Privacy Policy

BabyArk Privacy Policy

(Last Updated: December 23)

Babyark Ltd. (“Company”, “we”, “our” or “us”) has developed the first digital smart car seat (the "Smart Seat"), engineered with military-grade technology and seamlessly integrated with the innovative Babyark platform (the "Platform"). We also operate the website https://babyark.com and any subdomains and related features (“Website(s)”, and together with the Platform and Smart Seat, the “Services”). We are dedicated to protecting your privacy rights and making our practices regarding your personal data more transparent and fair. This Privacy Policy (“Policy”) was designed to help you better understand the information we collect, store, use and share, and it applies whenever you visit our Website, use our Smart Seat and Platform, or otherwise access or use any of our Services.

 

We strongly urge you to read this Policy and make sure that you fully understand and agree to it. If you do not agree to this Policy, please discontinue and avoid using our Services. You have the right to cease using our Services, pursuant to this Policy at any time.

 

You are not legally required to provide us with any Personal Data, but without it we will not be able to provide you with the full range or with the best experience of using our Services.

 

This Policy is integrated into and forms part of BabyArk's Terms & Conditions which are currently available here.

 

TYPES OF DATA COLLECTED, PURPOSES AND LAWFUL BASES:

Depending on your interaction with us, we may collect two types of data from you:

 

“Non-Personal Data” meaning aggregated, non-personal non-identifiable information, which may be made available or gathered via your access to and use of the Services. We are not aware of the identity of the user from which the Non-Personal Data is collected. Such Non-Personal Data may include aggregated usage information and technical information transmitted by your device, such as browser version, operating system type and version, mobile network information, device settings, and software data.

 

“Personal Data” or “Personal Information” (as these terms are defined under the applicable privacy laws) meaning individually identifiable information, namely information that identifies an individual or may, with reasonable effort, be used to identify an individual.

 

For the avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.

 

The table below details the types of Personal Data we collect, the methods and purpose of such collection, and our lawful basis for processing such Personal Data (where the GDPR applies):

 

DATA TYPE

METHODS AND PURPOSE

LAWFUL BASIS

Contact Information:

During the checkout you will be required to provide us with your contact information such as your full name, email address, phone number, and shipping address.

 

Additionally, If you voluntarily contact us, through any means of communications we make available for support or other general inquiries you will be required to provide us with certain information such as your name, your organization name (i.e., on behalf of which you contact us), email address, and any additional information you decide to share with us

 

(“Contact Information”)

We use and process Contact information to provide you with the Safety Seat you have purchased.

 

Further, we process Contact Information to respond to your inquiry, and provide you with the support, materials and information you have requested.


The correspondence and its contents with you may be processed and stored by us in order to improve our customer service and in the event we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable).

We process Contact Information subject to your consent and fulfilling our contractual obligations to you. Further processing may be subject to our legitimate interest, for example for internal documentation and improvement of service purposes.

Payment Information:

We collect you billing address and payment details at checkout ("Payment Information").

Payment Information is processed by our third-party partners. We do not store or process any of your Payment Information.

The collection of Payment Information is essential for fulfilling our contractual obligations to you and delivering the Smart Seat you have purchased.

Order Information:

We keep your order information and any refund or return history ("Order Information")

We use Order Information solely to ensure you received the order or refund and for legal obligations such as financial bookkeeping.

We Collect Order Information in order to fulfill our contractual obligations to you.

Account Information:

when you register an account with our Platform (including any subsequent login to that account), contact us with inquiries, when you sign-up to receive e-mail updates and newsletters, or registering to receive our Services you may provide us Personal Data voluntarily, such as your name, e-mail address, Smart Seat ID and your bio description. ("Account Information")

 

We use the Account information provided to create your account, enable the Services, and to authenticate and verify your identity. Further, we may use such information to ensure that you are your child’s parent or legal guardian

Our lawful basis for the collection and processing of Account information is the performance of our contract with you. We rely on our legitimate interest where we use your phone number in order to authenticate and verify your identity, as well as to make sure you do not already have an account, including sending you a verification code once you sign up, as well as to send our users operational notifications, including push notification through the Platform.

 

Further, we will use Account Information in order to comply with our legal obligations, where we are required under applicable laws to ensure that you are the child’s parent to obtain your verified consent to process your Child Information.

Child Information:

When you use our Platform, you can create user profiles, including child profiles. The child profile is associated with the child's Safety Seat and includes the child's name, birth date, weight and photograph ("Child Information").

We use Child Information to provide your overall experience, ensuring access to all features available on our Platform and Safety Seat.

 

 

Job Application:

In the event you apply for a position posted on our Websites and submit your CV we will process the information included in the CV and the application form, including name, email address and phone number, employment history and education. Also, where allowed or required by law, we may process diversity and inclusion data regarding your candidacy such as ethnicity, gender, or any disability.

 

In addition, we may collect further information from public and online sources, referees, and former employers and combine such data with your other data (“Candidate Information”).

We will use Candidate Information to process your job application and for recruitment purposes.

Further, we may process Candidate Information in order to comply with corporate governance, legal and regulatory requirements (including the retention of such information).

 

We process Candidate Information subject to your consent. We may also process it under our legitimate interest, which is performing a proper recruitment process for our candidates, record keeping and protection from potential legal claims.

 

If we process Special Categories of Personal Data to ensure diversity, we will do so upon your explicit consent, which you may withdraw at any time by contacting us.

 

Geolocation Information:

When you use our Services, we process your approximate geographical location. The Geographical Location Information includes, duration of the drive, start point and end point, etc. (“Geolocation Information”).

We use Geolocation Information to provide the Services and to provide the insights and status of your use of the Platform.

Our lawful basis for the collection and processing of Geolocation Information is the performance of our contract with you.

Website Interaction and Marketing:
When you interact with our Website, we may collect your online identifiers, such as Internet Protocol (IP) address and Cookie ID, unique identifiers (“Online Identifiers”).

Online Identifiers are used in particular to operate the Website and enable its proper functionality, for example to automatically recognize you by the next time you enter the Website or to confirm you are a real person.

Our Services and some of our service providers utilize “cookies”, anonymous identifiers and other tracking technologies which help us provide and improve our Services, personalize your experience and monitor the performance of our activities. Strictly necessary cookies are cookies required for the proper and basic operation of the Website, and does not required your consent. Other cookies, will be implemented subject to  your consent which we will obtain through our cookie notice and consent mechanism ("CMP").

 

For additional information and to exercise your options with respect to our use of cookies, please refer to our CMP and Cookies Policy.

Legal Matters

 

We may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services, to enforce our legal terms and conditions, to protect the security or integrity of our databases, and to take precautions against legal liability.

Such processing is based on our legitimate interests, which in this case are protecting our Services and data, exercising our legal rights, and complying with our legal obligations. 

 

Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. The transfer of Personal Data to third party countries as further detailed in the Data Transfer Section is based on the same lawful basis as stipulated in the table above. 

 

We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services, as detailed above.

 

HOW WE COLLECT YOUR INFORMATION: 

  • Automatically, when you interact with our Services, including through the use of cookies (as detailed below) and similar tracking technologies.
  • When you voluntarilychoose to provide us with information, such as when you contact us, all as detailed in this Policy.

 

DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH:

We share your Personal Data with third parties, including our service providers that help us maintain our Services.  More information about the categories of such third-party recipients is described below:

 

CATEGORY OF RECIPIENT

DATA THAT WILL BE SHARED

PURPOSE OF SHARING

Service Providers and Business Partners

All types of Personal Data

We may engage selected third-party companies and individuals to perform services complementary to our own (hosting services, data analytics services, data and cyber security services, fraud detection and prevention services, payment processing services, user engagement services, e-mail distribution and monitoring services, and our business, legal, financial and compliance advisors) (collectively, "Service Providers").

Consent Manager (CMP)

Online Identifiers and the user’s preference.

When you browse our Website for the first time, depending on your location, a CMP will appear, where you will be able to choose if you allow us and our partners to implement tracking technologies, and where applicable, to share Personal Data (e.g., Online Identifiers) with third parties for one or all of the aforesaid purposes (“Preference”). These Preference are different depending on your jurisdiction. The CMP receives the Online Identifiers from us.

Any acquirer of our business

All types of Personal Data

We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.

Legal and law enforcement
 

Subject to law enforcement authority request.

We may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to child safety, terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.

Subsidiaries and affiliated companies ("BabyArk Group Companies")

All types of Personal Data

We may share Personal Data with BabyArk Group Companies in order to administer, manage and maintain our Services.


We reserve the right to use, disclose or transfer (for business purposes or otherwise) aggregated and processed Non-Personal Data to third parties, including, inter alia, affiliates, for various purposes including commercial use. This information may be collected, processed and analyzed by us and transferred in a combined, collectively and aggregated manner (i.e., your information is immediately aggregated with other users) to third parties.

When we share information with services providers, we ensure they only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the Data they receive and to use the Data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (such service providers may use other Non-Personal Data for their own benefit).

 

USER RIGHTS:

We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.

 

The following table describes all the rights you may be entitled to. Please note that some rights are only available for residents of specific jurisdictions:

 

  • Right of access: The right to know which Personal Data we collected, including the categories of Personal Data, the sources from which the Personal Data is collected, the business or commercial purpose for collecting, selling, or sharing Personal Data, the categories of third parties to whom we disclose Personal Data, and the specific pieces of Personal Data that we collected about you.
  • Right to deletion: The right to delete Personal Data that we collected from you, subject to certain exceptions.
  • Right to correction: The right to correct inaccurate Personal Data that we maintain about you.
  • Right to opt-out of cross-contextual targeted advertising: You have the right to opt-out of the sharing of your Personal Data for “cross-contextual behavioral advertising”, often referred to as “interest-based advertising” or “targeted advertising”.
  • Right to opt-out of the sale of Personal Data: The right to opt-out of the sale of your Personal Data, as these terms are defined under the applicable privacy laws.
  • Right to limit the use or disclosure of Sensitive Personal Information (SPI): You have the right to request to limit the collection of your Sensitive Personal Information (as this term is defined under the applicable privacy law), to that use which is necessary to maintain our Services.
  • Right to Opt-out from profiling in furtherance of decisions that produce legal or similarly significant effects concerning you: You have the right to request to opt-out from processing involving profiling, in furtherance of decisions that produce legal or similarly significant effects concerning you. "Profiling" means any form of automated processing performed on Personal Data to evaluate, analyze or predict personal aspects related to your economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
  • Right to opt-out of the use of automated decision making: Under certain circumstances, you have the right to opt-out of the use of automated decision making in relation to your Personal Data.
  • Right to non-discrimination: The right not to receive discriminatory treatment by the business for the exercise of privacy rights, including an employee’s, applicants, or independent contractor’s right not to be retaliated against for the exercise of their rights, denying a consumer goods or services, charging different prices or rates for goods or services, providing you a different level or quality of goods or services, etc. We may, however, charge different prices or rates, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to us by your Personal Data.
  • Right to data portability: You may request to receive a copy of your Personal Data, including specific pieces of Personal Data, including, where applicable, to obtain a copy of the Personal Data you provided to us in a portable format.
  • Right to restrict or object to processing: You have the right to object/withdraw consent to the processing of your Personal Data unless certain exceptions apply.

 

 

California

Colorado

Connecticut

Utah

Virginia

EU

Right of access

V

V

V

V

V

V

Right to deletion

V

V

V

V

V

V

Right correction

V

V

V

X

V

V

Right to opt-out of cross-contextual targeted advertising

V

V

V

V

V

X

Right to opt-out of the sale of Personal Data

V

V

V

V

V

X

Right to limit the use or disclosure of Sensitive Personal Information

V

X

X

X

X

X

Right to opt-out from profiling in furtherance of decisions the produce legal or similarly significant effects concerning you

X

X

V

X

V

X

Right to opt-out of the use of automated decision making

X

X

X

X

X

V

Right to non-discrimination

V

V

V

V

V

X

Right to data portability

V

V

V

V

V

V

Right to restrict or object to processing

X

X

X

X

X

V

 

In addition and to the extent COPPA applies, parents residing in the US have the right to review, request the deletion of, or refuse further collection of their child's Personal Data.  

 

Your rights may be exercised by contacting us via the contact details available below.

 

DATA RETENTION:

we retain the data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable laws, or until you express your preference to opt-out, where applicable.

 

The retention periods are determined according to the following criteria:

 

  • where we have a valid a business reason to process your Personal Data, such as the provision of our service.
  • where we are required to do so in accordance with legal, regulatory, tax, or accountingrequirements;
  • for us to have an accurate record of your dealings with us in the event of any complaints or challenges;
  • if we reasonably believe there is a prospect of litigation relating to your Personal Data.
  • when collecting Personal Data from a child under the age of 13, the retention period will never exceed what is necessary to fulfill the purpose for which it was collected. In no case will it extend beyond one year following your last use of our Platform.

 

Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so. However, retention periods will be determined by taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time and in a way that prevents the Data from being restored or reconstructed.

 

SECURITY MEASURES:

We work hard to protect the Personal Data we process from unauthorized access, alteration, disclosure, or destruction. We have implemented physical, technical, and administrative security measures that comply with applicable laws and industry standards, such as minimizing the amount of data that we store on our servers, restricting access to Personal Data by Company employees, contractors, agents, etc. Note that we cannot be held responsible for unauthorized or unintended access beyond our control, and we make no warranty that we will always be able to prevent such access.


Please contact us below if you feel that your privacy was not managed properly, or if you become aware of an attempt by a third party to gain unauthorized access to your Personal Data. We will make a reasonable effort to notify you and the relevant authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

 

INTERNATIONAL DATA TRANSFER:

We operate globally, and any information that we collect, disclose or share, including (but not limited to) your Personal Data, can be stored and processed in the European Economic Area, United Kingdom and United States, for the purposes detailed in this Policy. To the extent that the GDPR or UK GDPR are applicable, we will only transfer or share your Personal Data to data recipients:

  • located in the EEA or in the UK;
  • located in non-EEA countries or UK which have been approved as providing adequate level of data protection by the European Committee; or 
  • who have entered into a legal agreement ensuring an adequate level of data protection, including the Standard Contractual Clauses as approved by the European Committee.

 

US RELATED INFORMATION:

This part of the Policy addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (Cal. Civ. §§ 1798.100–1798.199), as amended by the California Privacy Rights Act of 2022, the California Consumer Privacy Act Regulations by the Attorney General (collectively: "CCPA"), the Virginia Consumers Data Protection Act of 2021 ("VCDPA"), the Colorado Privacy Act of 2023 ("CPA"), Connecticut Data Privacy Act of 2023 ("CTDPA"), the Utah Consumer Privacy Act of 2022 ("UCPA") and the Children's Online Privacy Protection Act ("COPPA") (Collectively: "US Privacy Laws").

 

Personal Information does not include: Publicly available information that is lawfully made available in government records; information that a consumer has made available to the public; De-identified or aggregated consumer information, and information excluded from US Privacy Laws such as Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA); clinical trial data, and any Personal Information covered by certain sector-specific privacy laws, such as the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) and the Driver’s Privacy Protection Act of 1994.


Collection, disclosure and sharing of Personal Information

In the preceding twelve (12) months, we have collected the following Personal Information:

 

Category A- Identifiers: a real name, unique personal identifier, online identifier, Internet Protocol address, email address.

 

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Category C- Geolocation data: approximate location derived from IP address or movements.

 

Category D- Commercial information: records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

 

Category E- Internet or other electronic network activity information: Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

 

Category G- Geolocation data: Physical location or movements.

 

Category H- Sensory data: Audio, electronic, visual, thermal, olfactory, or similar information.

 

Category I- Professional or employment-related information: Current or past job history or performance evaluations.

 

Category L-Sensitive Personal Information:

 

We collected such Personal Information from the following categories of sources:

  • Directly and indirectly from activity on our Services: For example, directly from you when you inquire about our Website, or indirectly, we collect your usage data automatically from measurement tools.
  • Directly from you: For example from forms you complete, contact us, and etc.
  • Indirectly from you:  we track your activities across the internet, for example, when you view or interact with certain content, web page or ad.
  • From third-parties: For example, from vendors who assist us in performing services for consumers, advertising networks, internet service providers, data analytics providers, social networks, and data brokers.

 

We may use the Personal Information collected for the following purposes:

  • To fulfill or meet the reason you provided the Personal Information (support, respond to a query, etc.)
  • To improve and provide our Services
  • To maintain our Website
  • For marketing our Services
  • For analyzing your use of the Services
  • To respond to law enforcement
  • To enforce our policies, to defend from claims or exercise our legal rights
  • Any other reason detailed in this Policy.

 

We will not collect additional categories of personal information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

 

.

 

In the preceding twelve (12) months we disclosed your Personal Information. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except the performance of the contract. We also prevent the recipient from selling or sharing your Personal Information.

 

In the preceding twelve (12) months, we disclosed the following categories of Personal Information for a business purpose:

  • Category A: Identifiers;
  • Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e));
  • Category D: Commercial information.

 

We disclose your Personal Information for a business purpose to the following categories of third parties: service providers (e.g., servers, payment processors, shipping, marketing, analytic, etc.) and business partners.

 

Authorized Agents

“Authorized agents” may submit opt out requests on a consumer’s behalf.

 

Special requirements under the CCPA: Under the CCPA, If you have elected to use an authorized agent, or if you are an authorized agent who would like to submit requests on behalf of a consumer, the following procedures will be required prior to acceptance of any requests by an authorized agent on behalf of a California consumer. Usually, we will accept requests from qualified third parties on behalf of other consumers, regardless of either the consumer or the authorized agent’s state of residence, provided that the third party successfully completes the following qualification procedures:

  • When a consumer uses an authorized agent to submit a request to know or a request to delete, a business may require that the consumer do the following:
    • Provide the authorized agent signed permission to do so or power of attorney.
    • Verify their own identity directly with the business.
    • Directly confirm with the business that they provided the authorized agent permission to submit the request.
  • We may deny a request from an authorized agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

 

Notice Of Financial Incentive
We do not offer financial incentives to consumers for providing Personal Information.

 

Requests Metrics

We publish metrics regarding the number of requests we have received, complied with (in whole or in part) or denied, and also the median or mean number of days in which we responded to such requests, in the previous year (these metrics are compiled annually and refer to the period between July 1st of the previous year to July 1st of the following year):

 

Request

Num. of Requests Received

Num. of Requests Complied with (and Whether In Whole or In Part)

Num. of Requests Denied

Mean or Median Number of Days for Response

Requests to delete

Requests to know

Requests to opt-out of selling/sharing

Requests to limit

 

 


 

ADDITIONAL DISCLOSURES FOR CALIFORNIA RESIDENTS:

Direct Marketing Requests: California Civil Code Section 1798.83 permits you, if you are a California resident, to request certain information regarding disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please use the Data Subject Request Form.

 

"Do Not Track" Settings: Cal. Bus. And Prof. Code Section 22575 also requires us to notify you how we deal with the “Do Not Track” settings in your browser. As of the effective date listed above, there is no commonly accepted response for Do Not Track signals initiated by browsers. Therefore, we so not respond to the Do Not Track settings. Do Not Track is a privacy preference you can set in your web browser to indicate that you do not want certain information about your web page visits tracked and collected across websites. For more details, including how to turn on Do Not Track, visit: www.donottrack.us.

 

ELIGIBILITY AND CHILDREN PRIVACY:

We are committed to protecting the privacy and safety of children online. In compliance with the COPPA, we do not knowingly collect or solicit Personal Information from children under the age of 13 without verifiable parental consent. If we become aware that we have inadvertently collected personal information from a child under 13 without proper consent, we will take prompt steps to delete such information from our records. If you are a parent or guardian and believe that Personal Information of your child has been collected without proper consent, please contact us via the contact information provided below so that we can take appropriate action.

 

POLICY AMENDMENTS:

The updated date of this Policy will be reflected in the “Last Updated” heading, indicated at the header of the Policy. As required by the CCPA we will review this Policy every twelve (12) months and amend it as necessary. Where required by applicable law, we will obtain your consent. We recommend you review this Policy periodically to ensure that you understand our most updated privacy practices.

 

CONTROLLING VERSION:

This Policy has been drafted in the English language, which is the original and controlling version of this Policy. All translations of this Policy into other languages shall be solely for convenience and shall not control the meaning or application of this Policy. In the event of any discrepancy between the meanings of any translated versions of the Policy and the English language version, the meaning of the English language version shall prevail.

 

CONTACT INFORMATION:

If you have any question, inquiry or concern related to this Policy or the processing of your Personal Data, you may contact our privacy team at:

 

  • Through the "Contact Us" page available through the App and website.
  • By Email: privacy@babyark.com
  • By Mail: 8 The Green A Dover, DE 19901, USA