PRIVACY POLICY: LYFTA IMMERSIVE LEARNING PLATFORM

Lyfta Oy (FINLAND/EU)

Business ID: 2761628-6

Lyfta Education Limited (UK)

Company ID: 12017215

UK address: 1 Chapel Street, Warwick, CV34 4HL, United Kingdom

Duly organised under laws of Finland and England

Updated: March 2023

Lyfta is an immersive learning platform intended primarily for educators and students from primary, secondary and special education schools. While gathering information about the people who use the Lyfta platform, our apps, platforms and related sites (collectively referred to as “Lyfta”), we take your privacy very seriously, and make every effort to safeguard your personal data. This privacy policy is intended to inform you of what information we collect, how this information is used and what steps we take to protect this information.

The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.

Our policy complies with the Data Protection Act 2018 accordingly incorporating the UK GDPR and EU GDPR (General Data Protection Regulation).

We also adhere to best practice guidance including PECR (Privacy & Electronic Communications Regulation) and ICO registered (Information Commissioner's Office) standards.

Key principles of GDPR:

Our privacy policy embodies the following key principles;

  1. Lawfulness, fairness and transparency
  2. Purpose limitation
  3. Data minimisation
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidence
  7. Accountability

Privacy policy sections

What information we collect

How we use this information

What we do to protect your privacy

What information we collect:

Personal information that you directly provide to us, which includes information you supply when you register an account with us and save items to your profile.

Personal information about usage of Lyfta platform, including time spent on each session.

Minors (usually school-aged children using the platform under supervision of teacher, parent, carer or another responsible adult) will go by a username on the platform. This is created by the responsible adult on their behalf and they may use their first name and last name, or any other name they give themselves by way of a username or nickname. We collect non-identifiable information on children’s usage patterns for product improvement purposes, but individual students cannot be identified or contacted from this information.

Non-personal information that's automatically gathered as you use Lyfta.com or our platform which includes tracking information for our site, tracking user behaviour on the Lyfta platform.

We use cookies, to help us understand what areas of the site are most useful and interesting to our audience, and to provide you with a better user experience.

When teachers, parents, carers and other adult users register an account with us, we ask for basic information such as email, name and password, and give you the option to provide other information. At times, you may be asked to provide additional information, such as payment details.

We collect tracking information for our site and platform. This type of information relates to how many views are associated with each session, and/or other areas of the site that automatically store non-personal information about the site’s usage, popularity or any positive or negative impact. We perform statistical analyses of users of the site, and their viewing and participation patterns, for product development purposes.

We may collect non-personal information about the computer, mobile device or other device you use to access Lyfta services, such as IP address, geolocation information, unique device identifiers, browser type, browser language and other transactional information.

We use non-personal information to help us understand how our audience views Lyfta.

We use various technologies and third party cookies, including Google Analytics, Google Tag Manager, Facebook Pixels and Twitter Pixels, to manage Lyfta.com and the Lyfta platform tracks use of the content we provide, including:

Standard web analytics information

Aggregated data about email click-through rates and video viewing

Information collected through HTML cookies, Flash cookies, web beacons, and similar technologies

Demographics and other details that are provided to Lyfta to help us customise the site based on your preferences

Cookies provide a mechanism for us to understand how you use the site over time so that we can provide you the best user experience according to your expressed preferences. We do not sell this information to any third party, but may provide information to partners that assist us in updating, managing or maintaining our websites.

We use cookies to customise your experience. We do not sell data collected from cookies to any third party, but may provide information to partners to help us update and maintain our website.

We may collect and use information about your location (such as your country) to provide a tailored, language-specific experience for your region, but we don’t collect any exact data of you or your device. You can change the settings on your computer or mobile device to prevent your location information from being shared with us. In case you wish to opt out of the tracking and cookies, please feel free to manage your settings on your browser in privacy, or select other ways to opt out so that the cookies and/or ad features are turned off.

We collect information about your location to provide you with the most localised experience possible, but never collect data from your device.

When required for billing purposes, we may store your name, address, telephone number, email address, and other identifiers that you may have provided.

Payment information is never taken by us or transferred to us either through our website or otherwise. At the point of payment, you are transferred to a secure page on the website of Stripe, or some other reputable payment service provider.

How we use this information

We use your information for limited purposes and do not sell it to any third parties. Specific uses are defined below.

We may use the information that we collect to fulfill your requests for services and information. For example, using your contact information to respond to your customer service requests, or to enable registration for one of our events.

We also use the information we collect to send email newsletters, or information about new products or training material or other content (if you have opted in for this information). We may also use the information that we collect to send you email communications, such as information about your account or changes to the site.

We only collect certain data about you, as detailed. Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe).

We may use the information that we collect to prevent illegal activities, to enforce the Lyfta.com Terms of Use, or as otherwise required by law.

Lyfta connects Google Analytics client ID data with Lyfta user ID data so that we can create a more personalised experience for users, even when not logged in.

In addition to the uses identified above, we may use the information that we collect for any other purposes disclosed to you at the time we collect your information or pursuant to your consent. For each purpose, separate permission is requested from you.

If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.

What we do to protect your privacy

To prevent unauthorised access, maintain data accuracy and ensure the appropriate use of information, we put in place commercially reasonable physical, technical and administrative controls to protect your information. Please note that no method of transmission over the internet is 100% secure.

Data security and protection: We ensure the security of any personal information we hold by using secure data storage technologies, software and hardware; and use precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement. We only use trusted systems and software who each have high standards of user privacy and security.

We do not knowingly collect personal information from children beyond a username chosen by their teacher, parent, carer or a responsible adult. If we learn that we have collected any personal information from a child without verifiable parental/carer consent, we will delete that information from our database as quickly as possible.

This privacy policy may be amended from time to time. When the policy is updated, the date of the last update will appear at the top of the privacy policy. If we make material changes, you will be notified here for a period of 60 days based on our last update.

You can request that your account be deactivated at any time by contacting us. To unsubscribe from our newsletters, click on the link at the bottom of a newsletter you have received. Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.

Your individual rights: under GDPR / UK (GDPR) are as follows:

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object; and
  • the right not to be subject to automated decision-making including profiling

We handle subject access requests in accordance with the GDPR.

Daniele Mercanti is our data protection officer (DPO) responsible for ensuring that our policy is followed.