Introduction
Pretty Brainy, Inc. (“we” or “us”) is concerned about the privacy of all, including children. The website and app (“Sites”) that we operate provide a forum for all family members, including children, to track their carbon consciousness and behavior change around energy use. While we encourage everyone to participate appropriately in our Sites, children’s privacy has extreme importance for us.
This Children’s Privacy Policy explains our information practices in connection with information provided by all children under the age of 13 and of teenagers whose parents’ consent we require for certain uses of their information (“Child” or “Children”) on Sites that link to this Children’s Privacy Policy.
The Sites are controlled and operated by us from the United States. We support the Children’s Online Privacy Protection Act (“COPPA”) and other frameworks like the General Data Protection Regulation (“GDPR”). Our goal is to minimize the information gathered from and disseminated about Children while permitting them active participation in the trustworthy information, education and independent voice for which we are known.
A. How We Collect and Use Information from Children
Children can explore the Sites and can document information about their energy use, including pledges and educational content, while providing only the limited personal information set out below:
Account set-up and Maintenance. If a Child wants to register to become a participant of our App Site, we require the Child to submit the following information:
Username (the Child is advised not to use his or her real name and to participate as a member of a group or team);
Password;
A range into which their age falls; and
A parent’s email, which we use to ask for that parent’s consent.
We may use information collected from Children during the registration process and in account configuration in the following manner:
To create and maintain the Child’s account;
To determine the Child’s current age range and post it next to energy use pledges posted by the Child’s team or group.
Using the Sites. We also automatically collect “persistent identifiers” about devices from visitors. We do not collect this analytics information for logged in Children.
Use of anonymous information. If the information collected from a Child does not identify or allow contact with them or their device (including, for example, aggregated information), we may use and disclose it for any purpose, to the extent permitted by applicable law.
No advertisements! We do not display advertising based on information collected from Children.
No newsletters! Our email newsletters are for adults only – they are not designed for, or targeted at, Children. Children should not attempt to sign up for our email newsletters. We encourage parents to discuss with their Children the importance of not signing up to receive our email newsletters.
Pledge Posts and Other Site Activities. A Child may post information about their energy use.. We moderate all postings by Children who are under 13 to remove personal information, and we encourage parents and teachers to discuss with their Children why they should NEVER include personal information in information posted to the Site. Children may also participate in other online activities, such as educational modules. As discussed in our Privacy Policy, all members, including Children, have the ability to keep their posts private and not publicly visible. Or, a member can send an email requesting deletion to ideas@prettybrainy.com, noting username and date of the post. (Parents may also delete Children’s postings or other information, as described in Section E.) It is possible that deleted information will remain in our system (such as in backups of our data), but they will not be visible through the Sites. Please note that your request or deletion does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.
Persistent Identifiers. Persistent identifiers are not stored on our App Site. When visitors interact with the Sites in general, certain technical information may automatically be collected, both to make our Sites more interesting and useful and for various internal purposes related to our nonprofit work. Examples of information that is automatically collected include: the type of computer operating system, the device’s IP address or mobile device identifier, the web browser, the frequency with which the user visits various parts of our Sites, and information regarding the online or mobile service provider. This information is collected using technologies such as cookies, flash cookies, web beacons, and other unique identifiers). This information may be collected by us or by a third party. Persistent identifier information is used by Pretty Brainy for the sole purpose of providing support for our internal operations, including in order to:
Ensure that the Sites function properly;
Enable us to conduct research and analysis to understand, address and improve the use and performance of the Sites; and
Diagnose and respond to problems.
We work with third parties who perform site analytics and provide services to keep your user experience on the Sites free of spam.
B. What Information Submitted By Children Is Viewable on the Site?
We strictly limit the personal information that is publicly viewable about App Site users, including anyone who is known by us to be a Child. When a Child posts an energy pledge on the Sites, only the Child’s team or group name and age range are posted, along with the content of the Child’s posting. Although the Child may create a Profile for their account (which includes a username, password, age range, and parent’s email address), no portion of the Child’s Profile is publicly viewable unless their team or parent chooses to share it via social media.
C. What Information About Children Is Shared?
We do not disclose to third parties any Children’s personal information that we collect other than as follows, consistent with applicable law: (a) with a parent’s permission, (b) as required by any applicable law, (c) to third-party service providers who help us operate or manage the Sites, (d) as part of aggregated data shared with third-party service providers, our Board of Directors, funders and other partners, as described in the Privacy Policy, (e) to comply with legal process, (f) to respond to governmental requests, (g) to enforce our Terms of Service, (h) to protect our operations, (i) for assistance in fraud detection and prevention; (j) to protect the rights, privacy, safety or property of Pretty Brainy, your Child or others, (k) to permit us to pursue available remedies or limit the damages that we may sustain, and (l) in connection with a disposition of all or a substantial portion of our business, assets or stock, such as a sale, merger, consolidation, reorganization, joint venture, assignment, or bankruptcy or similar proceedings.
D. How do we get parental consent when we are required to do so?
If parental consent is required in respect of our use of a Child’s personal information, when setting up an account, the Child must provide their parent’s email address. We use that email address to contact the Child’s parent to ask for their consent as required – we also explain to the parent:
What personal information we collect about their Child;
How we use it and why; and
How the parent can revoke their consent and/or ask that we delete their Child’s account and personal information.
If at this stage, the parent gives us their consent, we will carry out the activity for which the consent was required. If not, we won’t.
E. How May Parents Access, Change or Delete Information About Their Children?
Deleting your Children’s information and their account.
If you are a parent, and we need your consent to certain processing of your Children’s personal information, and if you:
Wish us to cease further collection of personal information from your Children;
Believe your Children are participating in an activity on the Site that uses their personal information without the parental consent required by law;
Wish us to make no further use of, or delete, the personal information we have collected online from your Children; and/or
No longer wish for your Children to participate as users of the Site,
then we will delete your Child’s Profile, and any parental contact information we may hold, on request.
Parents can exercise these rights by contacting us at connect@prettybrainy.com.
Accessing or changing your Children’s account and any personal information we have collected online. Parents may at any time:
access or make changes to their Children’s account; or
make changes to the personal information that we have collected online from their children.
For your Child’s protection, we may need to verify your identity before implementing any request described in this Section E. We will try to comply with your request as soon as reasonably practicable.
F. How May Parents Raise Other Questions or Concerns?
If a parent has any questions or concerns about his or her Child’s use of the Sites, we encourage the parent to contact us at ideas@prettybrainy.com or:
Privacy Department
Pretty Brainy
P.O. Box 7812
Loveland, CO 80537
G. EU Privacy Matters
Who does this Section G apply to? Our App/Sites have been created specifically for the use of residents of Northern Colorado, United States of America. We have not created our App/Sites for Children based in Europe; however, in case Children in Europe have signed up to use our App/Sites, all references to “Child” or “Children” in this Section G are references to such European Children only. References to such European Children’s “parents” should be understood in the same light.
What do we mean by “Personal Data”? Under European data protection law, “Personal Data” refers to information about an identified or identifiable natural person. For European Children, references to “personal information” or “information” elsewhere in this Children’s Privacy Policy should be read as including reference to their Personal Data.
EU-specific rights. Under certain circumstances, Children may have certain rights – including those set out below:
Access. Request access to their Personal Data.
Correction. Request correction of inaccurate or incomplete Personal Data that we hold about them.
Erasure. Request erasure of their Personal Data.
Objection. Object to our reliance on our Legitimate Interests as the legal basis of processing of their Personal Data
Restriction. Request the restriction of processing of their Personal Data until we address their request establish its accuracy or our reasons for processing it.
Portability. Request the transfer of their Personal Data in a portable format.
Withdraw consent. Withdraw their consent to any Processing that relies on it as a legal basis. Their parent’s have the same right to withdraw any parental consents that we have been given.
Typically there is no fee for this; however, we may charge a reasonable fee if the request is clearly unfounded, repetitive or excessive – or, in these circumstances, we may refuse to comply with the request. We may need to ask for information in relation to any request to help us confirm the identity of the person making it and to speed up our response.
The right to complain. We would love to be able to resolve all questions, requests and complaints about Personal Data directly. However, if a Child or their parent feels we have not been able to satisfactorily resolve an issue, they may contact their local data protection supervisory authority. For the contact information of the Data Protection Authorities for each European Union Member State, please click here.
What Personal Data do we use? The Personal Data that we use is set out in Section A of this Children’s Privacy Policy.
Our “Legal Bases” for using Personal Data. The GDPR requires us to have a “legal basis” for each way that we use Personal Data. Most commonly, we will rely on one of the following legal bases:
Where we need to perform a contract we are about to enter into or have entered into with a Child (“Contractual Necessity”).
Where it is necessary for our legitimate interests and the Child’s interests and fundamental rights do not override those interests (“Legitimate Interests”).
Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).
Where we have specific consent to carry out the processing for the Purpose in question (“Consent”), in these cases we would need to get a Child’s parent’s consent.
Purposes for Processing. A the end of this page we have set out below the legal bases we rely on in respect of the relevant Purposes for which we use Children’s Personal Data.
Purpose limitation. We will only use Children’s Personal Data for the purposes for which we collected it as listed above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use Children’s Personal Data for an unrelated purpose, we will update this Privacy Policy. Please note that we may process Children’s Personal Data without their or their Parent’s knowledge or consent, in compliance with the above rules, where this is required or permitted by law (including the GDPR).
What happens when you do not provide necessary Personal Data or you withdraw consent? Where we need to process a Child’s Personal Data either to comply with law, or to perform the terms of a contract we have with them and they fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into. Similarly, if we rely on Consent to process Children’s Personal Data, they or their parent may withdraw that Consent, but if this happens, we may not be able to provide certain services or features.
International transfers. We are headquartered in the United States. The Personal Data information that we collect from and about Children will be stored and processed in the United States and may be stored and processed in other countries outside of Europe. However, it is our policy to ensure that adequate contractual or other safeguards are applied to Personal Data transferred outside of the European Union where required by European data protection law. If you have questions about the safeguards applied to Children’s Personal Data, you may contact us at ideas@prettybrainy.com.
Data security and retention. Our data security and retention practices are described in our general Privacy Policy – please see:
Data Security – VI. Important Disclosures, Practices and Contact Information
Retention – V. How Long We Keep Your Personal Information
Personal Data from Third Party Sources. We do not collect any Personal Data about Children from any third parties or publicly-available sources, other than from their parents (where they choose to give it to us).
Modification or Deletion of Information
If you wish to modify or delete any information you have provided to us or which we have collected through our website, please email connect@PrettyBrainy.com. We will use reasonable efforts to delete information we have stored in our databases and otherwise, however we cannot guarantee that all instances of all data collected will be permanently removed. In addition, we cannot be responsible for the modification or deletion of any information we have provided to third parties as described herein.
Governing Law
This Privacy Policy shall be governed under the laws of the State of Colorado without regard to its conflicts of law provisions.
Further Information
If you have questions about this Privacy Policy, please contact us at P.O Box 7812 – Loveland, CO 80537, or email ideas@PrettyBrainy.com.
are registered US trademarks. Copyright © 2008 - Pretty Brainy, Inc. All rights reserved.