Apps in My Pocket Ltd (“us”, “we”, or “our”) operates the appsinmypocket.com website and a set of educational apps for young children (hereinafter referred to as the “Service”). Our apps are available through the Apple App Store.
Service means the appsinmypocket.com website and the set of mobile apps operated by Apps in My Pocket Ltd
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies Cookies are small files stored on your device (computer or mobile device).
Data Processors (or Service Providers) Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We use Service Providers to process your data more effectively.
Data Subject (or User) Data Subject is any living individual who is using our Service and is the subject of Personal Data.
We are committed to maintaining a high level of online safety for children, parents and teachers. We do not allow third-party companies to advertise through our service.
Types of Data Collected
The security of your personal information is important to us. Any information you provide will be held securely and in accordance with applicable regulations, including the General Data Protection Regulation 2018. We will never sell or rent any of your personal information.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). We collect different types of information depending on your relationship with our website and apps. There are three different types of relationship: anonymous user, registered user, and player.
An anonymous user is a visitor to our website or app who does not sign up (register), or set themselves up as a player. For such anonymous users, we may collect data such as, but not limited to:
the type of device used
the version of the operating system on the device
a unique device identifier
the pages of our Service that you visit
the time and date of your visit
the time spent on those pages
and other diagnostic data.
What we do with the information we gather
We use this data to:
optimise the service for the devices that our users use to access it
understand how they use our service
use it to detect, prevent and address technical issues
provide and maintain our Service
notify you about changes to our Service through the apps and website
allow you to participate in interactive features of our Service when you choose to do so
provide customer support
monitor the usage of our Service
Registered users are people who assert themselves to be 16 years or older, and typically use our apps in the role of a responsible adult. For example, they may be a parent, grandparent, teacher, speech therapist or someone else with a similar kind of role. They will normally have some kind of responsibility for the players (students) who interact with the games within our apps. Users can sign-up (register) on our website or within our apps.
For registered users, in addition to the information collected for anonymous users, we may collect data such as, but not limited to:
name of their school or other professional organisation that they belong to if they are using the service for that organisation
any emails you send us
What we do with the information we gather
We require this information to:
provide a weekly progress report whilst you are actively using the service (this email will automatically stop after the service has not been use for a period of weeks)
email certificates celebrating the progress of players using our service
provide a website to allow you to track players’ progress
allow you and us to administer your use of the service
understand how you use the service
help us to support your use of it, so we can answer questions you have about using the service. For instance, when we can, we track which of our apps you own, and if you have made an In-app purchase.
use the information to improve our products and services.
If a user registers within one of our apps, their login credentials (email address and password) are stored in the device’s secure keychain. This remembers the credentials for them and avoids them having to re-enter them each time the app is used. When a user registers within the app, to make it easier for them, we may use the name they enter to find for them their email address from their address book.
The final type of person using our services we call players (students). These are the people who interact with the games within our apps. Players do not have access to the website. Players normally will be children, but not always. Users are responsible for setting up the details of the players. A user setting up players must be aged 16 or over, and will typically be the player’s parent or guardian, or a responsible adult with the authority to act on their behalf such as (but not limited to) a teacher, other family member or family friend. To be completely explicit, a player must not be set up by someone aged under 16. The information entered by a user about a player may include, but is not limited to:
date of birth
school or other organisation that they belong to
Note only the first name is required, and that can be a nickname. It does not have to be a real name. For the other information, a user may decide not to enter any (which may mean certain features cannot be enabled), or enter real or made-up information. The photo is not copied from the device to our servers, however, the other data is if the adult signs up. Note that the adult is in control of these personal details entered for the children.
A registered user may provide access to the player’s information to other registered users within certain restrictions.
What we do with the information we gather
We require this information so we can:
Provide the service for players
Understand players’ needs
Provide progress tracking.
Improve our products and services.
Customise the website or apps according to players’ age, interests and activities.
We do not market to players and do not request any contact information for players. Nor do we share their details with any third parties for marketing purposes.
When the app listens to your child read, the audio is sent to Apple’s speech recognition service provided by Siri. We do not store or process these recordings.
If a user has registered for our tracking progress service, we will endeavour to collect and record data concerning how the player interacts with the games within our apps. This data will be sent using industry-standard encryption (SSL) to our server.
We may analyse and publish summary and anonymous data about players to inform our research and development, and other interested parties. This may include aggregating data anonymously to provide insights into how players are progressing using our apps. We may use this information to identify schools that are out-performing their peers in the use of the app so we can identify best practise in the use of the apps.
Organisations and groups
Registered users are able to share progress made by players with other registered users by setting up organisations, and within an organisation, groups. A registered user creating an organisation gives it a name and a type. The type of an organisation is either family, school, preschool or something else as determined by the user. Note that organisations don’t have to be real and can use made-up names.
Registered users may invite other users to join their organisation. Players belong to an organisation. Players can also belong to one or more groups within an organisation. A registered user may also allow another registered user to add a specific player to their own organisation. An example should make this clearer. A teacher may invite a parent to track the progress of their child at home by allowing the parent to add the child to the parent’s organisation. That is a player may belong to several organisations. Note in this scenario several adults have shared responsibility for entering their data.
What we do with your data
We use this data to enable the service we offer through our apps and website. We may publish aggregate and anonymous statistics about organisations, but would not share the details of any organisation without permission.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. For information on how to protect yourself from identity theft, you may wish to refer to the U.S. Federal Trade Commission’s website, the UK government’s website or another for your area.
We do not hold financial data about our users, so if there was a data breach, the most salient data likely to be stolen is email addresses. In the event of a serious breach, we would endeavour to notify impacted customers, and the ICO in the UK, within 72 hours. Where possible we would tell you when the breach occurred, the nature and extent of the breach and our plan to investigate and remediate the breach.
Any information sent from our apps, or from our website (when you sign up or log-in), is sent via an SSL connection to our server. Your password is stored on our database using a one-way hashing (an extremely secure method of encryption), meaning nobody (including ourselves) can view your password once it has been saved to the database. The security of our service is built on the team’s experience of building secure systems since the mid-1990s.
Our secure website and database are provided by Heroku who use Amazon’s servers to do this. These servers are protected by these two highly respected companies in the USA, and their software regularly kept up-to-date. Standing on their shoulders means we can deliver a service with a much higher level of security and availability than would otherwise be possible. Both companies are Privacy shield certified and have GDPR compliant privacy policies.
We may use your Personal Data to contact you with progress reports on your associated players’ progress, certificates, communication around any free trial and to ensure your experience of our service is reaching the high standards we aim for. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link provided in any email we send.
Customers often come back to the service again years later, and once they start using the apps again, the weekly report will begin again. You can switch off individually the weekly report and certificates emails. Or, as a teacher, control what groups you receive them for.
If you make a purchase, and this followed finding the app from a Facebook advert, that will be recorded by Facebook so that we know what adverts attracted customers who like the app.
We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to customise our Service to your location.
You can enable or disable location services when you use our Service at any time by way of your device settings.
The latest versions of our apps no longer use location data.
Tracking & Cookies Data
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyse our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Legal Basis for Processing Personal Data under the General Data Protection Regulation (GDPR)
Apps in My Pocket Ltd may process your Personal Data because:
It is needed to provide you with our products or services
You have given us permission to do so
The processing is in our legitimate interests and it is not overridden by your rights
For payment processing purposes
To comply with the law
Retention of Data
Apps in My Pocket Ltd may retain your Personal Data when you stop actively using the service, because customers often come back to us again, sometimes years later, with a different child or class. We will also retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
Apps in My Pocket Ltd will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.
Transfer of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.
Disclosure for Law Enforcement
Under certain circumstances, Apps in My Pocket Ltd may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Apps in My Pocket Ltd may disclose your Personal Data in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend the rights or property of Apps in My Pocket Ltd
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
Our Policy on “Do Not Track” Signals under the California Online Protection Act (CalOPPA)
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Apps in My Pocket Ltd aims to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data.
If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. Much of the data can be viewed by logging into our website using your email address and password registered with us.
In certain circumstances, you have the following data protection rights:
The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section in the apps and website. If you are unable to perform these actions yourself, please contact us to assist you.
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete. You should normally be able to do this via the apps or website.
The right to object. You have the right to object to our processing of your Personal Data. In practice, this might mean that we can no longer provide the service for you given it will depend on processing your data.
The right of restriction. You have the right to request that we restrict the processing of your personal information. In practice, this might mean that we can no longer provide the service for you given it will depend on processing your data.
The right to data portability. We provide the ability for you to export a large amount of data about your students use of the apps from our website. If you want more data than this, you would need to provide us with details. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Or, we may refuse to comply with the request in what would be very unusual circumstances.
The right to withdraw consent. You also have the right to withdraw your consent at any time where Apps in My Pocket Ltd relied on your consent to process your personal information. In practice, this might mean that we can no longer provide the service for you given it will depend on processing your data. We would only continue to process your data if we have another legitimate basis for doing so in law.
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to us or to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA). In the UK, this is Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide the Service on our behalf, perform Service-related services or assist us in analysing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We use several highly-regarded third party services to understand how our customers are using our apps and website, so we can provide you with the best product and support we can. We do not tell them your email and name.
Google Analytics Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Facebook analytics Facebook analytics is provided by Facebook Inc.You can prevent Facebook from using your information for analytics purposes by opting-out. To opt-out of Facebook analytics, please visit your Facebook App Settings page when you are logged into FacebookFor more information on what type of information Facebook collects, please visit the Policies page of Facebook: https://www.facebook.com/policies
To improve the quality of our service, we monitor crashes in conjunction with Microsoft HockeyApp. We only keep crash data for 28 days.
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.