UPDATED SEPTEMBER 16, 2019
We at Norby, Inc. ("Norby," "we", "our" or "us") take your privacy seriously. This policy explains our collection and use of information on and through our websites, products, services, and applications (the "Services"), and related choices you have. By using or accessing the Services, you hereby consent that we will collect, use, and share your information as described herein.
A. TYPES OF INFORMATION COLLECTED
We and the Services collect different types of information through the Services.
1. GENERAL INFORMATION
Personal information is information about you that can be used by itself, or combined with other information, to personally identify you ("Personal Information"). We collect this information directly from you when you provide it to us and by other means. For example, when you make a purchase on our website, you provide us with your name, email, phone number, address and billing information. When you register to receive Norby news, we collect your age and email address. We do not collect more Personal Information than is reasonably necessary to provide you the Services or improve the Services.
2. SPECIFIC TO THE SERVICES
When you sign up for an Norby account (an "Account"), we may collect information such as your name, player/child name, email address, birthdate, password, address, and billing information (collectively, "Account Information"). If a child under the age of 13 (or older, depending on your country) registers for an Account, the email address of his or her parent/legal guardian is collected instead.
We use Account Information to create, manage, and maintain Accounts and provide the Services. For example, for Norby, you can reserve a child name, which may be displayed to users you play with. We also back up stats and progress on multiple devices for a better gameplay experience. For purchases on our website, we collect address and billing information to facilitate your current or future purchases.
APP ANALYTICS DATA
The Services collect gameplay data such as scores, achievements, and feature usage. The Services also automatically keep track of information such as events or failures within them. In addition, we may collect your device make and model, an Anki-generated randomized device ID for the mobile device on which you run our apps, robot/vehicle ID of your Anki device, ZIP-code level data about your location (obtained from your IP address), operating system version, and other device-related information like battery level (collectively, "Analytics Data"). Unless you create an account and log in, Analytics Data is stored under a unique ID and not connected to you. We use Analytics Data to enable and improve the Services and enhance your gameplay. For example, Analytics Data enables us to analyze crashes, fix bugs, and personalize or develop new features and services. If you are a user in Europe, you can opt-out from the collection of Analytics Data connected to you. For further information, please see Section E.
We also use Analytics Data, either alone or combined with other data, to create aggregated data which does not identify you personally ("Aggregate Data"). We may freely use and share Aggregate Data with our partners, for example, who perform functions on our behalf or help us improve the Services.
The Services provide you with options to share your information, such as via text messaging, email, or social media, or to receive push notifications from us. For example, the Services can ask if you'd like to share your play results with your friends or save images from our apps to your device. If you want to use these features, you will receive a request for access to your photos which you may allow or deny. If granted, we use this access to save images you create within the Services. For push notifications, you can opt-out anytime by turning off push notifications from your phone settings.
3. AUTOMATICALLY AS YOU NAVIGATE: LOG FILES, COOKIES, AND OTHER TECHNOLOGIES
When you use or visit the Services, the services automatically record and store certain information in log files. Generally, we use this information in an aggregated and anonymized way. If we need to combine this type of information with Personal Information, we treat it as Personal Information. Automatically collected information includes statistical or technical information such as your Internet Protocol address, operating system, time and date, and how you navigate the Services.
On our websites, we may – depending on your cookie preferences – also collect information through the use of "Cookies" or similar tracking technologies, which are identifiers transferred to your browser. We use first and third party Cookies to help our websites work, provide you with relevant content and to improve our Services.
4. EMAIL, SURVEYS, AND YOUR CHOICES
If you have provided us with your contact information, we will use this information to communicate with you about your order or Account or address your questions. If you have, or, for a child under the age of 13 (or up to 16, depending on the country), his or her parent/legal guardian has, given us consent by providing us your contact information, we may, subject to your marketing preferences, send you education, marketing, product support, and research emails. Our third-party mail service provider provides us with anonymized and aggregated information about the respondents to our emails. You can unsubscribe from our marketing and research emails anytime by following the instructions included in them. We track open rates for our emails so we can improve our communications with you and our services. If you participate in our optional surveys, information you provide to us, including Personal Information, will be linked with your Account. We will not share the Personal Information you provide through a contest or survey with third parties unless we give you prior notice and choice. Some of our Services include links to third party websites or apps. We are not responsible for such websites. These sites may have their own privacy policies and practices.
5. SOCIAL MEDIA & CONTESTS
We have a presence on various social media platforms, such as Facebook. We receive anonymized and aggregated demographic and use information from these services when you engage with us on them. In addition, we may offer sharing features and other integrated tools (such as the Facebook "Like" button). Such integrated features may share data and are governed by the privacy policies of the third parties that provide these features. From time to time, we may conduct contests and sweepstakes. If you participate, we may collect information from you, as described in the terms of the contest or sweepstakes.
B. HOW WE USE THIS INFORMATION
- Provide and deliver products and services you request
- Operate, maintain, and improve the Services
- Allow you to participate in interactive features
- Personalize and customize your experience, content, marketing, and recommendations
- Respond to requests that you make and provide you with customer service, informative announcements, and promotional information about us or our products
- Assist those who help us in designing, analyzing, and operating the Services
- Carry out our obligations and enforce our rights, and protect against fraud, unauthorized or illegal activity, or policy or billing violations
- Notify you about changes to the Services
- In any other way we may describe when you provide the information, with your consent or the consent of a parent or legal guardian
- Fulfill any other purpose for which you provide it
C. SHARING YOUR INFORMATION
We may share your Personal Information as follows:
- With third parties that support our business, such as to process payments, provide accounting, or store and/or process information, and who are bound to keep Personal Information confidential and adequately protected and use it only for the purposes for which we disclose it to them.
- With our affiliates or subsidiaries, provided the data is adequately protected. Also, if we are acquired, dissolve, or go through a change of control, Personal Information could be one of the assets transferred, subject to your consent, where required by law.
- To fulfill the purpose for which you provide it (for example, when you want to share something to social media, to post it to a third party account on your behalf), for any other purpose disclosed by us when you provide the information, or otherwise with your consent or, in case of a child, the consent of a parent or legal guardian.
- To comply with relevant laws, regulations, lawful requests by public authorities, including to meet national security or law enforcement requirements, court orders, and legal process; protect and defend the rights or property of us or third parties and investigate and prevent fraud; and in an emergency, including to protect safety.
We may also freely disclose Aggregate Data to third parties for research and development, product improvements, and other related business purposes.
D. TRANSFER OF PERSONAL INFORMATION TO THE UNITED STATES; PRIVACY SHIELD CERTIFICATION
The Services are hosted and operated in the United States.
Norby, Inc. (and its subsidiary companies) participates in and has certified its compliance with the EU-US Privacy Shield Framework. Norby, Inc is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Norby, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Norby, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our US-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
E. ACCESSING YOUR INFORMATION; YOUR RIGHTS
Upon request, we will provide you with information about whether we hold any of your Personal Information, or if you are a parent, your child’s information. You can contact us at email@example.com or through the contact information provided below to modify, request a copy of, or request deletion of this Personal Information or your Account. You have the additional following rights under EU Data Protection rules with regard to your Personal Information: Rectification of inaccurate Personal Information, objection to the processing of Personal Information, restriction of processing of Personal Information, and portability of Personal Information. If you think your rights have been violated, you also have the right to lodge a complaint with your national EU Data Protection Authority. You can learn more about these rights at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en.
We will use commercially reasonable efforts to respond to your request within 30 days, unless such request is unreasonable under or would violate applicable law. If you request to delete Personal Information, you may no longer be able to use some features.
OPT-OUT RIGHTS. We offer certain choices about how we communicate with you and what information we obtain.
- You may opt-out of receiving emails at any time by clicking "unsubscribe."
- If you are a user in the EU, you can opt-out from the collection of Analytics Data by visiting the settings section of your app.
If you are California resident please see Sec. H below for your California Privacy Rights.
Unless we note otherwise (for example, on product packaging), the Services are intended for audiences of all ages. In compliance with applicable law, when we collect Personal Information through the Services, in some regions we ask users to input their age. When a child signs up for an Account, we will send a notice via email to the child's parent or guardian, or obtain verifiable consent via other acceptable methods. If we do not receive consent within 14 days after sign-up, the child's Account will be deleted. The information collected and stored from the child may include a username (e.g., driver name) and parent’s email address. We may also collect and link to the child’s Account the Analytics Information.
The information will be used for the purposes stated in this policy and as permitted under law. The information may also be shared as described in Section C, including with certain third party vendors that help us operate the Services, such as by sending out our email communications.
We will only collect such Personal Information from children as is reasonably necessary to provide the Services. When applicable, parents/legal guardians have the right to consent to Norby's collection and use of Personal Information from the child without also consenting to its disclosure to independent third parties. Parents can revoke their consent anytime by contacting firstname.lastname@example.org, and they can request modification or deletion of children’s accounts by following the process at Section E. We will notify the parent when important information changes, like when password or other settings changes are made to Accounts of children.
We take reasonable precautions to protect your data. Payment transactions are encrypted in transit. Although we endeavor to provide reasonable security, no system can prevent all potential breaches or guarantee perfect security. Please contact us immediately at email@example.com if you suspect a vulnerability in our systems, products, or services.
H. YOUR CALIFORNIA PRIVACY RIGHTS
California residents may request information about practices related to disclosing personal information to certain third parties and/or opt-out of sharing of information with unaffiliated third parties, if applicable. Please send your request (along with your full name, e-mail address, postal address) to us as the contact information provided in Section I.
I. HOW TO CONTACT US
170 PEEL STREET,
WINDSOR VICTORIA 3181