BlaBla Connect Limited (‘BlaBla’) is committed to protecting and respecting your privacy. This Privacy Policy together with our Terms and Conditions apply to your use of our BlaBla Connect product and the services accessible through our app and website.
BlaBla wants you to communicate with your family and friends in a privacy-safe environment. It is important to us that you can trust us with your information when you use our services. Note that our services are not intended for children. Please take a few minutes to read this Privacy Policy to understand what information we collect, what we do with it and why.
We have layered this privacy policy so that you can find the details you need as quickly and easily as possible.
Our privacy policy gets updated from time to time. Whenever we make a change, we will post an update and inform you if there is a material change.
We are BlaBla Connect Limited (‘BlaBla’), with registered office at 60 Cannon Street, London EC4N 6NP, England. We offer wireless telecommunications services to our customers, namely, calling services whether local or international, minicalls which are short recorded voice messages, chatting and file sharing, international airtime top up facilities and balance transfers.
We were founded in 2012 and were mainly operating in the Middle Eastern market. We are now expanding our reach worldwide.
In this privacy policy, ‘we/us’ means BlaBla, entity responsible for processing your personal information and ‘third party’ means someone who is not you or us.
Your opinion matters to us – if you have any questions about compliance, this privacy policy or your rights, please submit your query to our Privacy Team at dataprivacy@blablaconnect.com and a member of the team will respond to you.
If you have any other general questions about our services or products, please submit your query to our Customer Services Team at support@blablaconnect.com and a member of the team will respond to you.
We will collect information about you and this will depend on the services you use and subscribe to.
When you download our app, information may be accessed from or stored on your device to allow the app to operate and function.
We may also collect additional information in other ways, such as, through your contact with the Customer Support Department, results of surveys and when you interact with us via social media.
The specific types of information we may have are as follows and we have grouped them in relation to each service type:
Profile Data includes your nickname, phone number, email address, your age, your profile picture and your status.
Friend’s Contact Data includes your friend’s phone number found in your mobile address book.
Contact Data includes your nickname, mobile contact number, the number of the person being called and their nickname.
Usage Data includes information about how you use our products and services, such as traffic data which is time, duration and status of the call, and IP address.
Contact Data includes your nickname, mobile contact number and the number of the person being called and their nickname.
Usage Data includes information about how you use our products and services, such as traffic data which is time, duration and status of the call, and IP address.
Contact Data includes your nickname, mobile contact number and the number of the person being called and their nickname.
Usage Data includes information about how you use our products and services, such as traffic data which is time, duration and status of the minicalls, minicall recordings, messages and files shared; their encrypted content and history; file size and IP address.
Contact Data includes your nickname, mobile contact number and the receiver’s number and nickname.
Usage Data includes information such as the time and date of the top up, name and type of product bought, name of supplier, local currency, value purchased, and the purchase history.
Contact Data includes your nickname, mobile contact number and the receiver’s number and nickname.
Usage Data includes information such as the time, date, amount of the balance you transfer and your transfer history.
Other common datasets processed are as follows:
Technical Data includes internet protocol (IP) address, device information, such as device type and serial number, advertising ID, browser type and version, device operating system version, language, browsing patterns and user activity.
Billing Data includes your pre-payment details, such as your payment history, the amounts and payment dates.
Marketing and Communications Data includes your marketing preferences in receiving marketing messages from BlaBla, your preferences for particular products or services, when you tell us what they are, or we assume it, based on how you use our products and services.
Customer Care Data includes your feedback to us, survey related information and our communication logs.
Aggregated Data includes data that could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
Information generated by automated technologies or interactions includes automatically collected Technical Data about your device, browsing patterns and actions as you interact with the app. We may collect this information by using cookies. Please see our Cookie Policy for further details.
Also, when you download our app, it will set out the preferences it requires to operate, some of which you may be able to opt out of in some cases.
Where we need to collect personal data by law, such as your age, and you fail to provide that data when requested, we may not be able to provide you with the services. We may also have to cancel a service you have with us but we will notify you if this is the case at the time.
We will only use your personal data when the law allows us to, most commonly, in the following circumstances:
We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate. Note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.
Purpose
Type of data involved
Lawful basis for processing including basis of legitimate interest
To provide the services to you including:
When you opt for finding friends automatically on BlaBla Connect App
To manage our relationship with you which will include:
To market our products and services to you To complete a survey (promotional)
Marketing
You can control your marketing permissions at any time. See “Right to withdraw your consent” within the ‘Your rights’ section of this privacy policy. Advertising
If you don’t want any information processed through the use of cookies, check our Cookies Policy and Cookie settings section. It explains how to control and opt out of cookies.
To improve our products and services including:
To administer and improve the operation of our website and app
Where applicable, we may have to share information about you with:
If we are reorganised or sold to another organisation, we will provide your information to that organisation.
Where applicable, we require all external third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
If you live in the EEA, you must be at least 16 years old to use our services. Our services are not intended for children under the age of 16. We do not knowingly collect personal information via the services from anyone under 16.
If you are under the age of 16, we request that you do not provide us with your information and do not use our services.
If you are a parent or guardian of a child under 16, please contact us at dataprivacy@blablaconnect.com in case you become aware that your child has used our services or otherwise provided their information to us without your consent. We will delete or otherwise cease processing your child’s personal information within a reasonable time to make sure that we do not contact your child in the future.
The EEA consists of countries in the European Union, Switzerland, Iceland, Liechtenstein and Norway: they are considered to have equivalent laws when it comes to data protection and privacy while non-EEA countries (except for those deemed adequate by the European Commission) do not provide appropriate safeguards for data protection.
The company affiliated to BlaBla is based outside the EEA in Cairo, Egypt so their processing of your personal data will involve a transfer of data outside the EEA. Additionally, the main establishment of our company is located in the UK.
As you know the UK has left the EU now and there is a transition period until the end of 2020. During the transition period, the GDPR will continue to apply in the UK and no changes are envisaged.
The categories of receivers in Cairo are the customer support and technical support departments. Our customer support department assists with customer complaints while our technical support is responsible for maintaining the backend servers and resolving faults and issues.
Our management team is located in Cairo and in the UK, we have our compliance team.
We ensure that processing of personal data is based on a need-to-know basis only and only relevant departments and functions will have access to personal data.
Additionally, some of our service providers we use for providing us with services are located in EU, UAE Dubai, UK, USA, Canada and India.
We take measures to ensure that your information is properly protected.
Where we intend to engage with our affiliated companies and third parties based in the non-EEA countries, we either enter into legal agreements that reflect high data protection standards approved by EEA authorities and the European Commission, such as Standard Contractual Clauses, or we will engage with those third parties which adhere to the EU – US Privacy Shield certification requirements and/or are located in the countries which provide an officially approved adequate level of protection for personal data.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal requirements.
Details of retention periods for different aspects of your personal data are set in our Data Protection Policy.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for statistical purposes in which case, we may use this information indefinitely without further notice to you.
We have a dedicated function (Head of Information Security) who constantly reviews and improves our measures to protect your personal information.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. All the measures are documented in a single document known as the IT Security Policy which includes BlaBla’s practices on acceptable encryption, information security review and audit, network security, data retention, arching and destruction. Our app uses industry approved protection tools (encryption, passwords) to protect your personal information against unauthorized access or disclosure.
In addition, we limit access to your personal data to those staff members or other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a strict duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and relevant supervisory authority of a breach where we are legally required to do so.
Under certain circumstances and where applicable, you can exercise your rights under data protection laws in relation to your personal data which are as follows:
Note, however, that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
You can opt out by doing the following:
Note that your opt out does not mean that you won’t receive any service-related messages. You will still continue to receive those (unless we have indicated otherwise).
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to the relevant data protection supervisory authority.
We would, however, appreciate the chance to deal with your concerns first before you approach the supervisory authority, so please do contact us in the first instance
