have made available to us via our social media page on the respective social media platform. Such information may include the username used, contact details or a message to us. | Purpose of data processing: Support, communication and replying to requests. Legal basis: Art. 6 para. 1 lit. f GDPR Our legitimate interest is to provide you with a user-friendly way to contact us via different channels, process your requests and give you an answer. |
When visiting our social media pages, your Personal Data may be shared with service providers and other companies within the group of companies for a legitimate business purpose, or if you provided consent.
If, and to the extent that, we process your Personal Data on the basis of a legitimate interest you have the right to object to such use of your Personal Data at any time. To object, please contact us at support@getloomi.app.
If you subscribe to one of our email newsletters, we process your Personal Data as follows:
Which data do we process? | For what purposes do we use the collected data? | Legal basis for data processing |
Email address and name that you provide to us when registering for our newsletter. |
| Art. 6 para. 1 lit. a GDPR |
We may share your Personal Data with service providers and other companies within the group of companies for a legitimate business purpose, or if you provided consent.
If, and to the extent that, we process your Personal Data on the basis of consent, you have the right to withdraw your consent at any time. To object or withdraw consent, please contact us at support@getloomi.app.
This Privacy Policy and Notice was last updated on: May 20, 2025
Privacy Police and Notice:
© Loomi 2025 | Price | Terms | Privacy | Legal | Help Center | Manage Cookies