Year: 2021

Germany’s federal information commissioner has run out of patience with Facebook.

Last month, Ulrich Kelber wrote to government agencies “strongly recommend[ing]” they to close down their official Facebook Pages because of ongoing data protection compliance problems and the tech giant’s failure to fix the issue.

In the letter, Kelber warns the government bodies that he intends to start taking enforcement action from January 2022 — essentially giving them a deadline of next year to pull their pages from Facebook.

So expect not to see official Facebook Pages of German government bodies in the coming months.

While Kelber’s own agency, the BfDi, does not appear to have a Facebook Page (although Facebook’s algorithms appear to generate this artificial stub if you try searching for one) plenty of other German federal bodies do — such as the Ministry of Health, whose public page has more than 760,000 followers.

The only alternative to such pages vanishing from Facebook’s platform by Christmas — or else being ordered to be taken down early next year by Kelber — seems to be for the tech giant to make more substantial changes to how its platform operators than it has offered so far, allowing the Pages to be run in Germany in a way that complies with EU law.

However Facebook has a long history of ignoring privacy expectations and data protection laws.

It has also, very recently, shown itself more than willing to reduce the quality of information available to users — if doing so further its business interests (such as to lobby against a media code law, as users in Australia can attest).

So it looks rather more likely that German government agencies will be the ones having to quietly bow off the platform soon…

Kelber says he’s avoided taking action over the ministries’ Facebook Pages until now on account of the public bodies arguing that their Facebook Pages are an important way for them to reach citizens.

However his letter points out that government bodies must be “role models” in matters of legal compliance — and therefore have “a particular duty” to comply with data protection law. (The EDPS is taking a similar tack by reviewing EU institutions’ use of US cloud services giants.)

Per his assessment, an “addendum” provided by Facebook in 2019 does not rectify the compliance problem and he concludes that Facebook has made no changes to its data processing operations to enable Page operators to comply with requirements set out in the EU’s General Data Protection Regulation.

A ruling by Europe’s top court, back in June 2018, is especially relevant here — as it held that the administrator of a fan page on Facebook is jointly responsible with Facebook for the processing of the data of visitors to the page.

That means that the operators of such pages also face data protection compliance obligations, and cannot simply assume that Facebook’s T&Cs provide them with legal cover for the data processing the tech giant undertakes.

The problem, in a nutshell, is that Facebook does not provide Pages operates with enough information or assurances about how it processes users’ data — meaning they’re unable to comply with GDPR principles of accountability and transparency because, for example, they’re unable to adequately inform followers of their Facebook Page what is being done with their data.

There is also no way for Facebook Page operators to switch off (or otherwise block) wider processing of their Page followers by Facebook. Even if they don’t make use of any of the analytics features Facebook provides to Page operators.

The processing still happens.

This is because Facebook operates a take-it-or-leave it ‘data maximizing’ model — to feed its ad-targeting engines.

But it’s an approach that could backfire if it ends up permanently reducing the quality of the information available on its network because there’s a mass migration of key services off its platform. Such as, for example, every government agency in the EU deleted its Facebook Page.

A related blog post on the BfDi’s website also holds out the hope that “data protection-compliant social networks” might develop in the Facebook compliance vacuum.

Certainly there could be a competitive opportunity for alternative platforms that seek to sell services based on respecting users’ rights.

The German Federal Ministry of Health’s verified Facebook Page (Screengrab: TechCrunch/Natasha Lomas)

Discussing the BfDis intervention, Luca Tosoni, a research fellow at the University of Oslo’s Norwegian Research Center for Computers and Law, told TechCrunch: “This development is strictly connected to recent CJEU case law on joint controllership. In particular, it takes into account the Wirtschaftsakademie ruling, which found that the administrator of a Facebook page should be considered a joint controller with Facebook in respect of processing the personal data of the visitors of the page.

“This does not mean that the page administrator and Facebook share equal responsibility for all stages of the data processing activities linked to the use of the Facebook page. However, they must have an agreement in place with a clear allocation of roles and responsibilities. According to the German Federal Commissioner for Data Protection and Freedom of Information, Facebook’s current data protection ‘Addendum’ would not seem to be sufficient to meet the latter requirement.”

“It is worth noting that, in its Fashion ID ruling, the CJEU has taken the view that the GDPR’s obligations for joint controllers are commensurate with those data processing stages in which they actually exercise control,” Tosoni added. “This means that the data protection obligations a Facebook page administrator would normally tend to be quite limited.”

Warnings for other social media services

This particular compliance issue affects Facebook in Germany — and potentially any other EU market. But other social media services may face similar problems too.

For example, Kelber’s letter flags an ongoing audit of Instagram, TikTok and Clubhouse — warning of “deficits” in the level of data protection they offer too.

He goes on to recommend that agencies avoid using the three apps on business devices.  

In an earlier, 2019 assessment of government bodies’ use of social media services, the BfDi suggested usage of Twitter could — by contrast — be compliant with data protection rules. At least if privacy settings were fully enabled and analytics disabled, for example.

At the time the BfDi also warned that Facebook-owned Instagram faced similar compliance problems to Facebook, being subject to the same “abusive” approach to consent he said was taken by the whole group.

Reached for comment on Kelber’s latest recommendations to government agencies, Facebook did not engage with our specific questions — sending us this generic statement instead:

“At the end of 2019, we updated the Page Insights addendum and clarified the responsibilities of Facebook and Page administrators, for which we took questions regarding transparency of data processing into account. It is important to us that also federal agencies can use Facebook Pages to communicate with people on our platform in a privacy-compliant manner.”

An additional complication for Facebook has arisen in the wake of the legal uncertainty following last summer’s Schrems II ruling by the CJEU.

Europe’s top court invalidated the EU-US Privacy Shield arrangement, which had allowed companies to self-certify an adequate level of data protection, removing the easiest route for transferring EU users’ personal data over to the US. And while the court did not outlaw international transfers of EU users’ personal data altogether it made it clear that data protection agencies must intervene and suspend data flows if they suspect information is being moved to a place, and in in such a way, that it’s put at risk.

Following Schrems II, transfers to the US are clearly problematic where the data is being processed by a US company that’s subject to FISA 702, as is the case with Facebook.

Indeed, Facebook’s EU-to-US data transfers were the original target of the complainant in the Schrems II case (by the eponymous Max Schrems). And a decision remains pending on whether the tech giant’s lead EU data supervisor will follow through on a preliminary order last year to it should suspend its EU data flows — due in the coming months.

Even ahead of that long-anticipated reckoning in Ireland, other EU DPAs are now stepping in to take action — and Kelber’s letter references the Schrems II ruling as another issue of concern.

Tosoni agrees that GDPR enforcement is finally stepping up a gear. But he also suggested that compliance with the Schrems II ruling comes with plenty of nuance, given that each data flow must be assessed on a case by case basis — with a range of supplementary measures that controllers may be able to apply.

“This development also shows that European data protection authorities are getting serious about enforcing the GDPR data transfer requirements as interpreted by the CJEU in Schrems II, as the German Federal Commissioner for Data Protection and Freedom flagged this as another pain point,” he said.

“However, the German Federal Commissioner sent out his letter on the use of Facebook pages a few days before the EDPB adopted the final version its recommendations on supplementary measures for international data transfers following the CJEU Schrems II ruling. Therefore, it remains to be seen how German data protection authorities will take these new recommendations into account in the context of their future assessment of the GDPR compliance of the use of Facebook pages by German public authorities.

“Such recommendations do not establish a blanket ban on data transfers to the US but impose the adoption of stringent safeguards, which will need to be followed to keep on transferring the data of German visitors of Facebook pages to the US.”

Another recent judgment by the CJEU reaffirmed that EU data protection agencies can, in certain circumstances, take action when they are not the lead data supervisor for a specific company under the GDPR’s one-stop-shop mechanism — expanding the possibility for litigation by watchdogs in Member States if a local agency believes there’s an urgent need to act.

Although, in the case of the German government bodies’ use of Facebook Pages, the earlier CJEU ruling finding on joint law controllership means the BfDi already has clear jurisdiction to target these agencies’ Facebook Pages itself.

Primary care company One Medical has apologized after it sent out an email that exposed hundreds of customers’ email addresses.

The email sent out by One Medical on Wednesday asked to “verify your email,” but one email seen by TechCrunch had more than 980 email addresses copied on the email. The cause: One Medical did not use the blind carbon copy (bcc:) field to mass email its customers, which would have hidden their email addresses from each other.

Several customers took to Twitter to complain, but also express sympathy for what was quickly chalked up to an obvious mistake. Some users reported varying numbers of email addresses on the email that they received.

We asked One Medical how many customers had their email addresses exposed and if the company plans to report the incident to state governments, as may be required under state data breach notification laws, but we did not immediately hear back.

In a brief statement posted to Twitter, One Medical acknowledged the mistake, said: “We are aware emails were sent to some of our members that exposed recipient email addresses. We apologize if this has caused you concern, but please rest assured that we have investigated the root cause of this incident and confirmed that this was not caused by a security breach of our systems. We will take all appropriate actions to prevent this from happening again.”

On the scale of security lapses, this one is fairly low down on the impact scale — compared to a breach of passwords, or financial and health data. But the exposure of email addresses can still be used to identify customers of the company.

The San Francisco-based One Medical, backed by Google’s parent company Alphabet, went public last year just prior to the start of the pandemic.

Read more:

• Alphabet-backed primary care startup One Medical files to go public
• One Medical’s IPO will test the value of tech-enabled startups
• Passwordstate users warned to ‘reset all passwords’ after attackers plant malicious update
• Indian tech startup exposed Byju’s student data
• Peloton’s leaky API let anyone grab riders’ private account data

Starting today, Pinterest will prohibit all advertisers from sharing ads that promote weight loss. This includes any language and imagery that encourages weight loss, promotes weight loss products, idealizes certain body types, or references the BMI (which is often a poor indicator of overall health). This makes Pinterest the first major social media platform to take this stance.

Social media has played a role in promoting harmful beauty standards for as long as it’s existed. But even as “body positivity” has eclipsed the “thinspo” that proliferated on Tumblr a decade ago, sometimes, the trend can be a thin veil for weight stigma. Take a company like Weight Watchers, for example, which re-branded to WW (“Wellness That Works”) in 2018, yet continues to boast its members’ weight loss stories on its website. Even when online content about weight loss is well-meaning, it often contributes to a rise in disordered eating behavior rather than healthy habits, which is why the wellness industry can be so harmful.

Pinterest developed its updated ad policy with guidance from the National Eating Disorders Association (NEDA), which has also worked with platforms like Tumblr and Facebook in the past. Since March 2020, the onset of the pandemic in the US, NEDA has experienced an increase in activity on its helplines for people struggling with eating disorders. As Vox’s Rebecca Jennings pointed out, people started spending even more time online during lockdown, which means more exposure to content that makes us feel bad about ourselves. Even the TikTok-famous sixteen-year-old actress Sissy Sheridan tweeted, “i liked my body before i downloaded tik tok.”

Image Credits: Pinterest

This morning Codat, a startup that provides APIs to link small-business fintech data to external services, announced that it has closed a $40 million round led by Tiger Global. The company raised $10 million in a Series A around a year ago that Index led; Codat also raised some strategic capital in the interim, but declined in an interview to provide more detail.

The company also declined to provide any guidance regarding how much its valuation changed in the last year between lettered rounds.

That Codat managed to raise more money is not a surprise, as the startup told TechCrunch that it grew its annual recurring revenue (ARR) by 3x from the end of 2019 to the end of 2020. The company’s CEO Pete Lord disclosed that the company is on track to repeat the feat this year. Such growth would imply a 9x gain in revenue at the end of 2021 compared to the result from two years ago.

Things are going well at Codat, in other words.

The startup’s API connects corporate data from internal SMB systems — QuickBooks, iZettle etc. — to external providers. The use cases for the service are easy to understand. If a small business wants to apply for a loan, the ability to provide a potential lender with its financial data in a quick, digital fashion would be useful. Codat would happily facilitate that data linkage.

The startup sells to financial service players, unsurprisingly, and vertical SaaS companies; serving the vertical SaaS space is big business, given that this is the second piece of news targeting the software varietal that TechCrunch has seen this week.

Building the Plaid for SMB data is a big job, so it’s not surprising that Codat has been busy hiring. From around 50 employees at the time of its Series A, the startup is now quickly approaching the 150-employee mark. Lord said that the company is hoping to end the year with around 250 staff.

The startup has an interesting array of products that are not its API service. Codat offers a visualization tool, for example, to display single-company data for customers in a more digestible format. And, the startup that it released a service called “Insights” that provides a method of cross-referencing ingested data from different services. Per Lord, Codat is bundling its other pieces of software with its API today. Asked why the startup isn’t charging separately for the tools, the CEO said that Codat is more focused on maximizing usage of its core service.

This leaves us with two questions regarding the future of Codat. The first is when — perhaps if — the startup charges for its non-core services that make its API tool more useful. And the second deals with the size of companies’ data that it hopes to provide the connective tissue for. Today Codat focuses on SMBs, though it is creeping higher in terms of the size of companies that might to pass their data through its API to other groups.

The two questions are linked. Codat wants to maximize its API usage because it charges customers based on the number of companies that they are connecting to; there are many more SMBs than large companies, so going after that slice of the larger corporate landscape makes sense. As does offering value-add services on top of its API if it keeps its SMB-focus.

But as Codat builds out its service, data from larger companies may more land inside its remit. And if they do, the company’s current model would prove slightly dissonant. A different pricing scheme for connecting to larger companies might work. Or a focus on charging for data passed, and not companies connected more generally. It will be interesting to watch the company’s business model evolve over time.

Regardless, the company is busy hiring in San Francisco, New York, and London. Let’s see how far its new Tiger check can take it.

Karin Tsai joined Duolingo in 2012 and is now the director of engineering. Yesterday, at TechCrunch’s City Spotlight: Pittsburgh, she spoke on the company’s extensive development process and unique culture. 

This interview was pre-recorded and aired a day after the company filed its SEC Form S-1 ahead of its initial public offering. As per SEC regulations, the company is now in a quiet period and it’s fair to say that Tsai gave the company’s last interview for quite a while.

This interview is the latest in TechCrunch’s deep dive into Pittsburgh’s Duolingo. Last month, we published a four-part series on the company that includes Duolingo’s origin story, it’s product-led growth strategy, monetization plan, and how develops and implements new initiatives and features. 

And it all starts with an A/B test

Tsai works with the some 170 engineers at Duolingo, which make up the vast majority of the company. That composition has led to A/B testing turning into a key part of Duolingo’s strategy, as it works to create an app that has effective yet inclusive gamification. At any given time, there might be 100 different A/B tests running, which caused Duolingo’s analytics team to even build a dashboard to track impact of experiments. Tsai walked us through an early realization of the common test below:

[A/B testing] has been such a key lever in our success as a company. I think one of the things that was important for us was to keep an open mind to tests that fail. So I think one of the temptations we have is to come with a preconceived notion of what should win when we run the test. If it doesn’t win, we just assume [that] there was some bug or some error, and not really pause to think why did that experiment lose. So, I would recommend for any startups looking to really integrate A/B testing into the fabric of their decision making: keep an open mind on what you might be missing about what your users are telling you through the data. Also, always be open to improving what you actually measure. At the beginning, we just kind of flatly measured learner retention [and] how many daily active users we had. But after a while, we decided to be a little more fine-grained about what we measured. So we measure new user retention versus existing user retention to sort of see the difference between how our new users are perceiving Duolingo, etc. And over time, you add more and more of these metrics, you could get a fuller picture of what what your changes actually doing. (Timestamp: 2:53)

One quirk that came up during the Duolingo EC-1 is that Duolingo’s product team usually A/B tests new features in the French course for English speakers. It’s not because of any secret preferences, but because the course is so popular that it makes more statistical sense to test it out in this course before rolling it out to other languages. In contrast, if a team tested a feature in the Hindi course for English speakers, it would take a longer time to get useful results.

An A/B experiment that stands out in Tsai’s mind has to do with the subscription page, and saying no to increasing the bottom line.

On our subscription page, we offer a free trial of the subscription. Before, the button used to say ‘start your seven day free trial.’ We changed it to ‘start using Duolingo for free for a week’ just to play around with copy. And we didn’t really expect too much from that, we just wanted to shorten the text.

It turns out that this ended up making us a lot more revenue per day. However, learner retention took a hit, and especially new user retention. Our hypothesis was that actually changing from ‘start my free trial’ to ‘start my free week’ made people think that they had to pay to use Duolingo. So, a lot more people actually subscribed because they thought they needed to pay. But we lost some learners, because they thought the experience was just overall not free. So we actually reverted that change, even though it made us some money. We learned a lot about how precise copy really needs to be to convey meaning. So, it was a really great learning to find that actually being more transparent with how you monetize, actually led to more modern successful monetization. (Timestamp: 5:47)

• The product-led growth behind edtech’s most downloaded app
• The Morality Of A/B Testing
• Apple to introduce A/B testing and in-app events to the App Store

On prioritizing monetization

Duolingo notoriously launched with a bold promise: no advertisements, subscriptions or in-app purchases — approaches that now all exist on the platform. While the company appears to be doing just fine financially now, the choice to start charging was not easy, and felt directly in conflict with Duolingo’s mission to provide free education.

Tsai, who watched the company grow from 15 people to 400 plus, explained how she personally felt the company resolved that tension and ultimately made the move to charge some of its users, about 5%, money.

I think the way that we approach this is maybe idealistic. I can just speak for myself: oftentimes, it’s tempting for companies to either turn evil or feel like they’re turning evil once they start to monetize, right? But the reality is, hosting costs, salaries, etc, do cost a lot of money. If you want to continue hiring top talent, you need to make revenue and be able to support that. And the way that we approach it at Duolingo is that we know we can’t actually accomplish our mission without also being a sustainable company. If Duolingo continued being on VC funding the whole time, we would not be sustainable in the long term. If we do buy in so much, and love our products so much that we do want it to last hundreds of years. And to do that, we need to make sure we’re monetizing in a sustainable way. So I think that the way that we resolve tension in the company is that no matter what area you are working in, everyone has a common purpose to that end.

There’s a lot of benefit of the doubt that you kind of get for free by having a strong culture. (Timestamp: 8:21)

• Duolingo’s S-1 depicts heady growth, monetization, new focus on English certification
• How Duolingo became fluent in monetization

How debate can live harmoniously within a startup

The strong culture that Tsai is talking about was re-invented during the pandemic, when Duolingo along with many tech companies turned to distributed work.I wondered if remote work can make debate and disagreement, on something as small as an A/B test or as big as a monetization opportunity, difficult. Tsai mentioned a weekly e-mail from co-founder Luis von Ahn that made all the difference, as well as some transparency on failure.

Luis our CEO sent started sending us a weekly company update every Monday morning. One of the first updates he gave was just a reminder to have empathy for your fellow what we call Duo’s, or fellow Duolingo employees. He sent those reminders often. I think this culture of empathy and constant reminders says that in a remote world, it’s harder to read social cues, body cues and it’s easier to bring more to work than maybe you normally would. I think during those times where there was maybe debate, we always were just reminded to have empathy, to realize that there’s a lot going on in everyone’s lives at the moment, and that what is being communicated may not be the entire picture of what someone’s going through. (Timestamp: 11:45)

Another aspect that actually helps a lot is that we send out every single experiment result that gets launched or killed. So the entire company continues to know how we make decisions and which way they go. So by the time someone’s running their own experiments and making these decisions, they would have seen hundreds of examples of calls we made in the past. And we tend to emphasize the more controversial ones as well, so that the entire company could be in line with how we make decisions. (Timestamp: 13:11)

We ended up a conversation about opinions. From the jump, Duolingo has been an opinionated company – from where its based to how much it raised to how it wants to monetize (and differentiate from competitors). But that is easier said than done, especially in a polarized world.

I think it’s important to be strong about what you believe in. I think it’s not necessarily a bad thing to be opinionated, but I think it is important to also be open minded that not everyone will agree to be respectful of those positions. As a company, [your opinions] really needs to be [clear] from the beginning because it is always harder to add on. Suddenly, sudden opinions are in contrast with what a company has demonstrated through its actions. So I think avoiding hypocrisy is the most important thing when you do have strong opinions, and Duolingo has strong opinions about many things. I think [our opinions] are all consistent with how the company has operated from the beginning. And that has really helped us. And we tend to attract talent that believes in those missions. We’ve encoded those operating principles and actually written them down. And it is okay and reasonable for someone to disagree with this approach, but this is at least how we’ve decided to do it at Duolingo. And that makes it clear to people that we’ve intentionally made the decisions to go one way or the other on these things. So that has really helped, I think, unify everyone and understanding how that company operates. (Timestamp: 19:46)

• How a bot-fighting test turned into edtech’s most iconic brand, Duolingo

Mercado Bitcoin, a Latin American digital assets exchange, has raised $200 million in Series B funding from the SoftBank Latin America Fund.

The round values 2TM Group, Mercado Bitcoin’s non-operating parent company, at $2.1 billion, ranking it among the top 10 unicorns in Latin America. 

The funding comes just months after São Paulo-based Mercado Bitcoin’s Series A round (of an undisclosed amount) in January of 2021, which was co-led by G2D/GP Investments and Parallax Ventures, with participation from HS Investimentos , Gear Ventures, Évora and Genial. JPMorgan and DealMake.

Image Credits: Mercado Bitcoin

It also comes after an impressive first half of the year for the company. Between January and May 2021, Mercado Bitcoin says that about 700,000 new customers signed up to use its services, bringing its customer base to 2.8 million. That’s more than more than 70% of the entire individual investor base on Brazil’s stock exchange, according to the company. Also, during the first five months of the year, Mercado Bitcoin saw its trade volume surge to $5 billion, which is more than the total volume it saw in its first seven years combined. It’s also 11 times the volume experienced during the same period in 2020.

Founded by brothers Gustavo and Mauricio Chamati in 2013, Mercado Bitcoin was the first crypto exchange in Brazil. The company has been profitable since 2018, and until January 2021 had been bootstrapped from inception, reinvesting its cash generation into growth and portfolio expansion, according to CEO and 2TM Group Executive Chairman Roberto Dagnoni.

“This makes us a somewhat unique case in the ecosystem and among our fintech peers in general – few companies have managed to reconcile over 100% year-over-year growth with a positive bottom line,” he told TechCrunch, describing Mercado Bitcoin as “the crown jewel” of 2TM Group.

The holding company owns a number of other entities such as Meubank, a multi-asset wallet and account service currently waiting for a Brazilian Central Bank license; Bitrust, a qualified digital custodian and Clearbook, an equity crowdfunding platform, among others.

In 2019, 2TM Group became the first company in the world to tokenize public debt assets. Then in 2020, the company issued Futecoin, the world’s first digital asset based on FIFA’s solidarity mechanism.  

“We have also tokenized or distributed private debt, carbon credits and a variety of utility and DeFi tokens,” Dagnoni said. This year, Bitrust will extend the first Latin America based Digital Custody service. 

“There is a lot more to come, and the series B round will be a relevant factor in supporting continuous innovation,” Dagnoni added. While he declined to reveal the amount of the Mercado Bitcoin’s Series A round, he said it allowed the company to invest around $40 million in expanding its operations in Brazil this year.

Today, Mercado Bitcoin has about 500 employees. That compared to around 200 a year ago. By year’s end, Dagnoni projects it will have a headcount of about 700.

Besides hiring, he said that Mercado Bitcoin/2TM will also use the new capital toward expanding its service offerings and investing in infrastructure “to meet the soaring demand for crypto in the region.” In particular, the company will be focusing on acquiring new customers and product listings as well as expanding to other countries such as Mexico, Argentina, Colombia and Chile “through a combination of M&A and greenfield operations,” according to Dagnoni.

So what exactly has driven so much growth for Mercado Bitcoin? Dagnoni believes there are a number of factors behind it.

“Millions of people around the world are realizing that digital assets and cryptocurrencies are both innovative in their technological foundations and are efficient in storing of value, and Brazil is no exception to this trend,” he said. 

Also, the country has seen some of the lowest interest rates on record, which he said has fueled the development of the alternative assets industry. 

“Crypto is taking advantage of this trend, which is also on display for other asset classes, such as VC and private equity,” Dagnoni said.

And finally, he believes that the fact that Brazil’s financial services industry is so concentrated has spelled opportunity for fintechs in general in the country.

For its part, SoftBank Latin America Fund described Mercado Bitcoin as a “regional leader in the crypto space” that is “tapping into a huge local and regional addressable market.”

It added: “At SoftBank we look to invest in entrepreneurs who are challenging the status quo through tech-focused or tech-enabled business models that are disrupting an industry – Mercado Bitcoin is doing just that.”

SoftBank has been active in Latin America as of late. In early June, the Japanese investment conglomerate said it would invest “up to $150 million” in Grupo Bursátil Mexicano (GBM), a 35-year-old investment platform in the Mexican stock market.

Tiger Global is in advanced stages of talks to back Indian embedded finance startup Yap, according to more than half a dozen people familiar with the matter.

The New York-headquartered firm is in talks to lead a $35 million financing round in Yap — also known as YapPay and M2P — that values the Bangalore-headquartered startup at about $350 million, up from about $67 million in March this year (per data insight platform Tracxn), the people said.

At the current stages of negotiation, Tiger Global plans to invest between $25 million to $30 million in the new round (a Series C), some of the people said. The round hasn’t closed, so the deal size could become larger and other terms too may change, people said.

Yap operates an API infrastructure platform that allows other startups to support and build payments services. Yap, which has raised about $15.9 million to date, counts Better Capital, BeeNext, AngelList, Omidyar Network, 8i among its existing investors.

If the deal materializes, it will be the latest investment from Tiger Global in India, where it has already backed over a dozen startups this year.

Lay of the land for fintech startups in India. Data and image: Bank of America.

Everyone declined to comment.

Getir, the startup based out of Turkey that has built a $7.5 billion business out a mobile app that lets consumers buy groceries and get them delivered in minutes, has grown its business up to now organically: targeting urban markets across Europe (and soon the U.S.) where it is disrupting the well-stocked cornershop with a service that needs even less effort and time from the average shopper. Now, it’s changing up that strategy with its first acquisition to break into three more countries.

The company is acquiring Blok, another “instant delivery” grocery service based out of Barcelona. Financial of the deal are not being disclosed but from what I understand, Blok (previously called Huvi Technologies) was bootstrapped, fairly new and small (launching only in February 2021), and was already shopping itself around.

Founded by Vishal Verma, Hunab Moreno and Varun Kapoor, Blok is active in Spain and Italy, where its biggest markets were Madrid, Barcelona and Milan. Portugal was on its roadmap pre-Getir, and it will also launch there soon. More than 120 employees will be joining Getir as part of the deal.

Getir has been around since 2015 and is profitable in Turkey on a mix of services that started with its fast delivery but has since expanded to other categories like wider grocery options (GetirMore, with longer delivery turnarounds), restaurant delivery (GetirFood), local business delivery (GetirLocals), and… water delivery (GetirWater).

That’s given Getir momentum it is now using to expand its flagship fast grocery model into other markets like the UK — I see its mopeds around my neighborhood in London all the time — the Netherlands, and Paris and Berlin. The hundreds of millions that it’s raised this year (Getir has raised about $1 billion in total now) will also be used to get the company into the U.S. market, where it will go head to head with homegrown rivals in the same space such as GoPuff.

But while it may be one of the earliest movers and possibly the best capitalised, Getir is by no means the only player of its kind.

The European market is positively flush right now with startups that are building services around the same basic principles of super-fast delivery across an assortment of around 1,500 goods — typically much smaller than what you might find in a grocery store (17,000 is a normal number there), and closer to what you might get in the kind of quick-stop small market that exists throughout urban centers in Europe.

These startups, which include Flink, Gorillas, Glovo, Zapp, Dija, Cajoo, Weezy and many others have collectively raised hundreds of millions of dollars — but still less than $2 billion, Getir CEO and co-founder Nazim Salur estimated to me — to scale their operations.

Take up has been fairly enthusiastic, in part fueled by the pandemic and the fact that many people have been living under stay-at-home orders, or simply keen to stay out of public places to minimize Covid-19 spread; but also fueled in part by getting good traction with millennial and other younger consumers, who have really taken to using their mobiles for all practical chores, which get turned into leisure activities when they become apps.

Before Covid, Getir was seeing threefold growth annually, with some years, such as 2017, the company growing fivefold, Salur said. “During Covid we also grew 5x but without it, it would have been 4x. It accelerated our growth but Covid is not the main reason people use us. It’s mainly because we’re a big convenience. It means we can grow. In Turkey, life’s back to normal but every month we still grow.”

Still, is it a big enough market for all these players? We’ve already heard of at least one that is struggling to raise more to compete — capital is key, given the balance of logistics and delivery, dark stores to stock items, having the items themselves to sell, not to mention the heavy competition — and is looking for a buyer as a result.

In that context, it might not be a surprise to hear that Blok hadn’t raised any notable funding itself and while it had built out some technology and a team of people, it was ready to sell up less than six months after launching.

“We are very excited to join hands with the pioneers of ultrafast delivery on our shared goal to lead the on-demand grocery market in Southern Europe,” said Verma from Block, in a statement. “This acquisition allows us to leverage Getir’s deep industry know-how, relationships and technology, while combining that with our world class team and execution capabilities to create a formidable leader in this part of the world. We’ve had a great response from all our launches in Spain and Italy and can’t wait to double down on our efforts alongside Getir.”

But despite this pretty obvious picture of consolidation-in-the-making, Getir isn’t going to get into the business of consolidating all that, though — well, not yet, at least.

“Getir will not become an acquisition company, acquiring one after the other. That’s not the way we operate,” Salur, who co-founded the company with Serkan Borancili and Tuncay Tutek, said in an interview. “But, it’s a free market and if there is a good reason, a solid good reason, we might consider it. We won’t be going after ten different companies in this world, but if the right opportunity shows itself we’ll talk to people.”

Getir, the startup based out of Turkey that has built a $7.5 billion business out a mobile app that lets consumers buy groceries and get them delivered in minutes, has grown its business up to now organically: targeting urban markets across Europe (and soon the U.S.) where it is disrupting the well-stocked cornershop with a service that needs even less effort and time from the average shopper. Now, it’s changing up that strategy with its first acquisition to break into three more countries.

The company is acquiring Blok, another “instant delivery” grocery service based out of Barcelona. Financial of the deal are not being disclosed but from what I understand, Blok (previously called Huvi Technologies) was bootstrapped, fairly new and small (launching only in February 2021), and was already shopping itself around.

Founded by Vishal Verma, Hunab Moreno and Varun Kapoor, Blok is active in Spain and Italy, where its biggest markets were Madrid, Barcelona and Milan. Portugal was on its roadmap pre-Getir, and it will also launch there soon. More than 120 employees will be joining Getir as part of the deal.

Getir has been around since 2015 and is profitable in Turkey on a mix of services that started with its fast delivery but has since expanded to other categories like wider grocery options (GetirMore, with longer delivery turnarounds), restaurant delivery (GetirFood), local business delivery (GetirLocals), and… water delivery (GetirWater).

That’s given Getir momentum it is now using to expand its flagship fast grocery model into other markets like the UK — I see its mopeds around my neighborhood in London all the time — the Netherlands, and Paris and Berlin. The hundreds of millions that it’s raised this year (Getir has raised about $1 billion in total now) will also be used to get the company into the U.S. market, where it will go head to head with homegrown rivals in the same space such as GoPuff.

But while it may be one of the earliest movers and possibly the best capitalised, Getir is by no means the only player of its kind.

The European market is positively flush right now with startups that are building services around the same basic principles of super-fast delivery across an assortment of around 1,500 goods — typically much smaller than what you might find in a grocery store (17,000 is a normal number there), and closer to what you might get in the kind of quick-stop small market that exists throughout urban centers in Europe.

These startups, which include Flink, Gorillas, Glovo, Zapp, Dija, Cajoo, Weezy and many others have collectively raised hundreds of millions of dollars — but still less than $2 billion, Getir CEO and co-founder Nazim Salur estimated to me — to scale their operations.

Take up has been fairly enthusiastic, in part fueled by the pandemic and the fact that many people have been living under stay-at-home orders, or simply keen to stay out of public places to minimize Covid-19 spread; but also fueled in part by getting good traction with millennial and other younger consumers, who have really taken to using their mobiles for all practical chores, which get turned into leisure activities when they become apps.

Before Covid, Getir was seeing threefold growth annually, with some years, such as 2017, the company growing fivefold, Salur said. “During Covid we also grew 5x but without it, it would have been 4x. It accelerated our growth but Covid is not the main reason people use us. It’s mainly because we’re a big convenience. It means we can grow. In Turkey, life’s back to normal but every month we still grow.”

Still, is it a big enough market for all these players? We’ve already heard of at least one that is struggling to raise more to compete — capital is key, given the balance of logistics and delivery, dark stores to stock items, having the items themselves to sell, not to mention the heavy competition — and is looking for a buyer as a result.

In that context, it might not be a surprise to hear that Blok hadn’t raised any notable funding itself and while it had built out some technology and a team of people, it was ready to sell up less than six months after launching.

“We are very excited to join hands with the pioneers of ultrafast delivery on our shared goal to lead the on-demand grocery market in Southern Europe,” said Verma from Block, in a statement. “This acquisition allows us to leverage Getir’s deep industry know-how, relationships and technology, while combining that with our world class team and execution capabilities to create a formidable leader in this part of the world. We’ve had a great response from all our launches in Spain and Italy and can’t wait to double down on our efforts alongside Getir.”

But despite this pretty obvious picture of consolidation-in-the-making, Getir isn’t going to get into the business of consolidating all that, though — well, not yet, at least.

“Getir will not become an acquisition company, acquiring one after the other. That’s not the way we operate,” Salur, who co-founded the company with Serkan Borancili and Tuncay Tutek, said in an interview. “But, it’s a free market and if there is a good reason, a solid good reason, we might consider it. We won’t be going after ten different companies in this world, but if the right opportunity shows itself we’ll talk to people.”

As companies scrambled to re-orient themselves last year during the pandemic, one thing was clear: the shift to remote working had come sooner than anyone expected. With this came a fundamental shift in how businesses would have to hire new talent. And the question was, were managers going to laboriously sift through CVs in a crisis situation, or would the need to hit the ground running fast force them towards assessing skills over CVs?

One startup decided to take advantage of the situation.

HR tech startup from The Netherland, TestGorilla, came up with a way of hiring people through short, skills-based tests, which had the added advantage of removing the unconscious bias brought about by snappy CVs which might help a very non-skilled person get ahead, and keep out skilled but less qualified recruits.

The startup says its bet paid off and 9 months later they claim to have garnered over 1,500 corporate clients, including the NHS, Sony, PepsiCo, and Bain & Company.

TestGorilla has now raised $10 million in a Seed funding round, led by SaaS-specialist VC, Notion Capital, Partech, Jeff Weiner´s Next Play Ventures, and Indeed co-founder Paul Forster, Peakon co-founder Phil Chambers, and Justworks co-founder Isaac Oates.

TechCrunch understands that the round was hotly contested, with the round closing in only two weeks after receiving multiple separate offers.

Launched by serial entrepreneur, Wouter Durville, and former Bain & Company Partner, Otto Verhage, TestGorilla remotely assesses cognitive abilities, soft skills, specific job skills, culture fit, motivation, and language proficiency. By replacing CV screening, it also aids the removal of unconscious biases in the hiring process.

Wouter Durville, Co-Founder of TestGorilla told me over a call: “We’re removing bias because we’re making hiring very data-driven. Instead of just looking at a CV and looking at the big brands mentioned or the picture version of the person or how connected you are to a person, we are saying, hey, use these tests and test for different things that predict job success like cognitive ability or personality to fit with your culture. Then based on all the data you can automatically sort to see all your candidates, from the best to the worst, then make a decision on who you will invite into your recruiting process.”

Jos White, General Partner at Notion Capital said: “This is a big deal! A super competitive round that almost every VC wanted to get into. They are literally upending the hiring process with a platform that is more democratic, more global and ultimately a much better predictor of job success. Companies are in a major war for talent and yet only armed with a penknife. TestGorilla can open up new talent pools, break down barriers and help candidates and companies find each other. We are leading the round but the angel investors are literally a who’s who of HRtech because they know that this company is the future of hiring and addresses so many of the challenges that companies are facing.”