Privacy
HIGHBROW PRIVACY POLICY
Introduction
"Company", "we", "us" and "our" means JoinHighbrow Limited and we are committed to protecting your privacy.
We are registered in the UK and our registered address is at PO Box 77176, London, United Kingdom, W6 6LY and our company registration number is 10389756.
For the purposes of data protection law, we are a data controller in respect of your personal data (as defined below). That means that we are responsible for ensuring that we use your personal data in compliance with data protection law.
This privacy policy applies to you if you are a user of Company's services, and a:
- child;
- parent or legal guardian of a child ("Parent(s)"); or
- video content licensor of the Company ("Content Provider(s)"),
(collectively referred to herein as "Users").
Please read this Privacy Policy carefully prior to your access to and / or use of the Company Service. "Company Service" means our branded audio-visual services, channels, features, content and/or applications made available via our website, mobile, and TV applications and any other means, method, technique or device (including third party content platforms) whether now known or hereafter. This therefore includes any and all Company branded applications, services and channels made available via the Company's own or partner (i.e. anyone the Company contracts with to make the Company-branded application or service available) platforms as well as your access to and / or use any of the domains managed by Company (including https://joinhighbrow.com).
This privacy notice sets out the basis on which any personal data about you that you provide to us, that we create, or that we obtain about you from other sources in connection with the Company Service, will be processed by us. "Personal data" means any information relating to you which we collect and use but does not include aggregate or anonymised information.
If you do not agree to the use of your personal data as described in this Privacy Policy and to abide by the Company's Terms of Service (the "Terms"), do not register, access or use the Company Service.
INFORMATION WE COLLECT
We are committed to protecting the privacy of children who use the Company Service. This privacy policy also applies to children's personal data we use and, for the purposes of this privacy policy, we consider a "child" to be any user who is of the age 15 or younger.
We do not knowingly collect or maintain personal data from children without verifiable parental consent. Such parental consent is obtained via the use of a credit card, debit card, or other online payment system that provides notification of each separate transaction to the account holder.
For accounts supported by verifiable parental consent, a child's profile will be set up by the Parent and we will not ask for more information in relation to a child than is reasonable, as described under point (a) below.
If you are 15 years old or younger, then please do not use or access the Company Service at any time or in any manner without your Parent's prior approval and registration. If we learn that personal data of children aged 15 years or younger has been collected without verified parental consent, then we will take the appropriate steps to delete this information and cancel the account.
We will collect and process the following personal data about you:
a. Registration Information
Information that users provide to us. The Company will collect and process information submitted by Users who are not children for registration purposes, such as your:
- full name;
- email address / username;
- password; and
- postal code
(collectively, the "Registration Data");
We do not collect personal contact information (such as full name, e-mail address, phone number or home address) from children and we generally do not ask for more personal data than is necessary for a child to use the Company Service.
Information that users provide to us and that we collect or generate about users. We may also obtain information that you submit, or that we collect, that is not Registration Data but necessary for the proper functioning of our Service, such as:
- the date regarding the start and end and the extent of your usage of the Company Service;
- your preferences;
- your browser;
- operating system;
- IP address;
- clickstream data; and
- unique device identifiers
- device information, including brand and model
(collectively, the "Demographic and Usage Data"). Demographic and Usage Data is generally non-identifying, but if we associate it with you as a specific and identifiable person, we treat it as personal data.
We will track the following information when children interact with the Company Service:
- which videos have been viewed, so we may generate progress reports and recommend relevant content;
- whether videos are viewed, unviewed or partially viewed; and
- the duration of videos viewed, for personalisation and revenue calculation purposes.
b. Social Media / Third Party Platforms
Information you choose to share. You may also choose to share your activity on other platforms, such as Facebook and Twitter. Please read the privacy policies of those platforms, because your activity published on those platforms will no longer be governed by our Privacy Policy.
Information you authorize us to collect. If you connect to or otherwise integrate with the Company Service using a third-party platform's credentials, you authorize us to collect your authentication information, such as your:
- username;
- encrypted access credentials; and
- other information that may be available on or through your account with such third party platform.
c. Information about your Computer or Device Collected by the Company
What are cookies / web beacons? "Cookies" are alphanumeric identifiers in the form of text files that are inserted and stored by your web browser on your hard drive. Web beacons, also known as pixel tags and clear GIFs, are electronic images that allow a website to access cookies and help track marketing campaigns and general usage patterns of visitors to those websites. Web beacons can recognize certain types of information, such as cookie numbers, time and date of a page view and a description of the page where the web beacons are placed. To make things simple we will just refer to "cookies" in relation to both cookies and web beacons.
How we use cookies. We may set and access cookies on your computer or mobile device to track and store information about your use of the Company Service. We may also gather information on a user's:
- Internet browser;
- operating system;
- IP address;
- date of visit;
- time of visit; and
- path taken through the Company Service.
We use cookies to count visitors and recognize visitors through cookies. We use cookie data to improve the performance of the Company Service and to personalize the experience of children, Parents and Content Providers when each visits the Company Service. We may also use cookie data for marketing purposes.
For more information on deleting or blocking cookies, please also visit: http://www.allaboutcookies.org.
Session and persistent cookies. We use both session cookies and persistent cookies. We use session cookies to make it easier for you to navigate Company Services. A session cookie expires when you close your browser or the application. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser's "help" file.
Consent. We do not collect cookies (except 'strictly necessary' cookies) without your prior consent. 'Strictly necessary' cookies are cookies which are necessarily required for the provision of our Company Service which you have requested. Where you have provided your consent for other types of cookies but then do not wish to receive these cookies, you may set your browser to reject cookies or to alert you when a cookie is placed on your device. If you set your browser to reject cookies, you may not be able to use all of the features and functionality of our Company Service.
Third party cookies.
- Stripe, our payment processor, sets cookies for the purposes of ensuring that their services function properly, detecting and preventing fraud, understanding how visitors use and engage with their site, and analysing and improving their services. Further information and opt-out details can be found at: https://stripe.com/cookies-policy/legal
- We sometimes display embedded images from Instagram, which may set cookies https://help.instagram.com/1896641480634370
d. Commercial Messaging; Information about your Computer or Device Collected by Third Parties
We do not currently but may in the future allow third parties to display commercial messaging on the Company Service. We and these third parties may use cookies to collect information about Users who view or interact with the commercial messaging. We, and/or the commercial messaging providers may use third party servers to serve, present and/or conduct research on the commercial messaging that appears on the Company Service. Any of these ad servers may collect Demographic and Usage Data. We cannot control the activities of such entities or websites. PLEASE NOTE THAT THIS POLICY DOES NOT COVER THE COLLECTION AND USE OF INFORMATION BY SUCH AD SERVERS.
e. Geographic Location
We automatically receive your IP address when you use the Company Service. This may be used to infer approximate location. Your IP address data will not be made public, but will be used by us internally for analytics and content distribution purposes.
f. Financial Information
Information that users provide. Your credit card information and other financial data that we need to process your payment are collected and stored by third party payment processors, and we may collect some limited information, such as:
- your postal code; and
- details of your transaction history.
These third parties also generally provide us with some limited information related to you, such as:
- a unique token that enables you to make additional purchases using the information they've stored; and
- your card's type, expiration date, and last four digits.
We suggest that you review our payment partner's terms and privacy policy to understand how they manage and protect your personal data.
CHANGING, UPDATING OR DELETING PERSONAL DATA
Parents. Parents may update their information provided to us relating to Registration Data within settings on the Company Service at any time.
Content Providers. Content Providers may change, update or delete limited information, including their password, payment information at any time. However, Content Providers may only modify their licensed content and other data in accordance with their license agreement with us and with our prior consent.
Information relating to children. Parents may update their child's profile (consisting of his or her first name, age / date of birth, foreign language learning preference and choice of avatar) at any time by changing profile settings on the Company Service.
- Children aged 15 years or younger cannot edit their profile without Parental assistance through the Parent section of the Company Service.
Revocation of Parent consent and/or the Review or Deletion of Personal Data over and above the dimensions addressable within settings can be done by contacting Highbrow at info@joinhighbrow.com.
Please see section 8 below (YOUR RIGHTS) for further details on how to make requests to the Company in relation to personal data.
USE OF PERSONAL DATA
We use and store your personal data in the following ways and for the following purposes:
- to identify you and to improve and customize the content you see via the Company Service, including but not limited to applying geo-filtering technologies;
- your personal data may also be aggregated and used by us for market research, project planning, business and operational development and improvement, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity, to enforce the Terms or any applicable rules, for other internal purposes, and as otherwise described to you at the time of collection;
- to analyze Company Service usage, improve or customize Company's Service, customize the Company Service's content, and as otherwise set forth in this Privacy Policy; and
- where you have provided necessary consents or we are otherwise permitted to do so, to contact you and deliver information to you that, in some cases, is targeted to your interests, such as administrative notices, product offerings, and communications relevant to your use of the Company Service.
Any personal data or content that you voluntarily disclose on public portions of the Company Service, if applicable (such as discussion boards and public profile pages) may become publicly available and collected and used by others. We are entitled to use your personal data in these ways because:
- processing is necessary for the performance of a contract we have entered into with you;
- we have legal and regulatory obligations that we have to discharge;
- we may need to in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
- you have provided your consent; or
- the use of your personal data as described is necessary for our legitimate business interests, as described above.
DISCLOSURE OF PERSONAL DATA
Except as expressly stated in this Privacy Policy, we will not share your personal data with any unrelated third parties without your consent. In addition, the following describes some of the ways that your personal data may be disclosed in the normal course of your use of the Company Service:
Profile. We may post certain information as a part of your user profile, which may be viewable by other Users and visitors to the Company Service, including, but not limited to, your username. We will not disclose your age, location, home address, email address, phone number, or full name in connection with your user profile.
External Service Providers. There are a number of separate services offered by third parties that may be complementary to your use of the Company Service, including but not limited to Content Providers' external websites and/or social media platforms. If you choose to use these separate services, such as sharing a link to a social media site or clicking on any link that diverts you from the Company Service, then their use of your information on such external website is governed by their privacy policy. Similarly, Content Providers' external websites and/or social media platform may contain links, including links to the Company Service. We do not make any representation or warranty with respect to any external website, its links or terms of service or privacy policies. With your consent, and for your convenience, we may provide some of your personal data to an external service provider offering such services. To prevent our disclosure of your personal data to an external service provider, you can decline such consent or simply not use their services. Because we do not control the privacy practices of these third parties, you should always evaluate third party practices, including reviewing their terms of service and privacy policy, before deciding to use their services.
Internal Service Providers. We may use third parties to facilitate or outsource one or more aspects of our business, products and Company Service, including but not limited to payment processing, and, therefore, Company may provide some of your personal data directly to these internal service providers. In some instances, the internal service provider may collect information directly from you. In these cases, you will be notified of the involvement of the internal service provider. If you provide additional information to an internal service provider directly, then their use of your personally identifiable information is governed by their applicable privacy policy.
We might also disclose your personal data in the following instances:
- if we sell any of our business or assets, in which case we may disclose your personal data to the prospective buyer for due diligence purposes;
- if we are acquired by a third party, in which case personal data held by us about you will be disclosed to the third party buyer; and
- to the extent required or otherwise permitted by law, for example if we are under a duty to disclose your personal data in order to comply with any legal obligation, establish, exercise or defend our legal rights.
TRANSFERS OF PERSONAL DATA OUTSIDE THE UK / EUROPEAN ECONOMIC AREA
The personal data that we collect from you may be transferred to, and stored at, a destination outside the UK or European Economic Area ("EEA"). It may also be processed by staff operating outside of the UK or EEA who work for our affiliates or for one of our suppliers.
Where we transfer your personal data outside the UK or EEA, we will ensure that it is protected in a manner that is consistent with how your personal data will be protected by us in the UK or EEA. This can be done in a number of ways, for instance:
- the country that we send the data to might be approved by the UK authorities and / or European Commission; or
- the recipient might have signed up to a contract based on "model contractual clauses" approved by the UK authorities and / or European Commission, obliging them to protect your personal data.
In other circumstances the law may permit us to otherwise transfer your personal data outside the UK or EEA. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law.
You can obtain more details of the protection given to your personal data when it is transferred outside the UK or EEA (including a copy of the standard data protection clauses which we have entered into with recipients of your personal data) by contacting us in accordance with the "Contacting us" section below.
RETENTION OF YOUR PERSONAL DATA
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
- the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
- legal obligations – laws or regulation may set a minimum period for which we have to keep your personal data.
YOUR RIGHTS
You have a number of legal rights in relation to the personal data that we hold about you. These rights include:
- the right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you;
- the right to withdraw your consent to our processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so;
- in some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;
- the right to request that we rectify your personal data if it is inaccurate or incomplete;
- the right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain it;
- the right to object to, and the right to request that we restrict, our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal data but we are legally entitled to continue processing your personal data and / or to refuse that request; and
- the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.
You can exercise your rights by contacting us using the details set out in the "Contacting us" section below.
You can find out more information about your rights by contacting the Information Commissioner's Office, or by searching their website at https://ico.org.uk/.
LINKS TO THIRD PARTIES
The Company Service may include links to third party websites, applications or services. Such links are not an endorsement by Company of those websites, applications and/or the products or services they offer. Third parties have different privacy policies, and we are not responsible for the privacy practices of such third parties. If you click on a link to a third party website, applications or service, we encourage you to check the applicable privacy policy, as it may differ substantially from that of this Privacy Policy. We make no representations or warranties nor are we responsible for the privacy policies of any third party. If you decide to access any third party links appearing on the Company Service, you do so at your own risk.
TRANSMISSIONS, SUBMISSIONS AND POSTINGS
We welcome the submission of comments, information and feedback regarding the Company Service. However, we do not want to receive certain kinds of information from you, including any sensitive, confidential or proprietary information, without our prior written consent. Although we do not regularly review your transmissions, submissions or postings, we reserve the right (but not the obligation), at our sole discretion and at any time, to edit, refuse to post or remove your transmissions, submissions or postings. You hereby acknowledge and agree that we may review transmissions, submissions or postings made by you to determine, in our sole discretion, your compliance with the Terms, this Privacy Policy, and that we shall have the unrestricted right to use such information for any purpose and without compensation to you.
CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy at any time. Updates to this Privacy Policy will be posted here. You are encouraged to revisit this Privacy Policy from time to time in order to review any changes that have been made.
CONTACTING US
If you have questions, comments, concerns or feedback regarding this Privacy Policy or the Terms of Service, please contact us via email at info@joinhighbrow.com.
Updated: July 30th, 2021