Privacy Policy

Use of the Service is governed by this Privacy Policy. By using the application ECPAT FRANCE (“the Application”), you consent to the terms of the Privacy Policy. The purpose of this Privacy Policy is to inform you how ECPAT (“the Data Controller”) collects, stores, uses and process your Personal Data provided through the Application. The Data Controller respects your right to privacy when you use the Application and communicate electronically with it.

1. What Personal Data do we gather about you and how do we collect it?
Personal Data is collected for the purposes of suppling dedicated educational contents and generate feedback on your progress, and each time you participate in any of the features or services offered by the Application.
The types and amount of information collected for the above-mentioned features and services may be updated and vary depending on the activities of the Data Controller:
• Name
• First name
• Email
• Login
• Password
• Avatar (Image)
• Language
• Time spent
• Scores
• Result of activities
• Progress
• Points
• Start dates
• Contribution (optional, if the customer decided to use social features such as comments etc.)
We may use a variety of technologies that collect and provide information about how the Application is accessed and used by you (active directory, forms etc.).

2. For what purpose do we use your Personal Data and based on which legal grounds?
We collect information about you to:
· Respond to your request of service or for the performance of a contract
When you register or sign-up in the Application, your Personal Data is used to supply you with dedicated educational contents and generate feedback on your progress.

3. What happens if you do not wish to provide your Personal Data?
You will not be able to use the Application.

4. To whom do we disclose your Personal Data and why?
· With Teach on Mars as the Subcontractor of the Application, but only for the purpose described above (topic 2).

5. Is your Personal Data sent to recipients located in other countries and why?
The Data Controller is a global company and if permitted by applicable local laws your Personal Data may be transferred across international borders. It may be transferred to countries that have a different level of data protection laws than the one existing in the country from where you submitted your Personal Data. Your Personal Data may also be transferred between different companies of the ECPAT Group located in different countries.
The Data Controller takes the appropriate measures to maintain security of the Personal Data both during transit and at the receiving location.
Hosting service providers for the operation of the Application are based in the European Union. The transfer of personal data to these service providers are implemented in accordance with applicable laws and rely on GDPR. Teach on Mars is also bound by a contract that ensures a high standard of privacy protection and requires (amongst other provisions) that they act only on the Data Controller instructions and implements all technical measures necessary on an ongoing basis to keep your Personal Data secure.

6. How long do we keep your Personal Data?
The Personal Data that you sent via the Application will be stored in databases as long as your account is active, for the duration of the contract between the Data Controller and Teach on Mars, or as needed to provide you the services you requested or to answer queries or resolve problems, provide improved and new services. Your Personal Data may also be retained in accordance with internal retention procedure as necessary to comply with legal and regulatory obligations, resolve disputes and enforce agreements.

7. How do we secure your Personal Data?
All necessary technical and organizational measures have been taken to protect the confidentiality and security of your Personal Data collected from the Applications, including sensitive Personal Data. These efforts include but are not necessarily limited to: (i) storing your Personal Data in secure operating environments that are not available to the public and that are only accessible to authorized employees, agents and contractors; and, (ii) verifying the identities of registered users before they can access their Personal Data.

8. How can you contact us or the relevant Supervisory Authority ?
If you have any questions, complaints, or comments regarding this Privacy Policy or our information collection practices, please contact us by writing to: