BrainPOP UK Ltd (“we” "our" “us”) is committed to remaining a trusted resource for both students and educators ("you" "your").
We recognise that privacy and online safety are important issues, so we design and operate our technology and services with your protection and privacy foremost in mind.
We are compliant with the General Data Protection Regulation (GDPR), which impacts the way organisations that process personal data from European Union customers handle privacy.
Who collects the data?
For the purposes of the Data Protection Laws, the data controller is BrainPOP UK ltd.
We are a limited liability company registered in England (06542669) and our registered office is at Thavies Inn House, 3-4 Holborn Circus, London, EC1N 2HA.
Our contact address is: BrainPOP UK Ltd, Unit 20 Kings Meadow, Osney Mead, Oxford, OX2 0DP
We are registered with the ICO to process your personal data and our registration number is Z321377X.
Any personal data we collect from you, with your permission, will be held and stored by us in our customer service and marketing systems.
The BrainPOP products
The terms of this policy are for data collected as part of providing a contract, service, and access to the our products, and communication to you when you opt in to our marketing and support processes.
Please note, as part of our account creation, subscription, and trial registration process, you are asked voluntarily to submit personal information in order to create your account (typically name, institution and address details, email address, job title, phone number, and payment information).
Where payment is processed via credit card, card numbers are not retained by us.
How we collect data
We may collect personal information that identifies you as an individual when you:
use one of our websites
place an order, request a free trial, or request a quote
sign up for a newsletter or any other product news
download a free resource
enter a competition
fill in a survey
sign up for an event or training e.g. a webinar
Contact us via email or phone
Connect to us through our social media channels like Twitter or Facebook
We will never sell or market directly to minors and if we can identify that a child has attempted to provide personally-identifiable information to us, that data will be deleted.
What data do we collect?
We want to make sure BrainPOP is the right product for you and your school.
We only collect or process your data when we have consent, are performing a contract with you (such as when you become a customer or user of our product), or when we have a legitimate interest.
We use ‘contract’ as the lawful basis for providing support to you as a user of our products, such as creating your BrainPOP account or notifying you of a renewal
We use ‘legitimate interest’ as lawful basis for the majority of our data processing such as when you fill out a form on our website to send us a message, or sign up to a free trial, or download a free resource
We use ‘consent’ as lawful basis when you sign up to be on a marketing distribution list
When we do collect data about you, it may be one of the following types:
Salutation, first and last name (so we know how to refer to you)
Email address (our main way to contact you)
Profile data (we want to send you communications that are relevant and useful to you as a professional. This helps us better support your needs and interests when we send you things like newsletters) such as:
Your job title (for example, if you’re a Science teacher we may send you different support than if you were a History teacher. We also may deal with different people in a school e.g. a bursar for financial matters, and it’s important to speak to the right people)
your activity on one of our websites, including the referring site and the pages you visit
professional interests and specialisms, or demographical information (for example, if you’re an early years teacher we may send you different support than if you were a secondary school teacher)
An alternate contact - we ask you when placing an order if you wish to voluntarily nominate a colleague to be your primary contact at your school. This is because orders are often placed by school admin staff who are not directly involved with the use of our products. This is to better support your account.
Telephone number (a secondary way to contact you)
Institution name and address; geographical location (to provide account services; and materials by post)
We will always ask if you would like to be added to a marketing distribution list to receive marketing communications that will hopefully be of interest. We will not send you marketing emails unless you specifically consent to receive them.
We will always balance our interest with your right to data privacy.
How we use the data
We retain your data for the purposes of providing you with access and support to the product or service you have requested
To monitor your usage of the Explore BrainPOP website to improve our communications and services
We track opens and clicks in emails we send so we can see if they are working as intended
We will never sell or license your personal information to third parties
You have the right to ask us not to process your personal data for marketing purposes, or withdraw that consent at any time. We will provide ways to do that on the forms we use to collect your data, provide an unsubscribe feature on our emails, or by you contacting us at email@example.com .
You can notify us and ask us to update or amend your data.
You can ask us to provide a copy of any personal data we hold about you.
We will not keep your personal information for any purpose for longer than is strictly necessary. We will retain your data until such time as we decide we no longer need it, or until you request to be unsubscribed or request erasion.
We reserve the right to disclose your personally identifiable information should it be required by law and, in the rare case, when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process.
EU-US Privacy Shield
BrainPOP UK Ltd is a subsidiary of BrainPOP LLC.
Your data may be transferred and stored outside the EU as part of our customer support and finance systems.
BrainPOP LLC participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. BrainPOP is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. https://www.privacyshield.gov/list
BrainPOP is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers it to a third party acting as an agent on its behalf. BrainPOP complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BrainPOP is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, BrainPOP may be required to disclose personal data in response to lawful requests by public authorities, including requests to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
We contract with a number of third parties to help us manage our prospects and customers. All our partners have been confirmed by us that they are GDPR compliant and where possible have engaged in data processing agreements. A list of third party sub processors is available on demand.
Changes to This Policy
Contact us about privacy
If you have any questions about this privacy statement, or our software and website practices, please contact us at firstname.lastname@example.org.
Contact for Data Protection Office and all GDPR related issues: email@example.com
EU-U.S. Privacy Shield Framework: Active; Original Certification Date: 10/17/2016; Next Certification Due Date: 2/8/2019
BrainPOP data requests firstname.lastname@example.org
If you wish to report a security breach, please contact us at email@example.com . In the case of a breach, the company must inform the relevant regulatory body (ICO in the UK) within 72 hours of finding out about it.