Privacy Policy

Last Updated: 18/08/2025

  1. Introduction

The Apogee Project AT Ltd (“we,” “our,” or “us”) is committed to protecting the privacy of children, families, and schools who use our educational games and subscription services.

We design accessible and engaging games for children with disabilities, and we are dedicated to ensuring a safe and secure digital environment. This Privacy Policy explains how we collect, use, and safeguard personal information, in compliance with applicable laws such as the UK GDPR, EU GDPR, COPPA, and other relevant privacy regulations.

 

  1. Information We Collect

We only collect the minimum personal information necessary to create and manage subscriptions. This may include:

  • Parent/guardian or school representative’s name
  • Email address
  • Payment details (processed securely by our providers – Stripe and PayPal)
  • Account login credentials (for accessing subscription content)

We do not collect, track, or store any personal data while a child is playing our games.

 

  1. How We Use Your Information

We use the information we collect only for educational and operational purposes:

  • To process and manage subscriptions via Paid Member Subscriptions (WordPress plugin)
  • To enable account login and access to content
  • To provide customer support
  • To maintain account security and service functionality

We do not sell, rent, or share personal data for commercial or advertising purposes.

 

  1. Role of Third-Party Services

We rely on trusted third-party providers to deliver our service:

  • Paid Member Subscriptions (WordPress plugin): Manages subscription accounts and login functionality. It does not track or share usage data outside of account management.
  • WordPress (website host): Hosts our site and provides standard technical infrastructure. It may log technical data (e.g., IP addresses, browser type) necessary for site operation.
  • Stripe & PayPal: Handle payment processing securely. We do not see or store credit card numbers or payment details.

Each provider maintains its own privacy and security practices. We only share the minimum data required for them to provide their service.

 

  1. Data Storage & Security

We take data protection seriously. All data is:

  • Encrypted and stored using industry-standard security protocols
  • Accessible only to authorised personnel
  • Never used for marketing or advertising
  • Retained only for educational subscription purposes

 

  1. Data Retention

We retain account information only for as long as needed to manage subscriptions and comply with legal obligations.

  • If an account is cancelled, data is deleted within 30 days unless financial/transaction records must be retained for legal or tax purposes.
  • Schools and parents may request earlier deletion of personal data by contacting us.

 

  1. Security and Breach Response

We maintain a data breach response plan. In the event of a breach, we will:

  1. Contain and investigate the incident immediately
  2. Notify affected users and, where required, supervisory authorities (such as the UK ICO) without undue delay
  3. Take corrective action to prevent recurrence

 

  1. Children’s Privacy
  • Children are not permitted to create accounts.
  • Subscriptions must be created and managed by a parent, guardian, or school.
  • Children can use our games without providing personal information.

This ensures compliance with COPPA and equivalent child protection laws.

 

  1. Legal Basis for Processing (GDPR)

We process personal data under the following legal bases:

  • Contract: To provide subscription services you have purchased.
  • Consent: Where parental or school authorisation is required for a child to access content.
  • Legal obligation: To comply with financial and tax regulations.

 

  1. Rights of Parents, Guardians, and Schools

You have the right to:

  • Access your data
  • Correct inaccurate information
  • Request deletion of personal data
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time
  • Lodge a complaint with your data protection authority (UK: ICO)

Requests can be made via info@theapogeeproject.com.

 

  1. Schools and Educational Use

When used in schools, the school remains the data controller for student accounts, and The Apogee Project AT Ltd acts as a data processor.

  • We only process data in line with the school’s instructions and for educational purposes.
  • We do not use school or student data for commercial gain.
  • Schools can request deletion of data at any time.

 

  1. Cookies and Website Use

Our website uses only essential cookies required for login and subscription functionality. We do not use advertising or tracking cookies.

 

  1. International Data Transfers

Some third-party providers (e.g., Stripe, PayPal, WordPress) may process data outside the UK/EU. Where this occurs, safeguards such as Standard Contractual Clauses or equivalent legal protections are applied.

 

  1. Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated via our website or email. Continued use of our services after updates indicates acceptance of the revised policy.

 

  1. Contact Us

For questions or privacy requests, please contact:

The Apogee Project AT Ltd
Email: info@theapogeeproject.com
Website: www.theapogeeproject.com