oobler.

Privacy & cookies · last updated June 2, 2026

What we process.
And what we don't.

Hoobler runs on as little personal data as possible. This policy spells out exactly what we process, why, with whom, and for how long. Questions? privacy@hoobler.be.

Who we are

Data controller.

The data controller for personal data collected via hoobler.be and the en-US site is:

Hoobler BV.

Company no.
BE 1035.824.002
Address
Puttestraat 111, 3130 Begijnendijk, Belgium
Email
privacy@hoobler.be

Hoobler has not appointed a Data Protection Officer (not required under GDPR art. 37 for our scale and processing activities). Privacy questions go to the address above and are answered within 30 days.

What we process

Personal data, purposes and retention periods.

Below is the complete overview. Each processing activity cites the legal basis under GDPR art. 6(1) and the retention period.

Pre-launch application.

Data
Name, email, phone, what you want to sell, location, prior selling experience, how you found us
Legal basis
art. 6(1)(b) — pre-contractual steps taken at the data subject's request
Retention
24 months after last contact (declined applications: 12 months)

Contact form (Ask Hoobler).

Data
Name, email, phone (optional), subject, message
Legal basis
art. 6(1)(a) — consent via privacy toggle in the form
Retention
24 months after last interaction

Account + sales dossier on the platform.

Data
Profile data, property data, documents (EPC, land registry, soil certificate), messages and bids
Legal basis
art. 6(1)(b) — performance of our agreement with you — and art. 6(1)(c) — legal obligations under Belgian real-estate and notarial law
Retention
10 years post-sale (statutory retention for real-estate transactions)

First-party anonymous analytics (page views, clicks).

Data
Pseudonymous session ID, page path, referrer, language, screen class, hashed IP prefix
Legal basis
art. 6(1)(f) — legitimate interest in site operation and improvement, no tracking
Retention
12 months

Marketing pixels (Google, Meta, LinkedIn, TikTok, X).

Data
Determined by the respective provider — only active after explicit opt-in
Legal basis
art. 6(1)(a) — consent via the cookie banner
Retention
Set by provider; consent revocable via the button below

Email (confirmations, status, newsletter).

Data
Email address, name, communication logs
Legal basis
art. 6(1)(b) — transactional — or (a) — newsletter opt-in
Retention
Logs 24 months; newsletter until unsubscribe

Who sees the data

Processors and sub-processors.

Hoobler works with a limited set of external parties (processors under GDPR art. 28). We have a Data Processing Agreement in place with each one.

  • Microsoft Azure (Ireland) — application and database hosting in the EU West Europe region.
  • Postmark (USA, ActiveCampaign LLC) — transactional email (confirmations, status). EU Standard Contractual Clauses apply.
  • Mollie B.V. (Netherlands) — payment processing on sale.
  • MapTiler (Switzerland) — maps on listing pages; receives only IP address and anonymised browser info, no account data.
  • Marketing pixels (consent only) — Google LLC, Meta Ireland Ltd, LinkedIn Ireland Unlimited, TikTok Technology Ltd, X Corp. Only active after opt-in via the cookie banner.

Hoobler never sells or rents your personal data to third parties for commercial purposes.

Outside the EEA

International transfers.

For our hosting (Azure West Europe), your data does not leave the European Economic Area.

For Postmark (USA) and the marketing pixels (USA), we rely on the EU-US Data Privacy Framework certification of the respective party or on Standard Contractual Clauses as adopted by the European Commission (Implementing Decision 2021/914).

Cookies

Cookies and similar technologies.

Under the ePrivacy Directive and the Belgian implementation, we may only place strictly-necessary cookies and first-party anonymous-analytics cookies without consent. For marketing pixels we ask for explicit opt-in via the banner.

Essential + first-party analytics.

Always on · necessary

Session, login, form state and your cookie choice itself, plus our own anonymous analytics (page views and clicks). No personal data, no link to your account, no IP address in our database — we keep only a hashed version for abuse detection. No third parties.

Retention: Session and preference cookies until you clear them; analytics 12 months.

Marketing.

Off by default · your choice

Third-party tracking pixels (Google Analytics, Meta, LinkedIn, TikTok, X) that measure which ads work and that let us reach you again later. Only active once you tick 'Marketing' in the banner or settings modal.

Retention: Set by the respective providers. Consent revocable at any time via the button at the bottom of this page.

How we protect it

Security measures.

Hoobler takes appropriate technical and organisational measures under GDPR art. 32: TLS 1.2+ for all traffic, encryption at rest for the database, role-based access control for the team, audit logs of access to personal data, and regular backups. In the event of a data breach posing a risk to your rights and freedoms we notify the Belgian Data Protection Authority within 72 hours and inform you directly (art. 33 and 34 GDPR).

Your rights

Access, rectification, erasure, restriction, portability, objection.

Under the General Data Protection Regulation (Regulation 2016/679) you have the right to:

  • Access your data (art. 15)
  • Rectify your data (art. 16)
  • Erase your data — the "right to be forgotten" (art. 17)
  • Restrict processing (art. 18)
  • Port your data to another party (art. 20)
  • Object to processing based on legitimate interest (art. 21)
  • Withdraw consent at any time without affecting prior processing (art. 7(3))

Send a request to privacy@hoobler.be. We respond within 30 days (GDPR art. 12(3)). To verify your identity we may ask for a copy of your ID (with national ID number and photo redacted).

Not satisfied with our handling? You can lodge a complaint with the Belgian Data Protection Authority (Drukpersstraat 35, 1000 Brussels · contact@apd-gba.be).

Changes

Updates to this policy.

We may update this privacy policy. For material changes, you'll get a notice by email or in-app at least 30 days before they take effect. The current version was last updated on June 2, 2026.