Grazer Privacy Policy
Grazer Learning Limited are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, directly or indirectly will be processed by us. Please read the following carefully to understand our views and practices regarding personal data and how we treat it.
For the purpose of Data Protection Laws (Data Protection Act 1998, its successor or its replacement in the United Kingdom, General Data Protection Regulation (GDPR 2016/679)) the data controller is Grazer Learning Limited.
We can be contacted by post at Grazer c/o Atticmedia. Work.Life, 20 Jerusalem Passage, London, EC1 V4JP,or by email at info@grazerlearning.com
Terminology
We want you to be happy when reading our Privacy Policy; a controller is the company who determines the means and purpose of the processing of personal data. In contrast a processor processes personal data on behalf of the controller. We are the controller of the data that we collect.
Who We Are And What We Do
Grazer is a social study aid to help learners and tutors manage their learning. It aggregates third party content and permits users to create activities to help each other learn.
Lawful Basis For Processing Personal Data
Our lawful basis for processing personal data is consent. Where consent is required for the processing of personal data we will provide the necessary consent mechanism before we process personal data.
We will also process personal data for compliance with a legal obligation. For example, where we need to hold personal data for statutory records or for the prevention and detection of fraud.
Where processing is necessary for the legitimate interest pursued by us or by a third party we will let you know.
Who Is Collecting Personal Data And How Is It Collected
- Our App can be directly used on various devices, for example, personal computer (PC), laptop, tablet and mobile devices, where personal data is uploaded in order to create an account with us and use our service.
- When you directly contact us through our App or directly by email we may process information about the interactions you have with us.
Types Of Information Collected
- When you register on our App, we will collect the following personal data; name, email, user name, IP address from the device you are using, online identifiers, location data.
- We will not collect “special categories” of data (sensitive data).
- When you visit our App, we may also collect and process information about your App usage (e.g. your history and information about your navigation through our App) using “cookies” and other similar technologies. You can find out more in our Cookies Policy at www.grazerlearning.com/cookiepolicy/
How Will Information Be Used
- When personal data is collected directly from our App, it will be used to; provide our service on the App, improve our online services, including format and content. Similarly, to administer our App and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes, as part of our efforts to keep our App safe and secure, to measure or understand the effectiveness of any advertising we serve to you and others, and to deliver relevant advertising to you;
- When you directly contact us, we will use personal data to carry out your transactions with us. For example, sending you information that you have requested.
Sharing Information
We share information with the following parties, so they can assist us in providing our services. Third parties including:
- Analytics and search engine providers that assist us in the improvement and optimisation of our App.
We will disclose your personal information to third parties:
- If Grazer Learning Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data to comply with any legal obligation, or in order to enforce or apply our terms and other agreements; or to protect the rights, property, or safety of Grazer Learning Limited, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Transferring Out of the EEA
We try to store personal data within the European Economic Area (EEA), but sometimes this is not possible, due to the cloud service providers we use.
- We use cloud providers to store our personal data, so personal data will be transferred to and stored at a destination outside of the European Economic Area (EEA).
- Where personal data is transferred outside of the EEA we will work with our cloud providers to ensure mechanisms are in place for the adequate protection of personal data as defined in Data Protection Laws. Mechanisms in place can be a combination of Privacy Shields (EU-US), (EU-SWISS), Standard data protection clauses adopted by the European Commission, standard data protection clauses adopted by a supervisory authority and approved by the Commission, approved code of conduct and approved certification mechanism.
Retention Period
- We will retain personal data in accordance with Data Protection Laws. In some cases, we will have a legal or statutory obligation to retain information for a set period. For example, for accounting records or for the prevention and detection of fraud.
Security Measures
- We have implemented security measures which are designed to help protect the data that we collect or receive in connection with our services from unauthorised access or disclosure. For example, we use but not limited to encryption techniques to ensure the security of data, password protection. However, no transmission or storage of data can be guaranteed to be completely secure and we therefore cannot ensure or warrant the security of any information we collect or store.
Your Rights
You have the following rights in relation to your personal data
- Amend/update/rectify: Where your details are incorrect or require updating for example, you have changed your email address, you have the right to have your details amended.
- Right to restrict processing
You have the right to restrict processing for example where information is inaccurate and needs to be rectified.
- Right to object to processing: You have the right to object to processing which is based on legitimate interest, direct marketing purposes (see Objections to marketing)or for scientific/historical research and statistics.
- Subject access: You have a right to ask us for information we may hold about you. This is free of charge and we aim to respond as quickly as possible. Where applicable, we will verify your identity. Where a request is deemed excessive we may charge a small fee.
- Portability: You may ask us for a item-copy of your information in a readable format so that you can use it for your own purposes or with your permission to transfer the information we hold on you to another service provider.
- Right to erasure: In certain circumstance you may ask us to delete your personal data. For example, when we have stopped processing your personal data, where you no longer require our services or where you withdraw consent.
- Objecting to direct marketing: You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. Where we have sent you marketing communications, you will be able to unsubscribe or opt-out of marketing at any time.
Withdrawing consent
Where we process personal data based on your consent, you will be able to withdraw consent as easily as you gave it. If you gave consent via our App or by email, you will be able to withdraw consent via the same medium.
Where we are the processor: Your rights
Where we act as the processor meaning where another party tells us how to process personal data, we shall cooperate with the controller to help fulfil the customer’s rights.
Profiling
Grazer does not currently utilise profiling.
Concerns And Complaints
We want you to be happy and we want to make things right. You can always contact us and we will do our best to resolve any concerns you may have.
You will also have the right to lodge a complaint with a supervisory authority. In accordance with Data Protection Laws, a data subject has the right to lodge a complaint with a supervisory authority in particular in the Member State of his or her habitual residence, place of work or of an alleged infringement of the GDPR. For the UK, this is the Information Commissioner’s Office (ICO).
Change Of Purpose
Where we intend to further process personal data for a purpose other than that for which the personal data was collected, we shall provide you prior to that further processing with information on that purpose and with any relevant further information.
Changes To Privacy Policy
If we change this Privacy Policy, we will let you know about the changes and by also publishing the updated version on our App. We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Privacy Policy.
Last updated: 18th September 2019