Privacy & Cookie Policy
Last updated: 1 October 2024
This Privacy & Cookie Policy explains how ApeelingAI B.V. ("ApeelingAI", "we", "us"), including our Mobibot brand, collects, uses and safeguards personal data when you visit our websites, interact with our applications, request a demo, deploy our chatbots or otherwise engage with us. We comply with the EU General Data Protection Regulation (GDPR), the ePrivacy rules and applicable UK requirements.
1. Data controller
ApeelingAI B.V. (Chamber of Commerce 92422543) is the controller for the processing of personal data described in this notice.
- Registered address: Blijmarkt 12 C, 8011NE Zwolle, The Netherlands
- Email: [email protected]
- Phone: available upon request via the above email
- Data protection queries: [email protected]
2. Scope of this policy
This policy applies to the public and authenticated areas of apeelingai.com, mobibot.nl, our chatbot products, newsletters, webinars, advertising campaigns and offline interactions with our sales, success or support teams. If you use ApeelingAI services under a separate agreement (e.g. a DPA or reseller contract), those terms complement this policy.
3. Personal data we process
Depending on how you engage with us, we may collect:
- Identity and contact details such as name, job title, company, email address, phone number and postal address.
- Account credentials and configuration settings for the ApeelingAI platform or Mobibot deployments.
- Commercial information including purchase history, contract references, billing details and VAT numbers.
- Communications and support records (emails, chat transcripts, meeting notes, call recordings where permitted by law).
- Technical and usage data such as IP address, device identifiers, browser type, time zone, referring URLs, pages viewed, in-product telemetry, error logs and chatbot interactions.
- Marketing preferences, consent choices and information about how you engage with our campaigns or events.
We do not intentionally collect special category data. Please refrain from sharing sensitive information unless we explicitly request it and provide an appropriate legal basis.
4. Why we use your data and legal bases
We only process personal data when a lawful basis applies. The table below summarises our main purposes.
| Purpose | Examples of data | Legal basis |
|---|---|---|
| Provide and improve our services | Account data, configuration settings, chatbot transcripts | Performance of a contract or legitimate interest to operate our business |
| Respond to enquiries and deliver support | Contact details, communications history | Contractual necessity or legitimate interest in assisting prospects and customers |
| Process billing and fulfil administrative obligations | Billing contacts, transaction data, VAT numbers | Legal obligation (tax/accounting) or contract performance |
| Operate, secure and troubleshoot our websites and apps | Log files, device identifiers, security events | Legitimate interest in ensuring service integrity and preventing abuse |
| Run analytics and product research | Usage metrics, aggregated chatbot interactions, analytics cookies | Consent for non-essential cookies or legitimate interest when using de-identified data |
| Deliver marketing communications and personalise campaigns | Contact details, marketing preferences, campaign engagement | Consent or legitimate interest in promoting our services to business contacts, subject to opt-out rights |
| Comply with legal obligations and enforce agreements | Identity data, contract details, correspondence | Legal obligation or legitimate interest in protecting our rights |
5. Cookies and consent management
We use cookies and similar technologies to run the site, measure performance and deliver personalised advertising. Strictly necessary cookies are always active. Analytics and marketing cookies are only activated when you provide consent via our cookie banner, which is integrated with Google Consent Mode v2. You can revisit your choices at any time using the “Cookie settings” button displayed in the bottom-left corner of the site.
The cookie banner details the purposes, technologies and retention periods for each category. We honour your consent signals across both apeelingai.com and mobibot.nl properties.
6. Data retention
We keep personal data only for as long as necessary:
- Account and contractual records: duration of the agreement plus up to seven years to meet legal requirements.
- Lead and marketing information: up to 24 months after the last meaningful interaction, or until you withdraw consent.
- Support tickets and communications: up to 24 months after closure unless needed for legal claims.
- Analytics and telemetry: 26 months or shorter when consent is withdrawn or data is aggregated sooner.
7. Sharing your data
We may share personal data with trusted processors that help us run our business, including hosting providers (e.g. Vercel), cloud infrastructure, CRM and ticketing tools, payment processors, analytics and marketing platforms (Google, Meta and similar when enabled), and professional advisors. We ensure these parties provide adequate safeguards and sign data processing agreements. We only disclose data to authorities when required by law or to defend our legal rights.
8. International transfers
Some partners are located outside the European Economic Area or the United Kingdom. When we transfer personal data abroad we rely on adequacy decisions, EU/UK Standard Contractual Clauses, or other legally recognised safeguards. Copies of these safeguards are available on request via [email protected].
9. Your rights
You have the right to:
- Request access to and receive a copy of your personal data.
- Rectify inaccurate or incomplete information.
- Erase data in certain circumstances (“right to be forgotten”).
- Restrict or object to processing, including direct marketing.
- Withdraw consent at any time without affecting prior processing.
- Receive your data in a portable format.
- Lodge a complaint with your supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens; UK residents may contact the ICO.
Submit your request via [email protected] or by mail to our registered address. We will respond within one month, extendable when legally permitted for complex cases.
10. Security
We implement organisational and technical measures to protect data, including access controls, encryption in transit, monitoring, regular backups and vendor due diligence. However, no system is entirely secure; please notify us immediately if you suspect unauthorised use of your account or data.
11. Automated decision-making
ApeelingAI does not rely on solely automated decisions that produce legal or similarly significant effects on individuals. Our chatbots assist your teams but final commercial decisions remain human-led.
12. Children
Our services target business customers. We do not knowingly collect data from children under 16. If you believe a child has provided us information, please contact us and we will delete it promptly.
13. Changes to this notice
We may update this policy to reflect legal, technical or business developments. Material changes will be announced on our websites and, when appropriate, communicated directly to affected users. The “Last updated” date indicates the most recent revision.
14. Contact
For questions about this policy, privacy practices or to exercise your rights, contact us at [email protected]. You may also write to ApeelingAI B.V., Blijmarkt 12 C, 8011NE Zwolle, The Netherlands.