Privacy Policy

FamJam is a product developed by the EdTech company NXTLVL Education Ltd ("we", “us”), and is committed to protecting and respecting your privacy. The FamJam app (available on the AppStore) is designed to help parents foster meaningful and enjoyable connections with their children through a variety of activities, from engaging interactive games to stimulating developmental challenges such as debates and brain-teasing conundrums. At FamJam we prioritize safety and respect your privacy.
‍
This Privacy and Cookies Policy (“Policy”) applies to our app users and subscribers. It explains how we collect and use your personal data, including the processing of voice and video recordings for activity and development purposes.

The Policy explains how we collect your personal data and why we are allowed to do so (on what legal basis), how personal data provided by children between 6 – 13 years (whose parent’s or guardian’s consent we need) and teenagers up to the age of 18 years (“Children”) will be used by us, and the cookies on our App. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 the Data Controller is NXTLVL Education Ltd.

FamJam is designed for parents and children. By using FamJam, you agree to the terms outlined in this Policy. We will only collect information that is necessary for us to provide you with our services. If we do not need the information, then we will only collect it if you agree (consent). However, if certain information is necessary but you do not want us to collect it, unfortunately we will not be able to provide the services to you. We will flag this to you in each case.

“You” means a parent or guardian, or child.
‍

OUR APPOINTED REPRESENTATIVE IN THE EUROPEAN ECONOMIC AREA (EEA)

If you are in the United Kingdom, you may address privacy-related inquiries to our UK representative pursuant to Article 27 GDPR:
Attn: NXTLVL (FamJam), Building 423 - Sky View (Ro), Argosy Road, England, DE74 2SA, United Kingdom.

If you are in the European Union/ EEA, you may address privacy-related inquiries to our EU representative pursuant to Article 27 GDPR:
Attn: NXTLVL (FamJam), 5th floor, Zan Moreas 40, 11745, Athens, Greece

‍1. YOUR PERSONAL INFORMATION
Information we collect and use
‍We collect and use some or all of the following types of information from you when you use the App or when we provide our services:

Information that you provide by filling in the subscription form.
Information you provide when you report a problem with the App or our services.
Personal details for a parent or guardian such as first name, last name, email address, country of location or residence, time zone, language or any other information input when using the App or our services.
Personal details for a child such as first name, last name, date of birth, age, gender, country of location or residence, native language or any other information input when using the App or our services.
Information on your FamJam dashboard: the child’s and parent or guardian’s personal information, the child’s progress record, the child’s personalised feedback, and the child’s personal targets.
Video and voice recordings of the parent or child from each session used for evaluating progress and providing feedback.
Financial and billing information e.g. your invoices and payment receipts/confirmation (but not your credit or debit card details).
If you contact us, we may keep a record of that correspondence including your email address.
We may also ask a parent or guardian to complete surveys that we use for research purposes, although you do not have to respond to them.
Technical information such as details of your visits to the App including, IP address, traffic data, weblogs and other communication data, and the resources that you access.
Device type, browser type, and language.
We do not collect any special categories of data about you (i.e. information about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

This App may include links to third-party websites, plug-ins (such as our payment provider) and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our App, we encourage you to read the privacy policy of every website you visit.

‍2. USES MADE OF YOUR INFORMATION
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and the reasons to do so. We have also provided reasons why collecting certain information is important for us.Note that we may process your personal data for more than one reason depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific reason we are relying on to use your personal data if this is not provided below.
‍

Reason for using your personal data and why we are allowed to do so
‍

To register you as a new customer

Parent or guardian’s details and child’s details
‍

Performance of a contract with you i.e. so that we can provide you with our services

To personalize activities.

Type of data

Video and voice recording
‍

To analyze voice and video interactions to personalize activities and improve user experience.

Providing you with feedback from your session

Video and voice recording

To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking a parent or guardian to leave a review, testimonial or take a survey
‍

Parent or guardian’s first name, last name, email address

(a) Performance of a contract with you i.e. so that we can provide you with our services;
(b) Necessary to comply with a legal obligation i.e. we are required to do so by law;
(c) Necessary for our legitimate interests i.e. to keep our records updated and to study how customers use our products/services
‍

To administer and protect our business and this App (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

First name, last name, email address, technical information

(a) Necessary for our legitimate interests i.e. for running our business, provision of administration and IT services, network security, to prevent fraud and for the growth or improvement of our business;
(b) Necessary to comply with a legal obligation i.e. we are required to do so by law
‍

To use data analytics to improve our App, products/services, customer relationships and experiences

Technical information

Necessary for our legitimate interests i.e. to define types of customers for our products and services, to keep our App updated and relevant, to develop our business
‍

To make suggestions and recommendations to a parent or guardian about goods or services that may be of interest to them or the child

Parent or guardian’s first name, last name, email address and marketing preferences

Necessary for our legitimate interests i.e. to develop our products/services and grow our business)
‍

Purpose/Activity

a) Performance of a contract with you i.e. so that we can provide you with our services;
b) Necessary for our legitimate interests i.e. improve our services according to your needs

‍
‍Change of purpose
We will only use your personal data for the reasons for which we collected it, unless we reasonably think that we need to use it for another reason and that reason is very similar to the original reason. If you wish to get an explanation as to how using the personal data for the new reason is closely related with the original reason, please contact us. If we need to use your personal data for an unrelated reason, we will tell you and we will explain the reason which allows us to do so.
‍
Please note that we may use your personal data without your knowledge or consent, as we have explained in the table, where this is required or permitted by law.

‍Marketing
In addition to the above uses we may use a parent or guardian’s information (and, where a parent or guardian has consented, permit selected third parties to use your information), to notify a parent or guardian about goods or services which may be of interest to you. Where we do this, we will contact the parent or guardian by electronic means (e-mail or SMS) only if the parent or guardian has consented to such communication. If a parent or guardian does not want us to use your data in this way, please either (i) tick the relevant box situated on the form on which we collect your data (for example, the registration form); (ii) unsubscribe from our electronic communications using the method indicated in the relevant communication; or (iii) inform us at any time by contacting us at the contact details set out below.
‍
For Children, we will not contact you for marketing, but we may contact your parent or guardian.

3. SHARING YOUR INFORMATION WITH OTHERS
We normally share your personal data with our third party service providers, agents, subcontractors and other associated organisations to complete tasks and provide services to you on our behalf (e.g. to host our servers).
‍
We utilize OpenAI's application program interface ("API") to power the AI functionality of our services. For more information on how OpenAI handles data, please refer to their Privacy Policy at https://openai.com/policies/privacy-policy. We are committed to ensuring that the use of OpenAI's API aligns with applicable data protection laws and regulations. We have opted OUT of sharing data with OpenAI to train models. OpenAI will not use data submitted by our users via our API to train or improve our models, unless you explicitly decide to share your data with us for this purpose. You can opt-in to share data. Any data sent through the API will be retained for abuse and misuse monitoring purposes for a maximum of 30 days, after which it will be deleted (unless otherwise required by law).

We may share your personal data with any member of our corporate group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable). We will not share recordings of you unless we have been in touch to discuss this with you and you have agreed to it.
‍
We may also share your personal data with third parties:

in the event that we sell or buy any business or assets, in which case we may share your personal data to the prospective seller or buyer of such business or assets; or
if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets; or
if we are under a duty to share your personal data in order to comply with any legal obligation, or in order to enforce or apply our App Terms and Conditions or Consumer Terms of Service; or
to protect our rights, property, or safety or that of our affiliated entities and our users and any third party we interact with to provide the App.

We may share a parent or guardian’s contact details in relation to selected third parties only, only where the parent or guardian has consented to such selected third parties informing them about certain goods or services, which may be of interest to you / them.

‍

Except as explained and if necessary in order for us to carry out our obligations arising from any contracts entered into between you and us, we will not share your data with third parties unless we have asked you and you have given your express agreement to do so.

‍

Security

We take appropriate measures to ensure that any personal data you provide us is kept safely, including security measures to prevent personal data from being accidentally lost, or used or accessed in any way that is not allowed. We only give access to your personal data to those who have a genuine business need to know it. Those using your information will do so only in a way allowed by us and they will not share your information with anyone else except as we have described in section 3. Where we have given you (or where you have chosen) a password to log into your NXTLVL dashboard, you promise to keep this password safe and not share it with anyone else.

We also have plans in place to deal with any potential accident or incident which could lead to your personal information being accessed by someone who is not allowed to do so. We will tell you and any applicable regulator of a suspected data security breach where we have to do so by law.

‍

Unfortunately, the transmission of information via the internet is not completely secure or safe. Although we will do our best to protect your personal data, we cannot promise the security of your data shared to the App; any personal data you give us is at your own risk. Once we have received your information, we will use strict procedures and security features to try to keep the data safe.

The App may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and that we do not accept any responsibility or liability for these policies and terms of use. Please check these policies before you submit any personal data to these websites.

‍

Keeping your personal data up to date

If your personal details change you may update them on the NXTLVL dashboard, or by contacting us using the contact details below. If you have any questions about how we use data collected which relates to you, please contact us by sending a request by email to the contact details below.

If you ask us to update your personal data, we will do our best to update your personal data within 14 days of any new or updated personal data being provided to us, so that the personal data we hold about you is as accurate and up to date as possible.

‍

How long we keep your personal data

We will hold names, addresses, email addresses and contact details for as long as you are subscribed to our services and for the period we are required to retain this information by applicable UK tax law (currently 6 years).
We do not hold on to any personal data collected when you use our chat rooms or social features.
If you contact us to find out more about our services. We only hold on to your name, email address and contact details for up to one year.

Where we store your personal data

All information we hold about you is stored on AWS Data Centres (London Region), Google Drive secure servers within the EEA.

‍

We will let you know if the data that we collect from you will be sent to or stored at a destination outside the United Kingdom and/or the European Economic Area ("EEA").

‍

If we send your personal data to a country that does not have good enough safety rules in the view of the authorities in the United Kingdom and/or EEA, we will have agreements with standard contractual clauses approved by the United Kingdom’s Information Commissioner’s Office and/or the EU Commission and any other appropriate safeguards which may be needed for sending and keeping the data safely.

‍

If you would like further information, please contact us (see ‘Contact’ below).

‍

5. YOUR RIGHTS

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

‍

access to your personal data and to certain other supplementary information that this Policy is already designed to address
require us to correct any mistakes in your information which we hold
require the erasure of personal data concerning you in certain situations
receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
object at any time to processing of personal data concerning you for direct marketing
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
object in certain other situations to our continued processing of your personal data
otherwise restrict our processing of youfr personal data in certain circumstances
claim compensation for damages caused by our breach of any data protection laws.

For further information on each of those rights, including when they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

‍

email, call or write to us using the details below;
let us have enough information about who you are e.g. name, email address;
let us have proof of who you are and your address (a copy of your driving licence or passport and a recent utility or credit card bill); and
let us know the information to which your request relates, including any account or reference numbers, if you have them.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

‍

6. HOW TO COMPLAIN

We hope that we can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation and the UK GDPR also give you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state or the UK where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

The supervisory authority in the EEA is: Hellenic Data Protection Authority, Kifissias 1-3, PC 115 23, Athens, Greece. Telephone: +30-210 6475600 or e-mail: contact@dpa.gr.

‍

7. CHANGES TO OUR PRIVACY POLICY

We can change and update this Policy at any time. If you are a subscriber, you will be informed of any changes we may make to our Policy in the future and you can find the new Policy on our App, too. Your continued use of the services and the App shall mean you have accepted the updated Policy.

‍

8. INFORMATION ABOUT OUR USE OF COOKIES

Our App uses cookies to distinguish you from other users of our App. This helps us to provide you with a good experience when you browse our App and also allows us to improve our site.

‍

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies:

‍

Strictly necessary cookies. These are cookies that are required for the operation of our App. They include, for example, cookies that enable you to log into secure areas of our App or make use of e-billing services.

Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our App when they are using it. This helps us to improve the way our App works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies. These are used to recognise you when you return to our App. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

‍

Cookie Name

Purpose
‍

sessionid, refresh-token, csrftoken,
__Secure-next-auth.session-token,__Secure-next-auth.callback-url,__Host-next-auth.csrf-token
‍

These cookies are essential for logging into the NXTLVL dashboards.

_fbp, _fbc

These cookies are used by the Facebook Conversions API to track how users are using our App and to track conversions against predefined metrics.
‍

_ga*

These cookies are used by Google Analytics to help us track how users are using our App and to track conversions against predefined metrics.
‍

‍

Please note that the following third parties may also use cookies, over which we have no control. These named third parties may include, for example, advertising networks and providers of external services like web traffic analysis services. These third party cookies are likely to be analytical cookies or performance cookies or targeting cookies.

‍

Payments for FamJam subscriptions or in-app purchases are processed through Apple’s App Store. When you make a purchase, Apple handles the transaction directly, and we do not receive or store your payment information (e.g., credit card details). For more information on how Apple processes payments and handles your data, please refer to Apple’s privacy policy: https://www.apple.com/legal/privacy/

‍

However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our App.

‍

Except for essential cookies, all cookies will expire at most after 6 months.

‍

‍9. CONTACT

All questions, comments and requests regarding this Privacy and Cookie Policy should be addressed to legal@famjam.world or write to us at NXTLVL Education Ltd, Building 423 - Sky View (Ro) Argosy Road, England, DE74 2SA, United Kingdom.

‍

Last Updated: 25/11/2024

‍