We’re committed to protecting your privacy and will only use the information that we collect about you lawfully. You can check the information that we hold about you by contacting us.
Safeguarding Children and Their Privacy
We thought very hard about what data was actually necessary to hold about children, so personal data is very limited and includes an encrypted name (we suggest using a first name and perhaps an initial only). This is linked to an adult or school account to determine their membership status. Child names are not shown publicly, an unrelated screen-name is shown with high scores (which can be disabled by a parent or school).
We don’t store a date of birth or have any chat or social media element.
Scores shown publicly online will be listed with random identifier or an unrelated screen-name (as preferred by their school) and may list a class and school.
You can ask us to delete personal data for children at any time.
What sorts of personal information do we hold?
Information collected includes the users IP address to for website security and to offer any country specific information.
For customers with an account/membership we’ll store their name, billing address, email and phone number for payment and order queries. Order history allows us keep a track of any order updates, emails or security risks. We’ll also remember any website preferences including a language and country.
We do not hold any credit card details, that is managed by our payment processor, currently Stripe (used by millions of companies all over the world.)
Data is transferred between your web browser and our secure server useing 128 bit TLS encryption (known as HTTPS). For extra security we also encrypt some data within our database, which includes first name, telephone number, first 3 address lines and any personally identifiable notes.
Our lawful basis for processing your personal information
GDPR Rules require us to tell you the “legal basis” for processing your personal information. They are:-
- Consent: You have told us you are happy for us to process your personal information for a specific purpose; (e.g. cookie consent)
- Legal obligation: We are required to process your personal information by law. (e.g. keeping details for Accounting and HMRC)
- Legitimate interests: The processing is necessary for us to conduct our business (e.g. storing personal details while making an order or a member). We also process your data in order to protect us and our customers from fraud.
How do we use your personal information?
We may use your information in the following ways:
To provide our products and services
We need to use your personal information to make our products and services available to you, process your order and keep you informed of it’s progress.
For safety and security
We use customers details and location (e.g. Address) to help minimise fraud.
Analytics and profiling
We use your IP address for statistical analysis and to help us understand more about our customers. Remembering which pages and options are used helps us to guide customers when they call for advice and track popular pages and products.
A numeric account ID is printed at the bottom of worksheets to aid customer support, it also helps prevent other companies profiting from our work. (You can copy our worksheets if unmodified and not used for profit – see terms)
We use your personal information to contact you in relation to your order. If you give permission, we will email you related our own maths newsletters. You can opt out at any time via our emails or website.
Sharing your information with other companies
We do not sell any personal data to other companies.
We share invoice details with our accountants and if requested, HMRC. Invoices include your name and address.
We pass your billing name and address to our payment processing company (e.g. Stripe/Paypal). This helps to speed up completing your credit card payments.
We do not store or have access to credit/debit card numbers, expiry dates or card security codes. On-line payments are taken directly from our credit card processing company (which uses 128 bit SSL encryption and anti-fraud technology).
The GDPR rules gives you various rights about the information we hold about you. They include:-
- the right to access a copy of the personal information we hold about you
- the right to correction of inaccurate personal information we hold about you
- the right to restrict our use of your personal information
- the right to be forgotten
- the right of data portability
- the right to object to our use of your personal information.
We will need to verify your identity before we can action any of the above rights, to protect you data from fraud. We’ll action any request within 28 days.
How long will we keep your personal data?
If you register on our website, we’ll keep your account for 1 year, after that we’ll delete or obscure any personal data not related to invoicing.
You may request us to delete all other account information at any time.
We have a legal responsibility to keep invoice details for 7 years (HM Revenue and Customs). Customers that request marketing emails can be removed any time, although we will remove older entries after 5 years.
Delphi Solutions Ltd are the data administrators and controllers, also referred to by “We”, “Us” and “Our” in this policy.
The easiest way to contact Delphi Solutions about your data is via Customer Service, by sending an online message, email or calling. We will forward any requests to Delphi Solutions Ltd, 3 Chilton Close, High Wycombe, HP10 8AQ.
You also have the right to lodge a complaint with the UK regulator, the Information Commissioner. Go to ico.org.uk/concerns to find out more.