THE PURPOSE FOR PROCESSING THE PERSONAL DATA
Moomin Language School is an online service (“Service”) designed for children for learning foreign languages. The Service is developed and owned by Playvation Ltd. (“us”, “we” or “our”). Our Service includes a mobile learning application (“Mobile Application”), websites (“Websites”) and web applications (“Web Applications”) at domain names moominls.com and playvation.com. The Mobile Application and Web Applications are herein commonly referred as Applications.
We are committed to protecting our users’ (“Users”) privacy. This page informs you of our policies regarding the collection, use and disclosure of personal data when you or a child under your legal guardianship (“you” or “your”) use our Service.
Your personal data or personal information (“Personal Data”) refers to all information that we collect and record in electronic or physical format that could, with reasonable effort, be used to identify an individual.
CONTENT OF THE REGISTER AND REGULAR SOURCES OF THE INFORMATION
We collect Personal Information in two ways: information that you provide to us directly, and information that we collect automatically when you use our Service.
The information that you provide to us directly could be used by us to identify you as an individual. This information is collected and updated when you create or update your user account. This type of personally identifying information includes your email address, name, photo and country of residence. Please note that the information that you provide to us directly could also be combined by us with non-public information that our other Users have provided to us to construct Personal Data. We do not sell Personal Data to anyone. We may disclose Personal Data to our contractors and sub-contractors for purpose of developing and/or providing the Service, provided that they have signed a confidentiality agreement with us, effectively obligating them to treat Personal Data as confidential information. Also, you can always refuse to provide us with personally identifying information with the caveat that it may prevent you from using some features of our Service.
The information that we collect automatically refers to information that our Applications and your web browser send us automatically, without your direct and explicit submission. This information is by nature primarily of the non-personally identifying type.
The personally identifying data that your web browser automatically sends us whenever you use our Service is your device’s public Internet Protocol (“IP”) address. Non-personally identifying information that your web browser sends us include information such as your browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, cookies and other statistics.
When you access the Service using our Applications, we collect certain non-personally identifying information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique device ID, your operating system and other statistics. Personally identifying data that our Applications send us automatically is limited to your public IP address.
Whenever you use our Mobile Application to access our Service, we also collect User-specific, learning process related information. This information may include any and all information received by our Mobile Application from input devices through the operating system. These input devices may include but are not limited to touch screen, keyboard, mouse or microphone. The learning process related information will be used for providing and developing the Service, as well as for visualizing Users’ learning progress in its original and processed format.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s mass storage.
INFORMATION COLLECTED FROM CHILDREN
Our Service does not contact directly anyone under the age of sixteen (16) (“Child” or “Children”) without the consent of a parent or legal guardian.
We do require personal data from Children under the age of sixteen (16). If you are a parent or guardian and you are aware that your Child or Service Provider has provided us with personal data without your consent, please contact us. If we become aware that we have collected personal data from Children under the age of sixteen (16) without verification of parental consent, we shall take immediate steps to remove that data from our servers.
COMMUNICATION AND DIRECT MARKETING
We may use Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by contacting us.
REGULAR DESTINATIONS OF PERSONAL DATA AND INTERNATIONAL TRANSFER
Your information, including Personal Data, may be transferred to — and maintained on — our database servers located outside of your state, province, country or other governmental jurisdiction, where the data protection laws may differ from those in your jurisdiction.
If you are located outside the European Economic Area and choose to submit personally identifying data to us, please note that we transfer the data, including Personal Data, to our database servers located in the European Economic Area and process it there.
Personal Data shall not in any case be transferred to database servers outside the European Economic Area.
THE PRINCIPLES HOW THE DATA TRANSFER AND STORAGE IS SECURED
The security of Personal Data is important to us, but remember that no method of transmission over the Internet, or method of storage is 100% secure.
Your Personal Data is encrypted in transit and at rest. All interactions between Our servers and Applications use the Transport Layer Security/Secure Sockets Layer (TLS/SSL) protocol. Our web and database servers are maintained by skilled IT professionals and are regularly updated.
All paper copies, if any, containing personal information are stored in restricted areas in locked archives. Paper copies are shredded or burned before being disposed.
THE RIGHT TO ACCESS PERSONAL DATA AND RIGHT TO CORRECT PERSONAL DATA
You have the right to deny Personal Data’s processing for direct marketing, distance selling, opinion polls and/or market research. You have the right to demand the correction of incorrect or incomplete data by notifying our data controller who is in charge of what information is collected and how it is used (“Data Controller”). You can find the Date Controller’s contact information below.
You have the right to access the personal data stored on our servers (“Data Subject Request”). The Data Subject Request must be signed, in writing and sent to the Data Controller. The Data Subject Request may also be presented in person at the Data Controller’s registered headquarters. The identity of the individual presenting the Data Subject Request shall be verified. The Personal Data shall be provided to the requester within sixty (60) days from receipt of the Data Subject Request.
DELETION OF PERSONAL DATA
The Personal Data will be permanently deleted one (1) calendar month after the deletion of your user account.
Some personal data may, however, be stored beyond the one (1) month period. Such data comprises of your billing information. This type of data shall be stored until all accounts are settled.
Non-personal data collected from you may be stored indefinitely. This data shall, however, be permanently anonymised in such a way that you personally cannot be identified from the data.
PROVISION OF PERSONAL DATA AND CONSEQUENCES OF NOT PROVIDING PERSONAL DATA
THE RIGHT TO NOTIFY THE SUPERVISORY AUTHORITY
If you notice failures or errors on our behalf with respect to the processing of Personal Data, we request that you contact us immediately.
You have the right to contact the local data protection authority in the European Economic Area. The local data protection authority in Finland is currently the Data Protection Ombudsman (Finnish: tietosuojavaltuutettu).
THIRD-PARTIES' PRIVACY POLICIES
We have no control over, and assume no responsibility for the privacy policies or practices of any third-party services or sites.
Written inquiries can be sent to:
2018-01-15 Updated company’s contact information.
2018-02-06 Clarified the disclosure terms of personal data to third parties.
2018-05-25 Effectual legislation updated.
2018-06-05 Updated content of the register and regular sources of the information.