- INTRODUCTION
1.1 Teens in AI, a company registered in England under the number 09349572 and whose registered office is 26 Lydney Road, Locks Heath, Southampton, SO31 6PY (“Teens in AI”, “we”, “us” or “our” in this policy), run hackathons, bootcamps, incubators and accelerators in which young people learn to identify a problem in their community and solve it through technology (“Services”). This privacy policy explains how we will process the personal data relating to our Services.
If you have any questions or comments about this privacy policy please contact us via email at [email protected]
1.2 Teens in AI is committed to protecting and respecting your privacy. This policy explains the basis on which personal information we collect from you will be processed by us. Where we decide the purpose or means for which Personal Data you supply through these Services is processed, we are the “data controller” for the purposes of the GDPR and UK-GDPR.
1.3 This policy explains the following:
1.3.1 What information Teens in AI may collect about you;
1.3.2 How Teens in AI will use information we collect about you;
1.3.3 Whether Teens in AI will disclose your details to anyone else; and
1.3.4 Your choices and rights regarding the personal information you have provided to us.
1.4 Our online services contain hyperlinks to websites owned and operated by third parties. These third-party websites may have their own privacy policies and we recommend you to review them. We do not accept any responsibility or liability for the privacy practices of such third parties and your use of them is at your own risk.
- WHAT INFORMATION WILL TEENS IN AI COLLECT ABOUT ME?
2.1 We collect and process the following information which may include your Personal Data.
Information provided by you when using our Services
You may give us information about you by filling in forms when setting up an account with us, attending our events, using our Services, signing up to our newsletter or contacting us with enquiries. Such information may include:
1) Contact data: including your full name, email address, phone number, how you heard about us;
2) Student Information: including full name, date of birth, school, gender, student sign out options, student medical issues, student educational needs, emergency contact name and number;
3) Transaction data: where you attend an event, or access a paid-for content or course, we will keep information related to your purchases such as billing address, order numbers, payment method (see the section on Payment Information below);
4) Your enquires and feedback. If you contact us about our Services, we may keep the content of such enquiry. You are under no obligation to provide us with any details, but if you don’t provide all relevant information, we may not be able to help;
5) Photos: We may take these at our events, provided we have obtained the prior consent of those being photographed.
- DATA SHARING
3.1 We may disclose personal data to our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this privacy policy. However, this is on the basis that they do not make independent use of the information, and have agreed to safeguard this information. Activities which are carried out by or in collaboration with third party service providers include IT infrastructure & hosting.
3.2 In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); for child-safeguarding purposes, in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
- HOW WE WILL USE INFORMATION WE COLLECT ABOUT YOU
Providing the Services
We may use and retain your personal data where we need to perform the contract we are about to enter into or have entered into with you, such as to:
– register you as a user of our Services; and
– deliver our Services to you.
We may also use and retain the personal data you provide to us when requesting our Services, to pursue our legitimate interest of providing our Services to you, such as to:
– respond to your enquiries and communicate with you;
– contact you about participating at our events;
– analyse and improve our Services such as to optimise logistics and future event offerings; and
– provide you with information and updates about the Services we offer.
Child Safety and Prevention of Harassment & Fraud
We may process your information for the legitimate interests of ensuring that use of our Services is lawful and non-fraudulent, does not disrupt the operation of our Services, does not harass or bully our staff or other individuals, and to enforce our legal rights and comply with our legal obligations, including compliance with anti-money laundering regulations (if and where applicable).
Where we suspect unacceptable activities, we may investigate and keep a record of such investigation and its conclusion. Where such investigation concludes in a ban from our Services, we will keep details of such ban to ensure that it can be enforced.
We process information for the legitimate interest of complying with HMRC requirements by retaining records of customer purchases and transactions.
Where we reasonably believe that you are or may be in breach of any of the applicable laws, we may use your personal information to inform relevant third parties, your email/internet provider or law enforcement agencies about the content.
- OUR LEGAL BASES FOR USING PERSONAL DATA
5.1 We process the information listed above:
5.1.1 to perform our contract with you;
5.1.2 to enable us to comply with our legal obligations;
5.1.3 to pursue legitimate interests of our own or of third parties to operate our business, provided that the resulting impact on your interests and fundamental rights does not override those interests; and/or
5.1.4 based on your consent.
5.2 The purposes for which we will process your personal data are set out in the table above in paragraph 4. Sometimes the legal bases for processing will overlap and there may be several legal bases that support our processing of your personal data.
- HOW WE USE SPECIAL CATEGORIES OF DATA
6.1 Special categories’ of personal data such as (without limitation) data concerning health, racial or ethnic origin, religious our philosophical belief, are granted higher levels of protection by data protection laws.
6.2 We need to have further justification for collecting, storing and using this type of personal data. We may use information about your physical or mental health or disability status to ensure your health and safety at our events and to provide appropriate adjustments. We do not foresee that we will process other special categories in the usual course of our operations. If we do, we will only do so because there is a legal basis to justify that processing.
6.3 We may process special categories of personal data in the following circumstances:
6.3.1 with your prior explicit consent (or, if you are a minor, the consent of your parent or legal guardian).
6.3.2 where we need to carry out our legal obligations including to ensure your health and safety at our events.
6.3.3 here you have made this data public, for example videos of you may communicate information about your health, racial or ethnic origin.
- YOUR RIGHTS IN RELATION TO PERSONAL DATA WHICH WE PROCESS RELATING TO YOU
7.1 You have the following rights over the way we process personal data relating to you. We aim to comply without undue delay in response to any requests by you:
7.1.1 for a copy of data we are processing about you and have inaccuracies corrected;
7.1.2 to ask us to restrict, stop processing or to delete your personal data;
7.1.3 for a machine-readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and
7.1.4 to make a complaint to a data protection regulator.
7.2 Please send your requests to [email protected].
- DATA RETENTION
8.1 We will hold your personal information on our systems for as long as is necessary for the relevant purpose and to maintain business records for tax, legal and regulatory reasons, or as otherwise described in this privacy policy.
8.2 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
8.3 Teens in AI will typically store the personal data for up to 7 years from last contact with the individual. Some data is retained for a shorter period but for HMRC financial reporting, prevention of fraud and customer service some data must be retained for the full 7 years.
- CHILDREN
9.1 Due to the nature of our services, we do collect and use data relating to children in order to provide our Service and let them take part on our events. We fully appreciate that children need particular protection when their personal data is collected and processed because they may be less aware of the risks involved. As such we only use their data for the limited purposes of providing our Services and have safeguarding policies in place for our staff, events partners and speakers.
9.2 If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at [email protected]. We will delete such information from our files within a reasonable time.
- SECURITY
10.1 We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information.
10.2 In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal data transmitted, stored or otherwise processed by us
- CHANGES
We will notify you of any changes to this policy by email, notice on the website and/or account message.
- INTERNATIONAL DATA TRANSFERS
12.1 We are a UK organisation and we use Google Cloud services for the protection and storage of our data. Google replicates Customer Data between multiple geographically dispersed data centres. Google also logically isolates the Customer’s data. Our data is stored in data centres listed at: https://www.google.com/about/datacenters/locations/index.html The information that we collect from you will be stored in these servers.
12.2 Where we transfer your data outside of the UK and/or EEA, there are agreements in place to ensure that personal data is processed using appropriate safeguards that meet the requirements of data protection laws. Such appropriate safeguards may include standard data protection clauses adopted by a data protection regulator and approved by the European Commission, such as the European Commission’s standard contractual clauses.
12.3 If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this Policy, please let us know by emailing us at [email protected].