Date of last revision: January 2023
How we secure your Personal Data
Our mission is to help children form good money habits in a safe and secure environment. This means that your family’s privacy is important to us. Our privacy policy is an opportunity to be transparent with you about the personal data we collect, why we collect it, how we use it and how we protect it.
If after reading this privacy policy you still have questions, please don’t hesitate to contact us on privacy@edumentors.co.uk or write to our Data Protection Officer at Edumentors Ltd, 505 Pinner Road, Harrow, Middlesex, England, HA2 6EH, United Kingdom.
How do I consent to these terms?
By requesting access to or using our Services.
By requesting access to or using our Services, You (as defined below) are agreeing to this privacy policy and our collection, use and sharing of Your Personal Data (as defined below) under this privacy policy (which includes our cardholder terms and conditions, our website and application terms of use, and any other documents referenced in this privacy policy).
If You don’t agree to these policies and would rather stop using our Services, You can of course do so by writing to us at privacy@edumentors.co.uk.
We sometimes source Personal Data from reputable marketing services providers which we use for direct marketing, in pursuit of our legitimate interest to recruit new customers.
Who controls my Personal Data?
We do.
For the purpose of the relevant data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018, the company in charge of Your Personal Data (also known as the data controller) is Edumentors Ltd, registered with the UK Information Commissioner’s Office under the number ZB339778.
We use Stripe for our payment processing unless you requested to make a direct bank transfer. Stripe is a regulated financial services provider, therefore they collect your information in a secure and protected way. You can find their Privacy Policy here: https://stripe.com/en-gb-us/privacy
Who does this privacy policy apply to?
To any person, child or adult requesting access to or using our Services.
This privacy policy applies to children and adults who request, access or use our websites (including but not limited www.edumentors.com, www.edumentors.co.uk); applications for mobile phones or any other devices; communications, services and all related websites, data storage and tools regardless of how You access or use them (collectively, the “Services”), but excluding services that state that they are offered under a different privacy policy.
Am I still responsible for my child’s use of your Services?
Yes.
As a parent or guardian of a child who has signed up to use our Services (“You”):
What Personal Data do you collect and why?
We may collect Personal Data automatically, when You give it to us directly, or when we receive it from other sources. We do this to operate effectively and provide You with the best experience with our Services.
Personal Data means any information that can be used directly or indirectly to identify You or a member of Your family. We collect it to operate effectively and provide You with the best experience with our Services.
We may collect Personal Data automatically, when You give it to us directly, or when we receive it from other sources such as our partners (as set forth below) or social media accounts You choose to link to our Services.
The Personal Data we collect depends on the context of Your interactions with our Services, and the choices You make and may include the following:
Contact and identification information such as Your name and Your child’s name, Your phone number, email address, postal address, date of birth, identification document numbers, copies of identification documents (for example passport, driving licence, utility bills), personal description, social handles, photographs and other similar contact information.
Financial information such as the last four digits and expiry date of Your debit card number, bank account information, bank sort code, IBAN, payment reason, and other similar financial information;
Transaction information such as date, time, amount, IP address and other similar transaction information;
Demographic information such as Your or Your child’s name, last name, age, date of birth, gender, education, interests, nationality, country and other similar demographic information;
Security information such as passwords, password hints, security questions and answers and other similar security information;
Device and technical information such as IP address, unique device identifiers (such as the IMEI number for phones, the MAC address of the device’s wireless network interface), device functionality (browser type and version, operating system and platform, hardware used, browser plug-in types and versions) and other similar device and technical information;
Usage information such as the full uniform resource locators (URLs), information about page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), error reports and performance data (ie: details of the software or hardware related to an error, content of files You were using when an error occurred), troubleshooting and help data plus other similar usage information;
Location information such as Your device location which may include a street name and city or GPS- location, ISP or your mobile carrier, the URL of both the site You came from and the one you go to next and other similar location information. We use GPS technology and Your IP address to determine Your location - this may be used when the application is running in the foreground and the background of Your device;
Any other information You directly provide to us when filling out forms, corresponding with us (ie: email, WhatsApp, conversations with Member Services by phone or chat sessions), filling out surveys, providing us with feedback and product reviews and other similar information.
You have choices about the Personal Data we collect. So, when You are asked to provide us with Your Personal Data, You always have the right not to do so. Please note however that if You choose not to provide us with Your Personal Data when prompted, You may not be able to use our Services.
Do you use cookies?
Yes, we collect data through cookies and similar technologies.
Like all major websites, we use cookies and other similar technologies to provide You with a good experience when You use our website. It is always possible to block/opt out of cookies via your browser’s cookie settings that allows You to refuse the setting of all or some cookies. Please note however that if You do this You will not be able to use our Services properly. For example, You may need to enter information repeatedly, or You might not get personalised content that is meaningful to You as many of our functions are dependent on cookies. You can see more information about our Cookie Policy here: https://edumentors.co.uk/cookie-policy/
How do you use my Personal Data?
We use Your Personal Data to provide You with safer and more reliable Services
The Personal Data we collect from You is used for the following purposes:
To provide You with our Services: we use Your data to process Your account and authorise Your access to our Services, process Your payments and provide You with any other Services you request from us;
To communicate with You: we use Your data to share important news relating to our Services. We offer regular emails including newsletters to let You know about our Services. From time to time, we may also contact You to ask Your views on our Services, to fill out a survey, to send You marketing communications such as special offers and
To conduct research: we use Your data to conduct research for the further development and improvement of our Services. We also want to reassure You that should we sell Your data for research purposes, we will only do so if Your data is in aggregate format and we have a strong confidentiality agreement in place with the research entity (such as a university) that would allow us to have continuous oversight and approval of the use of Your aggregated data;
To deliver relevant advertising to You;
To help You: we use Your data to investigate and resolve complaints and services issues;
To improve the Services offered on our website and make them more secure: we use Your data so we can provide You with the most user-friendly navigation experience we can, and if we think it’s necessary, for security purposes or to investigate possible fraud
To comply with legal and/or regulatory requirements; and
To better understand our business: we use aggregate data to generate statistics about our users or the demographic distribution of visitors to our website. Note that aggregate is data combined from several measurements and doesn’t identify You.
Where do you store my Personal Data?
In the United Kingdom, but if we do transfer it outside of the United Kingdom we will make sure it is treated securely.
Your Personal Data is transferred to and stored at a destination inside the United Kingdom, and in accordance with strong data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018.
Please also know that Your Personal Data may also be transferred to, and stored at a destination outside of the United Kingdom. It may also be processed by staff operating outside of the United Kingdom who work for us or for one of our suppliers. Such staff may be engaged in the fulfilment of Your payment order, the processing of Your payment details and the provision of support services. By submitting Your Personal Data, You agree to this transfer, storing and processing at a location outside of the United Kingdom.
Should we transfer, store and process Your Personal Data at a location outside of the United Kingdom, we will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy, and data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018.
How long will You retain my Personal data?
Your Personal Data is yours, and it will not be retained by us for longer than necessary in relation to the purposes for which it was originally collected, or for which it was further processed.
You can always choose to close Your account by writing to us at info@edumentors.co.uk. If You choose to close Your account, Your Personal Data will generally stop being visible on our Services within 24h. Your Personal Data may continue to be displayed in the services of others until they refresh their cache.
We retain Your Personal Data after You have deleted Your account for the purposes for which it was originally collected, or for which it was further processed. If You want us to delete Your Personal Data completely, You can ask us to do so by writing to us on privacy@edumentors.co.uk.
We will then strive to delete Your Personal Data as soon as reasonably possible. Please note however that we may be required to retain some of Your Personal Data for up to five years to comply with legal obligations under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (SI 2017/692). For example, we may retain Your Personal Data to resolve future disputes, maintain security, or prevent fraud and abuse. We therefore use this retention requirement as a benchmark for all Personal Data that we receive from You. In order to not hold Your Personal Data for longer than is strictly necessary we will not hold any of Your Personal Data for more than six years after the termination of our business relationship.
How do you protect my Personal Data?
Your security matters, this is why we have advanced security systems in place.
We know that security is a major concern for You and Your family. To give you peace of mind we have advanced security systems in place. Please know however that although we do our best to protect Your Personal Data, we cannot guarantee the security of Your data during transmission of information via the internet, as any such transmission is at Your own risk. Once we have received Your Personal Data, we will use strict procedures and security features to do our best to prevent unauthorised access to Your data.
To protect Your and your family’s Personal Data we:
Use secure server software to store Your Personal Data;
Encrypt Your payment transactions;
Implement security safeguards designed to protect Your data such as HTTPS;
Use full login and security question controls on our systems;
Ensure that Your data, even when transferred to another country, is treated securely and in accordance with this privacy policy and data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018;
Restrict access of Your Personal Data to those of our employees who need to know Your Personal Data to do their job, and ensure that all our employees sign a confidentiality and data security clause as part of their terms of employment;
Follow tight security procedure, such as maintaining physical, electronic and procedural safeguards to protect Your Personal Data from unauthorised access as required under the UK data protection laws;
Continuously educate and train our employees about the importance of confidentiality and privacy of customer information;
Continuously monitor our systems for possible vulnerabilities and attacks; and
Regularly review and update our privacy controls and policy.
Can I also do something to protect my Personal Data?
Yes. Follow our quick tips below.
To keep Your information as secure as possible:
Will you share my Personal Data?
Yes, we may share Your Personal Data with Your consent or as necessary to provide You with the Services You have requested.
First of all, rest assured that we do not pass Your or Your family’s Personal Data to third parties for marketing purposes without Your permission.
We may however access and disclose Your Personal Data in the following circumstances:
What are my rights regarding my Personal Data?
Your Personal Data is Yours and You can always access it, edit or delete it. Just contact us to request this.
You can ask us to stop sending You promotional communications
We usually like to send our customers special promotional communications such as newsletters, special offers and updates that we think will be of interest to them. When You sign-up You will have the choice to receive promotional communications from us or not by clicking the opt-in button. That opt-in covers both you and the children that you add to your Edumentors account.What happens if my Personal Data is compromised?
We always strive to be transparent with You. So, if we notice that Your Personal Data is compromised, we will take the following responsive action:How can I explain this privacy policy to my child?
At Edumentors, we believe it’s important to teach children about online safety. Topics like data protection and safe browsing can seem complicated at first glance. To help our members stay safe online, we’ve created this simple guide that you may like to share with your family.Sounds straightforward enough, right? Well online data rights are just as simple. Let us walk you through it:
Right to information You have the right to know exactly what toy Edward is borrowing from you and how he is going to use or store it. Same goes for your data: you have the right to know what kind of data the company collects about you and how it stores and uses it.
Rights to access
You have the right to know what is being done with your toy: is someone else using it? Where is it stored? Has Edward borrowed something else that you may have not noticed, like your lock?
Same goes for your data: you have the right to know what data a company has borrowed, where it is being stored and if it is being shared with someone else. Just as you can ask Edward these questions at any time, you can ask a company too.
Right to rectification
You also have the right to ask Edward to stop using the toy the way you previously have allowed him to.
For example you could tell him to stop playing with it at home and only play with it in his bedroom. You can always ask a company to stop using your data the way you first allowed them to, and instruct them on the way you want them to use it.
Right to rectification
You also have the right to ask Edward to stop using the toy the way you previously have allowed him to.
For example you could tell him to stop playing with it at home and only play with it in his bedroom. You can always ask a company to stop using your data the way you first allowed them to, and instruct them on the way you want them to use it.
Right to erasure Imagine you no longer like the fact that Edward has your toy and want him to return it to you or throw it away and forget that he ever had your toy. You have the right to return your toy or throw it in the bin. Similarly, you have the right to request the company to delete your data and forget about you. However, bear in mind that they might still be required to keep some information in case they need to show it to the police or other authorities.
Right to object You can always ask a company to stop using your data the way you first allowed them to, and instruct them on how you want them to use it now. Maybe Edward misunderstood what he was allowed to do with the toy in the first place, and you want to re-instruct him. In the same way, you can also object to a company’s use of your data.
Right to erasure You can also ask Edward to stop using your toy just because you changed your mind, or because there is no good reason left for him to use it. To be clearer: imagine that Edward borrowed your toy to play at school today. There is no reason for him to keep it after that, right? Similarly with your data: if the data is no longer needed for the purpose for which a company collected it, then the company must stop using it. You can ask a company to stop using your data at any time.
Right to data portability Next, you can always ask Edward to give your toy back in the same condition you gave it to him originally. He must do so in a commonly accepted way, for example by delivering it to you on the next day, and not 10 years later. Same goes with your data: if you ask a company for your data they must provide you in the commonly used format.
Right to automated decision making Imagine you lend your toy to Edward, and when you try to find out what he is doing with it, you keep reaching his answering machine saying “Edward is unavailable to answer your call but he wanted to let you know that he took your toy to the neighbours”. That’s not nice, is it? When you lend something and something is not being done correctly, you must be able to discuss the issue with a real person, and you are entitled to an explanation. It’s not right if a machine makes all the decisions without giving you any say in the decision making, right? Similarly, with your data: if a company uses machines to make decisions about your data, they must make sure that you can talk to a human about it and be given an opportunity to challenge the decision.