Privacy policy

Background

Apps in My Pocket Ltd (“us”, “we”, or “our”) operates the appsinmypocket.com website and a set of educational apps for young children (hereinafter referred to as the “Service”). Our apps are available through the Apple App Store.

This privacy policy informs you of our policies regarding the collection, use and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions. If you do not accept the terms of this Privacy Policy, you should not use our service.

Definitions

  • Service
    Service means the appsinmypocket.com website and the set of mobile apps operated by Apps in My Pocket Ltd
  • Personal Data
    Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
  • Usage Data
    Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies
    Cookies are small files stored on your device (computer or mobile device).
  • Data Controller
    Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • Data Processors (or Service Providers)
    Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We use Service Providers to process your data more effectively.
  • Data Subject (or User)
    Data Subject is any living individual who is using our Service and is the subject of Personal Data.

Online Safety

We are committed to maintaining a high level of online safety for children, parents and teachers. We do not allow third-party companies to advertise through our service.

Types of Data Collected

The security of your personal information is important to us. Any information you provide will be held securely and in accordance with applicable regulations, including the General Data Protection Regulation 2018. We will never sell or rent any of your personal information.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). We collect different types of information depending on your relationship with our website and apps. There are three different types of relationship: anonymous user, registered user, and player.

Anonymous user

An anonymous user is a visitor to our website or app who does not sign up (register), or set themselves up as a player. For such anonymous users, we may collect data such as, but not limited to:

  • the type of device used
  • the version of the operating system on the device
  • a unique device identifier
  • ip address
  • browser type
  • browser version
  • the pages of our Service that you visit
  • the time and date of your visit
  • the time spent on those pages
  • and other diagnostic data.

What we do with the information we gather

We use this data to:

  • optimise the service for the devices that our users use to access it
  • understand how they use our service
  • use it to detect, prevent and address technical issues
  • provide and maintain our Service
  • notify you about changes to our Service through the apps and website
  • allow you to participate in interactive features of our Service when you choose to do so
  • provide customer support
  • monitor the usage of our Service

Registered users

Registered users are people who assert themselves to be 16 years or older, and typically use our apps in the role of a responsible adult. For example, they may be a parent, grandparent, teacher, speech therapist or someone else with a similar kind of role. They will normally have some kind of responsibility for the players (students) who interact with the games within our apps. Users can sign-up (register) on our website or within our apps.

For registered users, in addition to the information collected for anonymous users, we may collect data such as, but not limited to:

  • first name
  • last name
  • email address
  • name of their school or other professional organisation that they belong to if they are using the service for that organisation
  • any emails you send us

What we do with the information we gather

We require this information to:

  • provide a weekly progress report whilst you are actively using the service (this email will automatically stop after the service has not been use for a period of weeks)
  • email certificates celebrating the progress of players using our service
  • provide a website to allow you to track players’ progress
  • allow you and us to administer your use of the service
  • understand how you use the service
  • help us to support your use of it, so we can answer questions you have about using the service. For instance, when we can, we track which of our apps you own, and if you have made an In-app purchase.
  • use the information to improve our products and services.

If a user registers within one of our apps, their login credentials (email address and password) are stored in the device’s secure keychain. This remembers the credentials for them and avoids them having to re-enter them each time the app is used. When a user registers within the app, to make it easier for them, we may use the name they enter to find for them their email address from their address book.

Players

The final type of person using our services we call players (students). These are the people who interact with the games within our apps. Players do not have access to the website. Players normally will be children, but not always. Users are responsible for setting up the details of the players. A user setting up players must be aged 16 or over, and will typically be the player’s parent or guardian, or a responsible adult with the authority to act on their behalf such as (but not limited to) a teacher, other family member or family friend. To be completely explicit, a player must not be set up by someone aged under 16. The information entered by a user about a player may include, but is not limited to:

  • first name
  • last name
  • date of birth
  • photo
  • school or other organisation that they belong to

Note only the first name is required, and that can be a nickname. It does not have to be a real name. For the other information, a user may decide not to enter any (which may mean certain features cannot be enabled), or enter real or made-up information. The photo is not copied from the device to our servers, however, the other data is if the adult signs up. Note that the adult is in control of these personal details entered for the children.

A registered user may provide access to the player’s information to other registered users within certain restrictions.

What we do with the information we gather

We require this information so we can:

  • Provide the service for players
  • Understand players’ needs
  • Provide progress tracking.
  • Improve our products and services.
  • Customise the website or apps according to players’ age, interests and activities.

We do not market to players and do not request any contact information for players. Nor do we share their details with any third parties for marketing purposes.

When the app listens to your child read, the audio is sent to Apple’s speech recognition service provided by Siri. We do not store or process these recordings.

If a user has registered for our tracking progress service, we will endeavour to collect and record data concerning how the player interacts with the games within our apps. This data will be sent using industry-standard encryption (SSL) to our server.

We may analyse and publish summary and anonymous data about players to inform our research and development, and other interested parties. This may include aggregating data anonymously to provide insights into how players are progressing using our apps. We may use this information to identify schools that are out-performing their peers in the use of the app so we can identify best practise in the use of the apps.

Organisations and groups

Registered users are able to share progress made by players with other registered users by setting up organisations, and within an organisation, groups. A registered user creating an organisation gives it a name and a type. The type of an organisation is either family, school, preschool or something else as determined by the user. Note that organisations don’t have to be real and can use made-up names.

Registered users may invite other users to join their organisation. Players belong to an organisation. Players can also belong to one or more groups within an organisation. A registered user may also allow another registered user to add a specific player to their own organisation. An example should make this clearer. A teacher may invite a parent to track the progress of their child at home by allowing the parent to add the child to the parent’s organisation. That is a player may belong to several organisations. Note in this scenario several adults have shared responsibility for entering their data.

What we do with your data

We use this data to enable the service we offer through our apps and website. We may publish aggregate and anonymous statistics about organisations, but would not share the details of any organisation without permission.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. For information on how to protect yourself from identity theft, you may wish to refer to the U.S. Federal Trade Commission’s website, the UK government’s website or another for your area.

We do not hold financial data about our users, so if there was a data breach, the most salient data likely to be stolen is email addresses. In the event of a serious breach, we would endeavour to notify impacted customers, and the ICO in the UK, within 72 hours. Where possible we would tell you when the breach occurred, the nature and extent of the breach and our plan to investigate and remediate the breach.

Any information sent from our apps, or from our website (when you sign up or log-in), is sent via an SSL connection to our server. Your password is stored on our database using a one-way hashing (an extremely secure method of encryption), meaning nobody (including ourselves) can view your password once it has been saved to the database. The security of our service is built on the team’s experience of building secure systems since the mid-1990s.

Apps in My Pocket may use external third parties to process your information on its behalf in accordance with the purposes outlined in this privacy policy.

Our secure website and database are provided by Heroku who use Amazon’s servers to do this. These servers are protected by these two highly respected companies in the USA, and their software regularly kept up-to-date. Standing on their shoulders means we can deliver a service with a much higher level of security and availability than would otherwise be possible. Both companies are Privacy shield certified and have GDPR compliant privacy policies.

We may use your Personal Data to contact you with progress reports on your associated players’ progress, certificates, communication around any free trial and to ensure your experience of our service is reaching the high standards we aim for. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link provided in any email we send.

Customers often come back to the service again years later, and once they start using the apps again, the weekly report will begin again. You can switch off individually the weekly report and certificates emails. Or as a teacher control what groups you receive them for.

If you make a purchase, and this followed finding the app from a Facebook advert, that will be recorded by Facebook so that we know what adverts attracted customers who like the app.

Location Data

We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to customise our Service to your location.

You can enable or disable location services when you use our Service at any time by way of your device settings.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies. We use Security Cookies for security purposes.

Legal Basis for Processing Personal Data under the General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), Apps in My Pocket Ltd legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

Apps in My Pocket Ltd may process your Personal Data because:

  • It is needed to provide you with our products or services
  • You have given us permission to do so
  • The processing is in our legitimate interests and it is not overridden by your rights
  • For payment processing purposes
  • To comply with the law

Retention of Data

Apps in My Pocket Ltd may retain your Personal Data when you stop actively using the service, because customers often come back to us again, sometimes years later, with a different child or class. We will also retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

Apps in My Pocket Ltd will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.

Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Apps in My Pocket Ltd will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

Business Transaction

If Apps in My Pocket Ltd is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Disclosure for Law Enforcement

Under certain circumstances, Apps in My Pocket Ltd may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

Apps in My Pocket Ltd may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Apps in My Pocket Ltd
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Our Policy on “Do Not Track” Signals under the California Online Protection Act (CalOPPA)

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

Your Data Protection Rights under the General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Apps in My Pocket Ltd aims to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data.

If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. Much of the data can be viewed by logging into our website using your email address and password registered with us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section in the apps and website. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete. You should normally be able to do this via the apps or website.
  • The right to object. You have the right to object to our processing of your Personal Data. In practice, this might mean that we can no longer provide the service for you given it will depend on processing your data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information. In practice, this might mean that we can no longer provide the service for you given it will depend on processing your data.
  • The right to data portability. We provide the ability for you to export a large amount of data about your students use of the apps from our website. If you want more data than this, you would need to provide us with details. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Or, we may refuse to comply with the request in what would be very unusual circumstances.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Apps in My Pocket Ltd relied on your consent to process your personal information. In practice, this might mean that we can no longer provide the service for you given it will depend on processing your data. We would only continue to process your data if we have another legitimate basis for doing so in law.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to us or to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA). In the UK, this is Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide the Service on our behalf, perform Service-related services or assist us in analysing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We use several highly-regarded third party services to understand how our customers are using our apps and website, so we can provide you with the best product and support we can. We do not tell them your email and name.

  • Google Analytics
    Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
  • Flurry Analytics
    Flurry Analytics service is provided by Yahoo! Inc.You can opt-out from Flurry Analytics service to prevent Flurry Analytics from using and sharing your information by visiting the Flurry’s Opt-out page: https://dev.flurry.com/secure/optOut.doFor more information on the privacy practices and policies of Yahoo!, please visit their Privacy Policy page: https://policies.yahoo.com/us/en/yahoo/privacy/policy/index.htm
  • Mixpanel
    Mixpanel is provided by Mixpanel Inc.You can prevent Mixpanel from using your information for analytics purposes by opting-out. To opt-out of Mixpanel service, please visit this page: https://mixpanel.com/optout/For more information on what type of information Mixpanel collects, please visit the Terms of Use page of Mixpanel: https://mixpanel.com/terms/
  • Facebook analytics
    Facebook analytics is provided by Facebook Inc.You can prevent Facebook from using your information for analytics purposes by opting-out. To opt-out of Facebook analytics, please visit your Facebook App Settings page when you are logged into FacebookFor more information on what type of information Facebook collects, please visit the Policies page of Facebook: https://www.facebook.com/policies

Crash reporting

To improve the quality of our service, we monitor crashes in conjunction with Microsoft HockeyApp. We only keep crash data for 28 days.

Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American
Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are:

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We may also let you know via a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

This privacy policy was last updated on November 15, 2018