Children’s Code

Here at Phonic Zoom we are fully committed to ensuring privacy for all users, but always strive to go the extra mile when it comes to children’s privacy.

The Children’s code (Age appropriate design: a code of practice for online services) is proposed as good practice by the ICO and details fifteen standards that providers of online services likely to be accessed by children must conform with. Below we outline how we comply with each.

1. The best interests of the child

We collect very little in the way of data related to the child because we believe in their privacy. Where we do use their names, we anonymise them to anyone outside of their class and in their usage of our apps we look to time-limit their usage to support their own health and wellbeing through all games being short in play time and all races and challenges limiting the time in which their play can contribute.

2. Data protection impact assessment

Our DPIA can be accessed at the following link and is reviewed regularly alongside any changes made to our apps:

Data Protection Impact Assessment

3. Age-appropriate application

Users of the application itself are children aged between 4 and 16 years of age. Users of the administration panels should only ever be over 16 years of age.

We provide the application and supporting resources to help children learn and to enjoy their learning through play.

Data processing and storage of Personal Data is only for the purposes of supporting Schools and Parents in identifying their children to support them in their learning.

 Any analytical data we provide to administrators is done so to ensure they are able to further support children in their learning.

Any usage data we collect is on an anonymised and aggregated basis and serves to help us identify areas for development or alteration in the application’s use.

4. Transparency

We offer a child-friendly version of our main Privacy Policy in relation to their personal data, which can be accessed at the following link Phonic Zoom child-friendly privacy policy

5. Detrimental use of data

We do not profile children, nor make inferences based on their personal data. We do not process geo-location data.

We only ever process children’s data for the purposes of furthering their education and learning.

Where we offer digital ‘rewards’ for their usage of the app these are based on nothing other than them trying. Whether or not they are successful in their learning has no direct impact on their rewards and what they can then use those rewards for. In offering these rewards we don’t use their personal data and never apply any in-app pressure to encourage further play or competition. All rewards and leader boards are never mentioned outside of the sections of the app in which they are located.

All of our games offer the functionality to pause or quit the game at any time and where we offer challenges or competitions we limit playtime towards those by allowing teachers to specify how much play can count towards them, but again do not display personal data within those areas where competitions are included.

6. Policies and community standards

We adhere to the Terms of Service agreed with Customers (Schools or Parents) upon their subscription. Our Privacy Policy and other processes relating to data processing are all compliant with GDPR, Data Protection Act and are aligned to information security standards such as ISO 27001.

Our Terms of Service set out the way our Services should be used and we do not offer any ‘community areas’ where individuals can interact with one another in an online space.

7. Default settings

Our default settings for the application (Phonic Zoom) involve a child’s name being shown to their classmates but masked when shared in overall leader boards and not being visible anywhere else in the app. Their name in the leader boards can be changed by a school or parent should they wish. The child’s name is also made visible in statistical reporting that we make available for teachers and parents to gauge progress.

There are no other privacy settings because we do nothing else with their personal data within the application.

8. Data minimisation

The data we collect only ever covers a child’s first name, surname and class group, but even these can be masked or anonymised should the school, parent or child wish.

9. Data sharing

We don’t sell or share any data (including children’s data) unless for a legitimate, pre-authorised purpose or if we are compelled by law.

10. Geolocation

We do not undertake any geolocation on children, school or parent accounts.

11. Parental controls

Parents only have control of their children’s logins (username and password). Any other parental control we would expect to take place on-device instead of within-app.

12. Profiling

We undertake no profiling or tracking of individual personal activity within our apps. If children are recommended games or content this is done by their teacher or parent, with the teacher or parent setting the child’s educational level in their own administration panels. All of this is to deliver additional support to the child in terms of their education and learning.

13. Nudge techniques

We use no such techniques within our apps. We believe that any decision made by a child should be made without being pushed towards it. All buttons and options are set at a standard size so a child has full choice over how they use the apps.

14. Connected toys and devices

None of our apps feature on or around connected toys or devices. The only microphone functionality our application offers is with the administration panels for schools and parents where they are able to upload voice recordings of words that we do not have in our own databases.

15. Online tools

Our online version of the application features links to our privacy policies and other documentation such as our DPIA, children’s code responses and a child-friendly version of our privacy policy in language they can understand.

The child friendly version of our privacy policy outlines our promises regarding articles 15 to 22 from the GDPR documentation.