At Robot Galaxy Kids Int’l Co. Ltd. (“RGK” “We” or “Us”) is the creator of Galaxy Academy, an interactive English learning app that aims to transform how language is learned by young children. As the creator of app for children, we aim to follow the best practices as specified by the kidSAFE Seal Program and comply with The Children’s Online Privacy Protection Act (COPPA). To learn more about COPPA, please reference this simple one-page informational guide from the kidSAFE Seal Program: www.kidsafeseal.com/knowaboutcoppa.html.
A few key points upfront:
- We do not collect any personal information from children in our mobile apps or on our website.
- During registration we ask only for minimum information from an adult teacher or parent. From our children student users (under 13), the Services will never require full names or addresses; we ask only for a generic user name, which can be a nickname or a first name.
- We may collect personal information from parents and teachers, when they voluntarily provide it through our website. This may include collecting email addresses when parents and teachers sign up on our website to receive our newsletter at galaxyacademy.com
- Our collection of email addresses to send newsletters is made under Section 312(c)(3) of the COPPA rules effective July 1, 2013: We collect the email address for the sole purpose of sending the newsletters and do not combine it with any other information. You may opt out of the newsletter at any time by unsubscribing.
- We are compliant with COPPA
- You have the right to request a copy to review and delete the information We have collected about you at any time.
- The Services do not include any popup ads or other third party advertisements.
WHAT KIND OF INFORMATION WE COLLECT
In the course of providing our Services, We collect certain information. Some of the information is the information you voluntarily provide to us, like an email address. Other information We collect automatically as you use the Services, like your login in activities. We only collect your information in furtherance of our legitimate interest of providing you with the Services, and internally to evaluate our efforts to improve the Services, and we do not sell this information.
Nonpersonal information is information that does not enable us to identify a user as an individual, such as information about the duration a mobile app is used and how the mobile app is used. We may collect nonpersonal information about the use of our website and mobile apps to help us improve our services.
To help us provide you with the best service, we may work with third-party analytics providers such as Mixpanel and Google Analytics. These companies help us to understand your (Parents and Teachers) use of our website and mobile apps. In association with them, we may collect your unique device identifier, IP address, mobile phone carrier, mobile app progress, time spent playing, and achievements. This anonymous data created from our Apps isn’t used anywhere else and is only for internal use. These companies’ respective Privacy Policies can be found at mixpanel.com/privacy/ and policies.google.com/privacy
In order for you to use the Services, a teacher or parent must create an account. This account allows you access your work across multiple devices and allows multiple related people to use the Services on the same device. When you (parents and teachers) create an account, register with us, send us an email, or provide other information with us in any other way, we will collect and store the information you share.
The Services may enable you to input first names or nicknames for student and children players, which allow you to set up multiple profiles on a single device. The Apps will track each child’s play data separately to provide personalized activities and levels for each profile. Only parents or educators may sign up for a parent account by entering through a parental gate. When you sign up for a parent account, we collect and verify the parent’s email address so we can notify you about your child(ren)’s activities when using the Apps. With such an account, we provide to you additional services, such as multiple profiles, your child’s progress reports and additional resources.
The Services will collect student play data through persistent identifiers that are then linked to individual student nicknames or first names (not full names). This allows us to provide progress reports. Information collected from our Services is used for internal purposes to provide and improve the Services and for use and benefit of the students and parents only. We rely on teachers and schools to obtain parental consents if and when they are necessary.
You can become a subscriber by purchasing a subscription to the Services within the Apps, where allowed by the App marketplace partners. When You subscribe to our Services, the order process may request a credit card or other payment information (i.e. PayPal). Order information is done through the Sites or via iTunes and Android App Stores directly and we do not collect or process or store any of your Personal Information or credit card information during the billing process ourselves. We use a third party service provider to process payments made on our Sites. Sales made via the app itself are processed through the marketplace partners directly (i.e. iTunes or Google Play), so your credit card information is not collected and retained by Us.
HOW DO WE USE THE INFORMATION WE COLLECT?
We collect and use your information to provide the Services, to provide support for the Services, to respond to user requests and inquiries, to maintain a record of our dealings with users, to facilitate your use of and our administration and operation of the Services; and to evaluate how to improve our offerings.
WHEN DO WE SHARE OR DISCLOSE YOUR INFORMATION?
Personally identifiable information, or Personal Data as such term is defined by GDPR below (“Personal Information”), is information that can identify you or your child individually, such as an individual’s full name or physical mail address. Your Personal information may be shared as follows:
We may share personal information in the event that Robot Galaxy Kids Int’l Co. Ltd. Is sold to or merged with another corporate entity or where its assets are transferred to another entity. This may include for example information relating to customer lists, outstanding invoices, etc. This information is only shared to the extent that is necessary to facilitate or complete such merger, sale or asset transfer.
If you give us permission, we may share the Personal Information of an adult account holder (teachers and parents) with third parties who might send you marketing and promotional information.
We may also disclose the Personal Information of an adult account holder (teachers and parents) if required by law or where we believe such action is necessary in order to protect or defend our interests or the interests of our users or business partners.
This Site may be accessible to children but the Site is targeted for parents and adults and is not intended for children under age 13. For the most part, when children use our Apps, we do not require any Personal Information from them, and we have taken steps so that information about a child/student requested from a parent/teacher is non-Personal Information such as a nickname or child’s first name only.
Collection of Personal Information that is directed to children under 13 (“Children’s Platforms”) is governed by the principles of the Children’s Online Privacy Protection Act (“COPPA”), a U.S. law designed to protect the online privacy of children under the age of 13. We will obtain parental consent before collecting any Personal Information on our Services, unless the request for information falls within an exception that would be permitted under COPPA. We do not condition a child’s participation in our Services on the disclosure of more Personal Information than is reasonably necessary to participate in an activity.
Parents may contact us at firstname.lastname@example.org to review, update or delete any of their children’s personal information that we may have collected and to elect for us not to collect any additional personal information from their children.
Security of Personal Information:
The Company has adopted technical, administrative and organizational security measures required to safeguard personal information from, for example, loss, unauthorized alteration, disclosure or access. The Company uses industry and commercially available encryption technology to ensure that personal information submitted on the Galaxy Academy Platform cannot be read by unauthorized third parties. The Company also regularly backs up the service to ensure reliability and availability. To protect the integrity of our system, we undertake malware scanning, vulnerability testing and put in place other access control mechanisms to ensure that only authorized personnel have access to such personal data which is required for the performance of services.
Access and Correction of Personal Information:
Users are responsible for ensuring the correctness of the information provided to the Company. If you think you need assistance in updating or removing certain information from your profile, please contact our customer support via email and we will help you.
Links to Third Party Services
We may include links to other websites and applications including for example Facebook. To ensure children’s safety, we have implemented a feature whereby a user will be promoted to enter a valid password or security question before any such link can be opened. Please note that We do not own or operate external websites whose links appear in the App and will not accept responsibility for injury, harm or loss related to visiting or following such links. Third-party websites have their own privacy policies. We advise to carefully review these sites and their privacy policies before submitting your information to them.
California Privacy Rights
International Transfers of Information
The Company stores user information on servers located in Singapore The Company may however transfer and store certain personal information to servers located in other countries including countries outside of the European Economic Area (EEA). This transfer is normally done to partners and service providers (“data processors”) engaged in the review, hosting, support, performance and development of our services. If you are accessing the Service from outside of the EEA, please be aware that some of your personal information may be transferred to and stored on servers in Singapore or other non-EEA countries. All data transfers are done in compliance with applicable data and privacy protection laws. The Company recognizes the risk of disclosure and transfer of personal information to third parties and takes adequate and effective measures to ensure that transfers of personal information comply with the applicable laws and, with respect to EU Personal Data, in compliance with Chapter 5 of the EU General Data Protection Regulation. If personal information is transferred to a third country, Company will carry out such transfer subject to the following security measures: (i) the country to which personal information is transferred to must provide an adequate level of protection, (ii) use of the Privacy Shield between the European Union and the United States of America, (iii) and the use of Data Processing Agreements and Standard Contractual Clauses, or where applicable, (iv) obtain customer’s prior consent.
Your Child’s Data Rights
Right of Access:
You have the right to access your information that We hold and the right obtain additional information about the types of information we process about you, the purposes of processing, as well as the lawful bases for processing of such information.
Right to Rectification:
If you think we hold inaccurate personal information concerning you, you have right to request immediate correction of such information.
Right to Erasure:
Under certain circumstances, data subjects have the right to request the erasure, and prevent further processing, of their personal information. Please note however this a limited right and applies only to information directly provided by you. It does not apply for example to information collected by the Company from other sources or information that is otherwise publicly available. The Company may erase personal information and stop further processing thereof, where:
- personal information is no longer needed in relation to the purposes for which it was originally collected or processed;
- consent is withdrawn in respect of personal information whose processing is based on consent;
- you object to the processing of personal information and the Company does not have a valid reason that outweighs your objection as regards further processing of personal information;
- personal information was unlawfully processed;
- the company is required to erase personal information in compliance with applicable law;
Right to Restrict Processing of Personal Information:
You can, at any time, request that the Company limits or restricts the use of your personal information if you believe that the information being processed is incorrect or that processing is unlawful.
Right to Data Portability
You have the right to obtain access to your personal information concerning you which you have provided to us. This also includes the right to obtain such data in a structured and commonly used and machine-readable format, and transfer it to another data controller of your choice.
Right to Object to Processing
You have the right to object to the use of your data for direct marketing purpose or profiling for marketing purposes. You can exercise this right by opting-out of direct marketing at the time of registration or by sending us an email at email@example.com
Where the collection and use of your personal information is based on consent, you have the right to withdraw your consent.
CHANGES TO THIS POLICY: GENERAL
Last Updated 24th January 2020.