ABCmouse Privacy Notice and Cookie Policy
Effective Date: July 11, 2019
Table of Contents
- Introduction
- Types of Accounts, Services, and Users
- Child Safe Guarantee
- Personal Data We Collect and How We Collect it
- Advertising and Marketing
- How We Use Your Personal Data
- Lawful Basis for Processing of Personal Data
- When We Disclose Information to Third Parties
- How to Access, Change, or Delete Account Information; You Rights
- Account Cancellation and Reactivation; Data Deletion
- Links to Other Services
- Location of Information Processing
- Security
- Cookie Policy
- Changes to Our Privacy Notice and Cookie Policy
- Complaints, Reporting Violations, and Contacting Us
1. Introduction
Welcome to ABCmouse.com® Early Learning Academy (ABCmouse), which is owned and operated by Age of Learning, Inc. We are committed to providing children with a learning environment where every activity is just as fun as it is educational and where you can feel confident that your children’s privacy is protected.
This Privacy Notice and Cookie Policy describes the ways in which Age of Learning, Inc., and its subsidiaries (collectively, we, our, us, or the Company) collect, process, and disclose information about our Users (as defined below) within Europe and Australia and the children who use the accounts of our European or Australian Users through ABCmouse, and any other websites, applications, and online services (Apps) that link to this Privacy Notice and Cookie Policy (collectively, the Services), including ABCmouse® for Schools, operated by our wholly owned subsidiary Age of Learning for Schools, Inc. (AofL Schools). AofL Schools provides School Accounts (as defined below) for schools, school districts, licensed childcare facilities, and other licensed educational institutions or programs (each, an Educational Institution). Our Services are directed toward nursery school through second-grade aged children.
This Privacy Notice and Cookie Policy applies across multiple jurisdictions, such as Europe (where the General Data Protection Regulation (EU) 2016/679 (GDPR)) applies and Australia (where the Australian Privacy Act 1988 (Cth) (Privacy Act) applies).
Personal Data
For the purposes of this Privacy Notice and Cookie Policy, the term “Personal Data” encompasses both the definition of “Personal Data” under the GDPR and the definition of “Personal Information” under the Privacy Act, as set out below for European Users and Australian Users respectively.
Personal Data under the GDPR for European Users
The term Personal Data is defined in the GDPR as “any information relating to an identified or identifiable natural person (Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.”
Personal Information under the Privacy Act for Australian Users
Under the Privacy Act, “Personal Information” is defined to mean “information or an opinion about an identified individual, or an individual who is reasonably identifiable:
a) whether the information or opinion is true or not; and
b) whether the information or opinion is recorded in a material form or not.“
Please read this Privacy Notice and Cookie Policy and our Terms & Conditions carefully to understand our views and practices regarding your Personal Data and how we will treat it. By using the Services, you consent to our use of your Personal Data and agree to the terms of this Privacy Notice and Cookie Policy. We may provide additional privacy notices to individuals at the time we collect their Personal Data. This type of an “in-time” notice will govern how we may process the Personal Data you provide at that time. If you do not agree to our use of your Personal Data in line with this Privacy Notice and Cookie Policy, please do not use the Services.
2. Types of Accounts, Services, and Users
How we collect, process, and disclose Personal Data depends on the type of account held and the type of User (as defined below). We currently offer consumers Family Accounts, which are detailed in our Terms & Conditions and, separately, AofL Schools provides School Accounts for schools, school districts, licensed childcare facilities, or other licensed educational institutions or programs (each, an Educational Institution), which are only for Educational Institutions.
The provisions of this Privacy Notice and Cookie Policy apply to all Family Accounts and School Accounts (collectively, Accounts). Any differences in how the Accounts are treated are identified below.
Users of the Services include Child Users (any child under 16 who uses the learning portion of the Services) and Adult Users (including parents, legal guardians and anyone with parental responsibility for Child Users, purchasers of an Account as a gift (Gift Account), and teachers), collectively referred to as Users.
3. Child Safe Guarantee
The Services are backed by our Child Safe Guarantee. This means that Accounts will never include any pop-up ads or other advertisements directed to children. In addition, Child Users are blocked from accessing external links. External links will only be available if an Adult User enters his or her password.
4. Personal Data We Collect and How We Collect it
- Personal Data
As more fully set forth below, we and our third-party service providers collect Personal Data directly from Users that such Users provide when using the Services, including when Adult Users create an Account, sign up for Services, or contact us with a question, comment, request, or complaint. However, we will only use or disclose this information in accordance with this Privacy Notice and Cookie Policy and applicable data protection and privacy law. Please see section 8 (When We Disclose Information to Third Parties) below for more information and how we limit disclosure of Child User information.
If you created a profile/registered with us, you will have been asked to tick to agree to provide this information in order to access our Services, purchase our products, and/or view our content.
i. Adult Users
Adult Users are asked to provide certain Personal Data about themselves when registering for any Account, including:
- first name;
- last name;
- email address; and telephone number (optional).
Any other information provided at registration depends on the type of Account or Adult User. For example:
Payment information is collected from Adult Users who purchase a Family Account, including those who purchase a Gift Account for others. For your security, we do not store your complete credit card number in our databases but retain only the first six digits and last four digits so that we can identify your Account and respond to your requests, questions, or complaints.
The email address of a parent, legal guardian, or person with parental responsibility is collected when the Adult User purchasing a Family Account states that he or she is not the legal guardian, or if a teacher provides such addresses in order for parents, legal guardians, or those with parental responsibility to connect to the Teacher Account or School Account.
Adult Users who register for a Family Account or School Account are asked to provide certain Personal Data about the relevant Child Users of such Accounts during ABCmouse® registration, including:
- the first name (or nickname)
- birth month and year; and
- gender
of Child Users who will be accessing the Services through their Accounts.
When an Adult User submits any Personal Data relating to a Child User in connection with the Services, the Adult User represents that they have the authority to do so and agree to us using the Personal Data in accordance with this Privacy Notice and Cookie Policy.
In addition, Adult Users can provide us with information through separate password-protected sections (i.e., the Parent section or Teacher Dashboard) of the Services. These sections, accessible via the Menu or Settings link on the Services, allow Adult Users to administer their accounts, including when they add Child Users, provide testimonials, seek customer support, or submit comments or questions.
We do not ask for certain sensitive Personal Data such as your national insurance number, driver’s license number, or biometric data. However, as mentioned above, paying subscribers are asked for payment information when they subscribe. Please see section 13 (Security) below for more information about how we safeguard payment information.
ii. Child Users
Children have the ability to create free-form artwork. We encourage you to use the Services with your Child Users and to view and monitor any content created or uploaded (if applicable) by them. If you would like to review all content saved by your Child Users, you can access this content by clicking on the My Files menu item in each Child User’s About Me section of the Services.
Other than in the places and for the purposes explicitly disclosed in this Privacy Notice and Cookie Policy, we do not knowingly collect any Personal Data directly from Child Users under the age of 16.
b. Personal Data Automatically Collected from Users
Because the security of your Personal Data is important to us, we only ask for Personal Data where it is reasonably necessary to provide the Services, and we only process your Personal Data in accordance with this Privacy Notice and Cookie Policy and applicable data protection and privacy laws.
We and our third-party service providers automatically collect some Personal Data directly from users of the Services in the form of the actions they take and activities they complete when using the Services. For example, from Adult Users, we may collect information about patterns of usage and order history; from Child Users, we may collect information about patterns of usage, which activities a child commences and completes, when a child starts and stops an activity, which areas of the Services the child frequents, the number of questions answered correctly or incorrectly, how many Tickets the child earns, what virtual items the child selects to exchange for Tickets, and the child’s choice of Avatar and customisation.
We and our third-party service providers also use a variety of technologies, such as pixel tags and cookies (small text files that the Services save on your computer or mobile device), to automatically collect certain technical information from your computer or mobile device—see section 14 (Cookie Policy) below for further details about how we use pixel tags and cookies.
c. Automated Decision Making and Profiling:
We do not use your Personal Data for the purposes of automated decision-making. However, we may do so in order to fulfil obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.
5. Advertising and Marketing
a. Advertising
We use third parties such as network advertisers and others to assist us in advertising, including displaying our advertisements on other websites and through social media platforms; we also may use third parties that display advertisements based on your visits to our Services, as well as other websites, and other third parties to assist us in identifying relevant advertising on our Services. These third parties may collect and use click stream information, browser type, time and date, and subject of advertisements clicked or scrolled over during your visits to the Services and other websites in order to provide advertisements about goods and services likely to be of interest to you. Third-party ad network providers, advertisers, sponsors, and/or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), Flash LSOs, and other technologies to measure the effectiveness of their ads and to personalise advertising content to you. These third-party cookies and other technologies are governed by each third party’s specific privacy policy, not this one. We may provide these third-party advertisers with Personal Data about your usage of our Services, as well as anonymous data about visitors to and users of our Services.
Advertising to you is based on your visits to the non-child-directed portions of the Services (such as www.abcmouse.com) when you visit third-party websites and applications. We will never use information collected in the child-directed portions of the Services for targeted advertising purposes.
b. Marketing
We would like to send you information about our products and Services and those of our associated companies which may be of interest to you. If you have opted in to receive marketing information, you may opt out at a later date. You may not opt out of receiving administrative messages from us regarding your Account, such as password reset emails, customer support messages, and emails about changes to our Privacy Notice and Cookie Policy in accordance with section 15 (Changes to Our Privacy Notice and Cookie Policy).
You have a right at any time to stop us or any associated companies from contacting you for marketing purposes—if you no longer wish to be contacted for marketing purposes please contact us via the contact details in section 16 (Complaints, Reporting Violations, and Contacting Us) below or click on the Unsubscribe button at the bottom of any email received from us.
While it is never our intention to send any marketing messages to children, if you believe a Child User has received such a marketing communication, please contact us as described in section 16 (Complaints, Reporting Violations, and Contacting Us) below.
Push Notifications and SMS. Additionally, if you downloaded the App on your mobile device to access the Services, as part of your use of the Services we may ask if you would like to receive push notifications, which may include alerts and notifications, badges, banners, and sounds on your mobile device. You may choose to stop receiving push notifications at any time by changing the settings on your mobile device. We may also ask if you would like to receive SMS text messages. Please note that your network provider may charge you for the text messages you receive. To permanently stop receiving SMS text messages from us text STOP, CANCEL, or UNSUBSCRIBE in reply to any SMS text message sent by us.
6. How We Use Your Personal Data
We and our third-party service providers may use the information collected from Users as follows:
a. Adult User Personal Data.Personal Data collected from Adult Users may be used:
i. to generate a transaction identification number and member identification number, which is used by us to identify certain transactions and Users;
ii. to permit you to register and use the Services, including, for example, to send you communications about Child User progress or your Account, or to allow you to provide Feedback through the Parent section. For security purposes, the Parent section is password protected;
iii. for Family Accounts, to complete and fulfill your purchase, such as to process your payments, communicate with you regarding your purchase, and provide you with related customer service;
iv. to respond to your enquiries or complaints and fulfill your requests, retrieve your password or provide technical support;
v. to deliver ABCmouse® advertising and to measure the effectiveness of our advertising to adults (see section 5 (Advertising and Marketing) above for more information); and
vi. to send you marketing communications that we believe may be of interest to you (see section 5 (Advertising and Marketing) above for more information).
b. Child User Personal Data.Personal Data collected from Child Users may be used:
i. to measure a Child User’s performance in activities and to adapt a Child User’s learning experience to the Child User’s learning needs; and
ii. to analyse, provide progress reports on, or provide an assessment of a Child User’s performance to the Adult User on the Account.
c. Both Adult and Child User Personal Data.Personal Data collected from both Adult and Child Users may be used:
i. to allow us to assess and improve the Services, its educational content, and other services we provide, for example, to improve our content and user experience; to research, evaluate, and improve the Services’ educational efficacy; and to inform our understanding of the Services’ user base;
ii. to customise, adapt, and personalise Users’ viewing and content-consumption experience, for example, by measuring a Child User’s performance in activities and adapting the Child User’s learning path to his or her learning needs;
iii. to detect fraud;
iv. to maintain and analyse the functioning of the Services; and
v. as we believe to be necessary or appropriate: (a) under applicable data protection and privacy law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to detect violations of and enforce our Terms and Conditions; (e) to protect our operations or those of any of our associates, including the security of the Services; (f) to protect our rights, privacy, safety, or property, or that of our associates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain (collectively, (a)-(g) are Other Uses and Disclosures).
We will never sell or rent the Personal Data of any User of the Services to a third party, except as described in this Privacy Notice and Cookie Policy in the context of a sale of the Company.
Where we intend to process your Personal Data for a purpose other than that for which it was originally collected, we will provide you with information on that other purpose and any relevant further information prior to such processing.
7. Lawful Basis for Processing of Personal Data
We only process Personal Data where we have a lawful basis for doing so, including the following:
a. User consent: this refers to where you have given us explicit permission to process Personal Data for a given purpose. For example, by using our website and consenting to our cookies you give consent that we may obtain certain Personal Data about you, including your IP address and certain user preferences (see section 14 (Cookie Policy) below for more information). If we rely on consent as a lawful basis for the processing of your Personal Data, we will seek such consent at the time we collect your Personal Data.
b. For our legitimate business purposes: this covers where we have a legitimate interest, as a business, to process Personal Data. For example, to manage enquiries, requests, and complaints; to undertake general administrative tasks in connection with our Services; to provide you with information about our Services; to improve, maintain, and analyse our Services; and to detect fraud.
c. For contractual necessity: this covers situations where we must process Personal Data to meet our contractual obligations. For example, where you hold an Account with us, we would need to process your payment information to fulfill your subscription.
d. For compliance with a legal obligation: this covers situations where we must process Personal Data in order to comply with the law; we may share your information with third parties such as regulatory authorities, or where we are under a legal obligation to disclose your information (for example, where we are required to share information in accordance with legislation, to prevent fraud and other criminal offences, or because of a court order). We may disclose your information in order to enforce our legal rights or to protect the legal rights of us or others.
8. When We Disclose Information to Third Parties
Information collected from both Adult and Child Users will not be disclosed except as follows:
a. to third parties who perform certain services for us, such as to process debit and credit cards; to conduct or evaluate research (such as on the educational impact of the Services); and to provide us with statistics about the effectiveness of our advertising on third-party websites, provided that the service providers agree to keep the information confidential and to use it only for purposes that are permitted by this Privacy Notice and Cookie Policy. In respect of advertising analytics data, when a User subscribes or downloads our Apps, certain Personal Data (including a User’s transaction identification number, which cannot be linked to individual Users, and member identification number, which can be linked to individual Users) is transmitted to our advertising measurement partner, Adjust, for the purpose of providing us with advertising statistics. However, Adjust does not store a User’s membership identification number but passes this back to us to assist us in detecting fraud. The third-party pixels and JavaScript snippets that we use for our affiliate partners, as well as for companies such as Google, Bing, Yahoo, and Facebook, work much more simply than those with Adjust. In those cases we use either JavaScript snippets provided by our affiliate partners, an image-based pixel, or IFrame (an IFrame or inline frame is an HTML document embedded inside another HTML document on a website; the IFrame HTML element is often used to insert content from another source, such as an advertisement, into a web page) which fire based on a cookie dropped in the User’s browser, or we use a server-to-server URL which fires based on the initial click identification or transaction identification number based on a cookie;
b. where parents, legal guardians, or those with parental responsibility for Child User(s) have linked a Family Account to a Teacher Account, as described in the Terms & Conditions, the Adult Users of both Accounts will be able to review the progress and details of their Child Users within both Accounts;
c. as we believe to be necessary or appropriate as set forth above in Other Uses and Disclosures and in other instances substantially similar to those listed in this section;
d. where legally required and in certain other cases, we may make such disclosures without first providing notice to Users; and
e. subject to confidentiality agreements, the terms of this Privacy Notice and Cookie Policy, and applicable data protection and privacy law, information may be disclosed to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, transfer, or license all or a portion of our assets in bankruptcy or otherwise. This means that if some or all of our assets are acquired or otherwise transferred or licensed, including in bankruptcy, that such acquirer shall be subject to the same commitments stated under this Privacy Notice and Cookie Policy.Any third parties to whom we disclose Personal Data are governed by terms of their own privacy policy and this Privacy Notice and Cookie Policy does not apply to them.
We do not disclose the personally identifiable information of any Child User to third parties for any marketing or promotional purposes.
As used in this Privacy Notice and Cookie Policy, Anonymous Data means data that does not relate to an identified or identifiable natural person or Personal Data rendered anonymous in such a manner that the Data Subject is not, or is no longer, identifiable. Anonymous Data does not, by itself, permit the identification of individual persons and is therefore not regarded as Personal Data.
We also may disclose Anonymous Data and/or aggregated User information for any other purpose as permissible by applicable data protection and privacy law—for example, the distribution of de-identified User records to outside researchers or the distribution of reports containing aggregate user demographic and traffic patterns—provided that no individual Adult User or Child User or any specific end-user device can be readily identified.
9. How to Access, Change, or Delete Account Information; Your Rights
An Adult User can review or change the information they provided when they registered for the Services, including by adding or removing Child Users to or from the Account, by updating information through the Parent section of the Services or, for Teacher Accounts, by using the Class Builder or Settings feature in the Teacher Dashboard. In addition, Adult Users may contact us at any time as described in section 16 (Complaints, Reporting Violations, and Contacting Us) below to request that we provide for their review, or delete from our records, any Personal Data they have provided about Child Users associated with their Accounts, or to cease collecting Personal Data from those Child Users, as applicable. Please keep in mind that a request to delete Personal Data may lead to cancellation of your Account or the inability to use certain Services, and if a Teacher Account is linked to a Family Account, a request to delete Personal Data in one of the Accounts may be reflected in the other Account.
When we change or delete any Personal Data at your request, we will make good faith efforts to make the changes in our then-active databases as soon as reasonably practicable, generally within 24–48 hours. Changing setting options may not result in immediate changes to the settings, which are subject to our operations and maintenance schedules. Please note that information, including Personal Data, may remain in backup or archive records, and we may retain certain data relevant to preventing fraud or future abuse or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable or Anonymous Data, account recovery, or if required by law. All retained data will continue to be subject to the Privacy Notice and Cookie Policy in effect at that time.
School Accounts: If you are using the Services through a School Account that is integrated with a school student information system (SIS), any request to access or make changes to or delete Personal Data including data concerning students (Student Data) must be made by the Educational Institution within the SIS. Once the changes are made within the SIS, the changes will automatically appear within the School Account.
If you are using the Services through a School Account and the Educational Institution is not integrating its SIS with the Services, any request to access, make changes to, or delete Personal Data including Student Data must be made by the Educational Institution’s designated administrator for the School Account. The administrator will be provided access to the School Account User Profile pages in order to update, correct, or delete the information contained therein.
Your Rights:
a. the right to access the Personal Data we hold about you: you may access the Personal Data we hold about you at any time by contacting us as described in section 16 (Complaints, Reporting Violations, and Contacting Us);
b. where our processing of your Personal Data is based on your consent, the right to withdraw your consent to such processing at any time;
c. the right to rectification of your Personal Data: you can also contact us to update or correct any inaccuracies in your Personal Data;
d. the right to restriction of processing or to object to processing of your Personal Data;
e. the right to request us to transfer your Personal Data to a third party in a standardised machine-readable format;
f. the right to object to direct marketing. You may contact us at any time to opt out of direct marketing communications (as referred to above at section 5 (Advertising and Marketing));
g. the right to request we erase and forget your Personal Data. You can request that we erase your Personal Data; and
h. the right to lodge a complaint with a supervisory authority. In the United Kingdom, this is the Information Commissioner’s Office (ICO) and in Australia, this is the Office of the Australian Information Commissioner (OAIC).
If you wish to exercise any of these rights, please contact us using the details in section 16 (Complaints, Reporting Violations, and Contacting Us). In your request, please make clear: (i) what Personal Data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and, in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.
10. Account Cancellation and Reactivation; Data Deletion
We only keep your Personal Data for as long as necessary in relation to the purpose for which we are processing that information. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
At any time, Adult Users, with the exception of School Accounts, may cancel their Accounts through the Parent section or Teacher Dashboard section of the Services.
For Family Accounts that have been cancelled, if the Account remains inactive for 24 months, we will delete all Personal Data in our active databases associated with the Account (Account Information ). The 24 months is provided so that you have the ability, following cancellation of a Family Account or inactivity, to reactivate your Account and potentially recover previous information and resume where the Child User left off. However, we provide no guarantee, and shall have no liability or obligation to ensure that all Account Information and Services-related progress will be available or accessible or all learning or personalisation features will be able to be recovered or resumed. If a User requests that Personal Data be deleted prior to the end of the 24-month period of inactivity, we will take commercially reasonable steps to satisfy that request.
For School Accounts, Adult Users should contact their respective Educational Institution for any questions regarding account cancellation and data deletion. If an Educational Institutional terminates its agreement with AofL Schools, AofL Schools will delete, or if requested by the Educational Institution, transfer to the Educational Institution all Student Data within 90 days following the termination of the agreement with the applicable Educational Institution.
Upon Account cancellation, Adult and Child User Anonymised Data may nonetheless persist internally in our archive files or similar databases and may still be used, on an anonymous basis, for our internal support, administrative, and record-keeping purposes including, but not limited to, allowing us to improve the Services and other services we provide through research, evaluation, and analytics as permissible by applicable data protection and privacy law.
Please note that following a request to delete information or your Account under Sections 9 or 10 of this Privacy Policy, information including Personal Data may remain in backup or archive records, and we may retain certain data if required by law, relevant to preventing fraud or future abuse, or for legitimate business purposes, such as account recovery and customer support, and all subject to our internal records retention periods. All retained data will continue to be subject to the Privacy Policy in effect at that time and applicable law.
11. Links to Other Services
In certain sections of the Services, we may include links to external websites or applications (including Facebook, Twitter, YouTube, Instagram, and Pinterest). However, in order to protect children from accessing these external websites, an Adult User will be required to enter a valid password. These websites and applications are governed by their own privacy policies or information collection practices, which may be substantially different from ours. We encourage you to review the privacy policies and information collection practices of any external websites and applications, as those parties’ practices would not be subject to this Privacy Notice and Cookie Policy.
12. Location of Information Processing
The Services are controlled and operated by us from the United States of America. Your information may be transferred to, stored, and processed by us, our associates, and our third-party service providers in any country where we have facilities or in which we engage service providers, including the United States of America, which may have data protection laws that are different from those of your country. Specifically, we may transfer Personal Data from the European Economic Area (EEA) to:
a. countries that the European Commission has deemed to adequately safeguard Personal Data;
b. pursuant to the recipient’s compliance with standard contractual clauses, EU-US Privacy Shield, or Binding Corporate Rules;
c. pursuant to the consent of the individual to whom the Personal Data pertains, or
d. as otherwise permitted by applicable EEA requirements.
For Australian Users, we may transfer your Personal Data from Australia to:
a. the United States of America;
b. the EEA;
In addition, your information may be subject to access requests from governments, courts, or law enforcement officials in countries where it may be processed, under the laws of those countries.
By using the Services, you agree to this transfer, storing, or processing. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Notice and Cookie Policy.
13. Security
The security of your Personal Data is important to us, and we employ physical, technical, and administrative security measures designed to safeguard the Personal Data collected by the Services and to guard against unauthorised or unlawful processing of Personal Data and against damage to, accidental loss, or destruction of your Personal Data. We use industry-standard SSL (secure socket layer technology) encryption to transfer Personal Data. Other security safeguards include, but are not limited to, data encryption, firewalls, and physical access controls to buildings and files.
Account holders create a password in the registration process. You can help protect against unauthorised access to your account and Personal Data by selecting and protecting your password appropriately and limiting access to your computer and browser by signing off after you have finished accessing your account. At registration, we assign a Member ID to each Account and use those Member IDs to authenticate logins, allow access to the subscription content, and monitor compliance. The Member ID is also used to authenticate users when requesting technical support. Access to information is limited (through user/password credentials and two-factor authentication) to those employees who require it to perform their job functions.
We also use PCI-DDS compliant services providers for credit card processing as required by applicable law.
14. Cookie Policy
a. What Are Cookies?
Our websites and Apps use cookies. Cookies are small text files placed on your device to collect standard internet log information and visitor behaviour information. The cookies may transmit information via your browser with a purpose of authenticating or identifying the computer (via, e.g., the IP address) or the User. Cookies may contain information such as registration data and User preferences.
We use cookies to:
i. automatically collect certain technical information from your computer or mobile device over time and across different websites, including when you use the Services, such as your browser type, operating system, device type, the page served, your IP address and your geolocation. When you download and use our App(s), we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number;
ii. collect and store information about your location to provide you with educational experiences or email updates that are tailored for your region. The location information we have access to may include (1) your postal code, if you provide one to us; and (2) the approximate geographic region your computer or mobile device is located in, as determined from your IP address. However, we do not collect your street name and the name of your city/town. You may be able to change the settings on your computer or mobile device to prevent it from providing us with such IP information. We also have access to your school or classroom location if you (as a teacher) provide it to us;
iii. we may collect information from your mobile device if you have downloaded our App(s). This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include your IP address, geographic location, how you use the App(s), and information about the type of device you use. In addition, in the event our App(s) crash on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our App(s). This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual. In addition, if you choose to turn on your Bluetooth, wi-fi or other geolocation functionality when you use our App(s), we may collect and use your geolocation information; and
iv. we may also use third-party advertising networks to collect cookie information about Adult Users’ visits to the non-child-directed portions of the Services and to (1) deliver interest-based advertising to those Adult Users, including ABCmouse-branded advertising, when those Adult Users visit third-party websites; and (2) provide us with statistics about the effectiveness of our advertising on third-party websites. These third-party advertising networks may use this cookie information in accordance with their own privacy policies. Please refer to section 8 (When We Disclose Information to Third Parties) above for more information about what Personal Data is transferred to our third-party advertising measurement partner.
When a server receives a request from a device which stores a cookie from a website, the server is able to use the information stored in the cookie in combination with the information stored on the server to allow the website to respond to you as an individual and to tailor their operations to your needs, likes, and dislikes by gathering and remembering information about your preferences. A cookie cannot collect information from your computer and cannot carry any viral or other damaging files.
b. Do Not Track Signals:
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to Do Not Track signals. You may opt out of many third-party ad networks, including those operated by members of the European Interactive Digital Advertising Alliance (EIDAA). For more information regarding this practice by EIDAA members, and your choices regarding having this information used by these companies, including how to opt out of third-party ad networks operated by EIDAA members, please visit their website: http://www.edaa.eu/ (EIDAA) and www.youronlinechoices.com and http://www.youronlinechoices.com.au/ for Australian Users.
c. Effect of Opting Out of Member Network:
Opting out of the EIDAA member network only means that those members no longer will deliver targeted content or ads to you. It does not mean you will no longer receive any targeted content or ads on our Services or other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different computer, or change web browsers, your EIDAA opt-out may no longer be effective. Additional information is available on EIDAA’s website accessible by the above link.
d. Types of Cookies:
We may offer cookies to you, and if you do not wish to receive them you should ensure that your web browser is set up to not accept cookies. Please note that if you disable cookies, some Services or website functionality may not be available. We use the following cookies:
Essential Cookies
These cookies are essential to provide you with services available through Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
Functionality Cookies
These cookies allow us to remember choices you make when you use our Services, such as remembering your language preferences, remembering your login details, and remembering the changes you make to other parts of Services which you can customise. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.
Analytics and Performance Cookies
These cookies are used to collect information about traffic to our Services and how users use the Services. The information gathered does not identify any individual visitor. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information, and to monitor the level of activity on our Services.
Social Media Cookies
These cookies are used when you share information using a social media sharing button or “like” button on our Services or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter, or Google+. The social network will record that you have done this.By continuing to use our Services, you are accepting our use of these cookies that make advertising and communications more relevant to you and your interests and further help us to improve our Services.
e. Pixel Tags and IFrames:
We also use pixel tags (which are also known as web beacons and clear GIFs) on our Services to track the actions of Users on our Services. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on web pages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of the Services, so that we can manage our content more effectively. The information we collect using pixel tags is not linked to our Users’ Personal Data.
We additionally use JavaScript snippets and server to server requests that are provided by our affiliate partners and IFrames (or inline frames) on our Services to insert content from another source into a web page, particularly in respect of advertisements in order to provide advertisements about goods and services likely to be of interest to our Users. An IFrame is an HTML document embedded inside another HTML document on a website.We and our third-party service providers may use the information collected through these technical methods for a number of purposes, including delivering content, tracking and enhancing our Users’ experience on the Services, and delivering advertising to visitors of www.abcmouse.com when they visit other websites and applications. For example, when you return to the Services after logging in, cookies help the Services recognise who you are without having to log back in. For more information, see section 6 (How We Use Information) above. The information collected through these technical methods on the child-directed portions of the Services are used only to support the internal operations of the Services. We do not allow third- party advertising networks to collect information about Child Users who are logged into their Accounts.
f. Cookies We Use:
Our Services use the following cookies:
g. Managing Your Cookies
Cookies help you to get the most out of our Services, and if you disable cookies some Services or website functionality may not be available. If you do not want the Services to collect information through the use of cookies, you can set your web browser to reject cookies from the Services.
How to enable and disable cookies using your browser:
Most browsers allow you to manage cookie settings. These settings can usually be found in the Settings, Options, or Preferences menu of your browser. The links below are provided to help you find the settings for some common browsers:
i. manage cookie settings in Chrome, Chrome Android, and Chrome iOS;
ii. manage cookie settings in Safariand Safari iOS;
iii. manage cookie settings in Firefox;
iv. manage cookie settings in Internet Explorer; and
v. manage cookie settings in Opera.
For all other browsers, please look for a Help function in your browser or contact the browser provider.
However, as mentioned above, if you reject or block cookies from the Services, the Services may not function as intended. For example, you will not be able to remain logged in to your account, and therefore you would have to log in during each page transition.
Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com/uk and http://www.youronlinechoices.com.au/ for Australian Users.
15. Changes to Our Privacy Notice and Cookie Policy
We constantly try to provide the best services, and accordingly our Privacy Notice and Cookie Policy will change from time to time. If we update this Privacy Notice and Cookie Policy, we will notify you by posting the revised Privacy Notice and Cookie Policy on the Services, and for certain revisions that materially expand the ways in which we use or share the information previously collected from you through the Services, either display an alert next to the Privacy Notice and Cookie Policy, display an alert upon login to the Services, or directly communicate with you (e.g., via the email address associated with your Account). If you have a School Account, any modifications to this Privacy Notice and Cookie Policy will only apply to you and your Child User in accordance with the AofL Schools agreement with your Educational Institution.
16. Complaints, Reporting Violations, and Contacting Us
We are committed to resolving any complaints about our collection or use of your Personal Data. If you would like to make a complaint regarding this Privacy Notice and Cookie Policy or our practices in relation to your Personal Data, please contact us as described below. We will reply to your complaint as soon as we can and, in any event, within 45 days. We hope to resolve any complaint brought to our attention; however, if you feel that your complaint has not been adequately resolved, you reserve the right to contact the ICO or the OAIC (as applicable), as detailed in section 9 (How to Access, Change, or Delete Account Information; Your Rights) above.
Age of Learning, Inc. and Age of Learning for Schools, Inc. are each located in the United States of America. Age of Learning, Inc. is the operator of all of the Services except ABCmouse® for Schools, operated by Age of Learning for Schools, Inc. Any questions, concerns, or complaints regarding this Privacy Notice and Cookie Policy, our data collection or processing practices, or issues related to your or a Child User’s information for which you are responsible should be directed to us via any of the following methods. As Age of Learning, Inc. and Age of Learning for Schools, Inc. are each located in the United States of America, we have appointed a representative in the European Union and APAC so that our European Users and Australian Users may easily contact us:
For Family Accounts:
Postal Address:
Age of Learning, Inc.
Attention: Legal Department
P.O. Box 230
Glendale, CA 91209
USA
Telephone Number: 1-800-633-3331
Email Address: privacy@aofl.com
For School Accounts:
Postal Address:
Age of Learning for Schools, Inc.
Attention: Legal Department
P.O. Box 230
Glendale, CA 91209
USA
Telephone Number: 1-800-633-3331
Email Address: privacy@aofls.com
European Representative:
Postal Address: Please see list below
Attention: DPR Group
Email Address: datainquiry@dpr.eu.com or through the online portal at http://www.dpr.eu.com/datarequest
APAC/Australian Representative:
Postal Address:
Age of Learning, Inc.
Attention: Legal Department
P.O. Box 230
Glendale, CA 91209
USA
Telephone Number: 1-800-633-3331
Email Address: privacy@aofl.com
We have appointed DPR Group as our Data Protection Representative in the European Union so that you can contact them directly in your home country. DPR Group has locations in each of the 28 EU countries, so that Age of Learning, Inc.’s customers can always raise the questions they want with them.
PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for ‘DPR Group’ and not ‘Age of Learning, Inc.’ or your inquiry may not reach us. Please refer clearly to Age of Learning, Inc. in your correspondence. On receiving your correspondence, the Company will likely request evidence of your identity, to ensure your personal data and information connected with it is not provided to anyone other than you. If you have any concerns over how DPR Group will handle the personal data they will require to undertake their services, please refer to their privacy notice at https://www.dpr.eu.com/legal-privacy.
DPR Postal Addresses
Austria | DPR Group, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria |
Belgium | DPR Group, Place de L’Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium |
Bulgaria | DPR Group, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria |
Croatia | DPR Group, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia |
Cyprus | DPR Group, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus |
Czech Republic | DPR Group, IQ Ostrava Ground floor, 28. rijna 3346/91, Ostrava-mesto, Moravska, Ostrava, Czech Republic |
Denmark | DPR Group, Lautruphøj 1-3, Ballerup, 2750, Denmark |
Estonia | DPR Group, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia |
Finland | DPR Group, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland |
France | DPR Group, 72 rue de Lessard, Rouen, 76100, France |
Germany | DPR Group, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany |
Greece | DPR Group, 24 Lagoumitzi str, Athens, 17671, Greece |
Hungary | DPR Group, EMKE Building, Rákóczi Út 42, Budapest, 1072, Hungary |
Ireland | DPR Group, Phoenix House, Monahan Road, Cork, T12 H1XY, Republic of Ireland |
Italy | DPR Group, BPM 335368, Via Roma 12, 10073 , Turin, Italy |
Latvia | DPR Group, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia |
Lithuania | DPR Group, 44A Gedimino Avenue, 01110 Vilnius, Lithuania |
Luxembourg | DPR Group, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg |
Malta | DPR Group, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta |
Netherlands | DPR Group, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands |
Poland | DPR Group, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland |
Portugal | DPR Group, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal |
Romania | DPR Group, World Trade Centre, Piata Montreal no 10, Entrance F, 1st Floor, Sector 1, Bucharest, 11469, Romania |
Slovakia | DPR Group, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia |
Slovenia | DPR Group, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia |
Spain | DPR Group, Puerta de las Naciones, Ribera del Loira 46, Madrid, 28042, Spain |
Sweden | DPR Group, S:t Johannesgatan 2, 4th floor, Malmo, SE – 211 46, Sweden |
United Kingdom | DPR Group, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom |