This document explains how the data we collect from you on the Got-A-Head®? website, our proposed Got-A-Head®? and related apps. It explains how we will use the data you provide. It will also tell you what you can do to examine your data, change it, or delete it from our system if you so wish.
At Got-A-Head®?, we are looking to change the worlds of education and creativity. We want to help people memorise more thoroughly, observe more closely,read more effectively and think more deeply. We want to help everyone think better, do better, feel better; so that people can lead more creative, fulfilling, and successful lives.
To do this, we have created sets of tools and techniques to help people, especially children and young people, improve their creativity and learning, and to generally help with their memory, observation, reading and thinking. The techniques are explained in our written products. We are developing software to support these techniques in the following spheres: personal, educational, higher educational and professional. Our primary focus, though, is the educational sphere.
Inevitably, in our data-drenched world, we will need to collect data to help our customers, and build communities of users to share best practice. We will collect data about you, our customers and community members, and, where appropriate, your children if you are purchasing our techniques for them or supporting them using our systems.
As parents ourselves, we at Got-A-Head®? realise how sensitive you will be about protecting and controlling your family’s data, particularly your children’s data. But more than that, we can only achieve our aims at Got-A-Head®? by gaining and keeping your trust. We believe that keeping your data private and ensuring you have the control over it that the law demands, and more, is critical to our success.
We are a British company, run from the UK. At the time of writing, the UK has left the European Union, and a four-month waiver period covering data transfers from the EU is in place. That is scheduled to come to an end at the end of April 2021. At that point, for data transfers to and from our customers in the |UK our actions will be governed by UK GDPR regulations, and for data transfers to and from our customers in the EEA we will be governed by EU GDPR regulations. We will apply a similar policy to data protection regulations to customers in other countries from whom we collect data, or to whom we transfer data.
We very much hope you will find our tools, techniques and systems interesting, useful and rewarding, and our website, documentation and applications helpful and easy to use.
Mark Lawrence, Technical Director
2. How Do We Communicate With Each Other?
2.1 How do you communicate with us?
You can communicate with us through three mechanisms.
Always, whether you are a member of our community or not, you can e-mail us at email@example.com
If you are a member of our community, you can tell us how you want us to communicate with you on your preferences page.
As a member, we would be very pleased for you to read and comment on all our blogs and share your views and opinions with others in our community.
Please also respond to our posts on our Facebook group and our tweets on our Twitter feed.
2.2 How do we communicate with you?
Our business is to encourage all people to stretch their minds, and improve how they think, remember, observe and read. Our emphasis is to improve how people learn, so this will particularly apply to those in full-time education. Many in full-time education are, of course, children, so we will want to communicate with their parents as well. We aim to do this through our web site, e-mail and through our applications.
More than that, we want to create a community and to encourage interest not just in Got-A-Head®?, but generally in using our minds more effectively. To do this, we aim to use a variety of social media methods, primarily Facebook, Twitter, e-mail and the blog pages on our website.
We want to set up a set of customer ‘Zones’, a Family Zone, Education Zone, Student Zone and Professional Zone where our users can share tips and techniques on using our systems and improving their memorisation, observation, reading and thinking more generally.
We also aim to have a LinkedIn site. This will be mainly for commercial recruitment purposes and communication with investors and other stakeholders in our business and organisation rather than communicating with members and other people interested in what we do, our community at large.
3 Who is collecting the data?
The Got-A-Head®? website, apps and all downloadable branded Got-A-Head®? materials are produced by, belong to and are administered by a company called the Query Tree UK Ltd. That is the organisation collecting your data when you sign up to our website. The Query Tree contact details are those on the Got-A-Head®? website, so by contacting Got-A-Head®? you will be contacting the company behind it.
4 What data is being collected?
4.1 Data Collected on Visitors to Our Site
If you simply browse our site as a visitor we keep no data identifying you as you, although your visit does contribute to the statistics we collect about the use of our website or apps. This will include what pages were accessed, whether you downloaded any documents, how you navigated around our site or apps, what browser, or app you used to reach us, things like the screen resolution, language and keyboard settings, what device and operating system it was running on and the internet service provider through which you arrived.
4.2 Data Collected on Members and Subscribers
When you have become a member or a subscriber, we obviously have to be able to identify you to grant you access to what you have signed up for or purchased. To do that we will need to collect personal information such as contact details (e.g. e-mail address or phone numbers). If you buy from us or become a subscriber, we will collect billing details (name, physical billing address, payment method and transaction details). If you are logged in, we may link you with the data we collect about all visitors and, with your permission, things like your geographical location and your device’s unique identifier. If you log in through third-party accounts, we will obviously need to collect your e-mail or username so you can connect through a PayPal, Google or Facebook account.
If, as a member or subscriber, you use any of our social media options to comment on blogs or correspond with other members we will obviously collect that information. This may include text, images, video and audio or combinations of the same. . As stated at the moment, all of this information is held by Wix; who are, to the best of our knowledge, fully GDPR compliant in the UK and the EEA.
4.3 App and System Users and Other Users of our Teaching Applications
Our primary purpose is to teach and practise our techniques in our four areas of memory, thinking, observation and reading and then support people using those skills in the real world. To support this and improve on what we do, we are going to collect data on how people use our systems and techniques, both through our software and in other ways. Our aim in all this is to improve what we do and improve the utility of the techniques we have developed for our customers.
5 How do we collect this data?
We collect data in two ways, passively (from your point of view) by monitoring your activities on our website and actively where you give us information. In both circumstances, this information is made accessible and stored by our website provider Wix.com.
When we start to release our thinking and creativity applications and systems, and our customer zones, these may be independently hosted. The likelihood is that these products will be designed by third parties to our design, be run on infrastructure provided by third parties, and will record information stored in databases sitting in “the cloud”. Your data will be encrypted as appropriate in order to protect your details. We will update this privacy and data protection policy document to reflect this extension to our activities and will also link to the policies of our various service providers. Furthermore, we would aim to structure our data to make it straightforward to remove details that identify you as you, and so delete, or at worst anonymise, any data relating to you, in however obscure a manner, on demand.
In particular, when we sell our applications and learning systems into the EEA, we aim to appoint a representative in the EEA to act as our point of contact for all EEA GDPR enquiries.
5.2 Collecting Data Through Your Use of Our Website and Apps
As you journey around our website, we collect information about how you use our website and apps.
5.3 Collecting Data That You Give to Us
Obviously, the other way we collect data is when you actively upload it to us. We collect identification data when you log in, your comments from your postings and the information you give us to obtain services from us, as well as how you browse our merchandise and what you buy from us.
6 Will the data be shared with any third parties?
As a matter of policy, we do not intend to sell your data to third parties without your express consent. We do not intend to share your data with third parties except to allow us to conduct our primary mission of teaching skills in memorisation, thinking, observation and reading and of enhancing its value to the learner and their family.
That said, we have to share your data with some third parties.
Part of what we are trying to do is build a community of parents, and children, but also people interested in helping with our goal of improving how our children make best use of their heads. Inevitably, this means putting people in touch with each other, and passing on ideas, suggestions or products that may be of interest. Clearly, we have to strike a balance here. We are not setting out to run a marketplace, but we do wish to grow a community and help people. We will do our best to allow you to choose what you believe is a happy medium in this respect.
If you upload information to us for viewing by other members and subscribers, e.g. blog posts, that information will obviously be shared with them.
If you provide payment information to purchase subscriptions or downloads from our site, we have to share that information with your payment provider.
As a business, we must keep books of account and submit various tax returns and company accounts. We will therefore be sharing transaction information with our accountants, our auditors and the UK tax and company business administration authorities, as required.
We may have to pass information on to the relevant authorities in the UK if a court order has been obtained requiring us to do so. Similarly, we will operate as required by the authorities in countries where we sell our products and services.
If a situation comes to our attention where we have strong reasons to believe that criminal activity is taking place through our site or applications, then we will inform the authorities. We will also do this if we believe there are serious risks being posed to the heath or wellbeing of our learners and have not been able to contact their parents or guardians, or teachers, as appropriate, and believe that such a contact would not solve an urgent situation. This is not a step we would plan to take in anything but the most extreme and worrying circumstances. We are particularly sensitive about this as many of our learners are likely to be children.
7 How will the information be used?
There are four types of information we collect
7.1 Website and App Use Information
We use this in two manners. We aggregate our users’ data together to allow us to understand how you use our websites and our apps in order to improve how we structure our websites, apps and other services.
We look at individual use of our websites and apps in order to examine your individual preferences and to see if we can suggest things that might be of interest to you.
7.2 Your Personal Profile Information
This information is used to identify you when you log in, to give you a personal identification when you comment on our blogs or upload any information on to our site. Lastly, and most importantly, we will use it, particularly your e-mail address, to contact you. We will give you a range of options that you may opt into to receive newsletters, advice about new things available on our website that might interest you and notifications when we have information to share with you about your child’s performance.
7.3 Your Billing and Purchase Information
Obviously, we will use billing information to allow you to pay for purchases from us. We will use your purchase information to see how we can provide a better service to you, both in terms of product offerings, but also in terms of what articles or blogs may be of interest.
On a more prosaic note, we will need to use your transaction information to keep our accounts up to date and aggregate for our VAT returns and annual statements of account.
7.4 Information You Upload To Share With Our Community
Information you upload on to our website to share with the wider Got-A-Head®? community will, as you would expect, be shared. We will vet uploaded information to make sure it is appropriate and polite to other members, subscribers and Got-A-Head? employees. In the interests of debate, we have no intention of censoring opinions we do not agree with, but obviously reserve the right to vigorously defend our position. We will also automatically examine posted information to see what topics you are particularly interested in so we can make suggestions to you.
7.5 Information Acquired Through Our Customers’ Use of Our Applications
We intend to develop applications that will help our customers use our techniques in their daily lives as pupils, students, teachers, and professionals when creating and learning. Much of our techniques, and thus the applications supporting them will require the sharing of data between individuals in order to maximise the effectiveness of their learning and creativity. Shared data will inevitably be stored on servers, most likely owned by third parties, and processed by software developed at least in part for Got-A-Head®? Inevitably, data will be shared between users with the agreement of the individual and our customers; for example, between teacher and pupil or between work colleagues working on a creative project. In addition, we will look to analyse common patterns of work, anonymising the source with the aim of providing better examples, alternatives and ideas to our customers.
8 How long will the data be stored for?
How long we store data depends on the type of data.
8.1 Website and App Use Information
We aim to store this for the lifetime of the website and apps concerned. We would destroy it once those websites and apps are decommissioned.
8.2 Your Personal Profile Information
This will exist from you signing up as a member of our community to the time you decide to cease being a member.
8.3 Your Billing and Purchase Information
For simple purchases, this will only be retained in order to execute the purchase you have requested. If you are a subscriber, we may retain the details, if you permit us to do so, in order to process regular payments of your subscription.
8.4 Information You Upload To Share With Our Community
The data will be retained on the site for the benefit of other members. However, we will delete your data if you so wish.
8.5 Application Use Information
This will be retained indefinitely. However, we will anonymise it on request.
9 What Rights do You Have Over Your Data?
The GDPR in both the UK and the EEA jurisdictions gives you specific rights over your data.
The right to be informed – being told what data we hold about you and what we do with it.
The right of access – being able to request a copy of the data we hold about you.
The right to rectification – being able to have inaccurate data corrected.
The right to erasure – being able to ask us to delete / destroy your data.
The right to restrict processing – being able to limit the amount or type of data used.
The right to data portability – requesting to move your data electronically to another business.
In practice, your rights apply practically and straightforwardly to data you supply to us, or that we collect as you use our systems, which exist in human-readable form. This would include all your personal profile information, your e-mail, and other contact details, as well as your billing information. This would be subject to our obligations as a business to the tax and company administration authorities.
Where they are held in a form that is not easily interpretable by a human being or not easily rendered intelligible, we cannot usefully give you access or offer rectification, nor really offer portability. What we can support are your rights to erasure or restrict processing. We will do this by anonymizing this data on request. In other words, we will destroy the links between this data and the records that identify you as a user of our system. This will dissociate it from you in such a way that it will be impossible to re-associate it with you. Obviously, this would mean that if you or your child wishes to carry on learning using our systems they would have to start from scratch.
10 How Can You Raise a Complaint?
Please get in contact with us via e-mail at firstname.lastname@example.org or see our contact details on our website got-a-head.com. We have a duty under the GDPR regulations to process your request within one month, but our intention is to process your request as quickly as we possibly can.