Privacy Policy
Last updated: February 2025
1. Data Controller
Hubble Media Intelligence ("Hubble", "we", "us") is the data controller for the processing of personal data described in this policy.
Uppercase ASOslo, Norway
privacy@hubble.no
2. What Personal Data We Collect
We may collect and process the following categories of personal data:
- Account information — name, email address, and organisation when you register or are invited to the platform.
- Usage data — pages visited, features used, timestamps, and device/browser metadata collected through server logs and analytics.
- Communication data — content of messages you send us via email or contact forms.
- Cookies and similar technologies — see Section 8 below.
3. Purpose and Legal Basis
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Provide and maintain the service | Performance of contract (Art. 6(1)(b)) |
| Improve and develop features | Legitimate interest (Art. 6(1)(f)) |
| Send service-related notifications | Performance of contract (Art. 6(1)(b)) |
| Respond to enquiries and support requests | Legitimate interest (Art. 6(1)(f)) |
| Comply with legal obligations | Legal obligation (Art. 6(1)(c)) |
4. Data Sharing and Transfers
We do not sell personal data. We may share data with the following categories of recipients, each bound by data processing agreements where required:
- Infrastructure and hosting providers (EU/EEA-based where feasible)
- Analytics services
- Professional advisors (legal, audit)
If personal data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place in accordance with Chapter V of the GDPR, such as Standard Contractual Clauses (SCCs).
5. Retention
We retain personal data only as long as necessary for the purposes described above, or as required by law. Account data is deleted within 90 days of account closure. Usage data is anonymised or deleted after 24 months.
6. Your Rights
Under the GDPR you have the right to:
- Access the personal data we hold about you (Art. 15)
- Rectify inaccurate or incomplete data (Art. 16)
- Erase your data ("right to be forgotten") (Art. 17)
- Restrict processing (Art. 18)
- Data portability (Art. 20)
- Object to processing based on legitimate interest (Art. 21)
- Withdraw consent at any time, where consent is the legal basis (Art. 7(3))
To exercise any of these rights, contact us at privacy@hubble.no. We will respond within 30 days.
7. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority. In Norway, this is the Norwegian Data Protection Authority (Datatilsynet).
8. Cookies
We use strictly necessary cookies to operate the platform (e.g. session authentication). We do not use third-party tracking or advertising cookies. If we introduce optional cookies in the future, we will request your consent before setting them.
9. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit (TLS), access controls, and regular security reviews.
10. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via the platform or email. Continued use of the service after changes constitutes acceptance of the updated policy.