PRIVACY POLICY

Home Privacy Policy

This Privacy Policy (the Policy) describes how CAP Certified Ltd collects, uses, and shares the information you provide to us on our website and our apps and the information we collect on our website and on our apps.

We will share our Data Protection and Privacy Policies on how we collect, use, and share the information you provide to us during the course of operating our business, solution, and services at each touch point. For an example when a user signs-up to the Wow Words app, a school signs-up to CAP Schools Programme and when a parent downloads the CAP Parent Portal app.

In this Policy when we refer to “you”, “your” or “yours” we mean you, parents, representatives of schools, digital platforms, and partners. When we refer to “CAP” or “we”/“us”/“our” we mean CAP Certified Ltd. Our company registered office is at 223 St. Albans Road, Watford, England, WD24 5BH and we are a company incorporated under the laws of England and Wales (registered number 11748310). Our trading address is Ground Unit, Wharfside House, Prentice Road, Stowmarket, IP14 1RD, Suffolk.

The Wow Words app is suitable for users of all ages. However, children under the age of 13 should use our App only with the permission and supervision of a parent or carer. We do not knowingly collect personal information from children under 13 without parental consent.

We may revise this Policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are binding on you.

1.0 The information that we collect and where we get it from

“Personal information” is any information that can be used to identify you and which we have in our possession or control – i.e., data we collect from you and your organisation, the way in which it is collected and the purposes for which it is collected and used.

1.1 Information you provide to us

On this website we will collect and process the following personal information about you: 

1.1.1 Information that users provide us during Wow Words app registration

We will process personal information that you give to us including when you sign-up to our Wow Words app, use the app, subscribe to a premium version, email us or contact us through various channels as follows: 

Your Information 

When you register for an account or subscribe to our services, you may be asked to provide certain personal information, such as your name and email address. We also collect information about your use of our App and information about your mobile device for analytics and improvement of our services. 

1.1.2 Information that parents provide to us

We will process personal information that you give to us including when you sign-up to our Beta launch, enquire, email us or contact us through various channels as follows:

Your Information

When you submit the ‘Join Our Beta’ form, sign up for newsletters, events or obtain information from us or when you contact us with queries or respond to our communications, the personal information you provide may include your first and last names, email address, and your contact number.

1.1.3 Information that schools provide to us

We will process personal information and information about the school that you give to us including when you enquire about the programme, sign-up to the newsletter, email us or contact us through various channels as follows:

School Information

The information you provide may include the school’s name, phone number, and website. In addition, we ask for your first and last names, email addresses, and contact number.

1.1.4 Information that digital platforms provide to us

We will process personal information that you give to us including when you sign-up to our newsletter, enquire, email us or contact us through various channels as follows:

Digital Platform Information

When you or the firm you represent enquire or submit a form the information you provide may include the name of the platform, your first name, last name, email address, contact number and the job title.

1.2 Information we otherwise collect about you

We will also collect information about you, when you use our website or when we otherwise interact or correspond with you. We use various technologies to collect and store information when you visit our website. We may, for example, collect information about the type of device you use to access the website, your IP address and your geographic location, the operating system and version, your browser type, the content you view, and features you access on our website, the web pages and the search terms you enter on our website. For information about how we use Cookies and the choices you may have, please see ourCookies Policy. 

2.0 How we use the information we collect

2.1 Purposes

We use your personal information to manage your account, provide our services, process payments, communicate with you, optimise your user experience, and improve our services. 

We may use your personal information for the following purposes: 

  1. to send newsletters, updates, event invitations and other information that may be of interest to you 
  2. where you have applied for a position with us, to review and process your job application 
  3. to comply with legal or regulatory obligations that we must discharge 
  4. to establish, exercise or defend our legal rights, or for the purposes of legal proceedings 
  5. log your use of our website or our other online services for our own legitimate business purposes, which may include the analysis of usage, measurement of site performance, generation of reports, 
  6. to look into any complaints or queries you may have 
  7. to address GDPR-related requests from you 
  8. to prevent and respond to actual or potential fraud or illegal activities, and 
  9. to collate, process and share any statistics based on an aggregation of information held by us, provided that any individual is not identified from the resulting analysis and the collation, processing and dissemination of such information is permitted by law. 
2.2 Grounds for using your personal information

We rely on the following legal grounds to process your personal information, namely: 

  • Performance of a contract – We may need to collect and use your personal information to enter into a contract with you or to perform our obligations under a contract with you. 
  • Legitimate interests – We may use your personal information for our legitimate interests, some examples of which are given above. 
  • Compliance with law or regulation – We may use your personal information as necessary to comply with applicable laws/regulations. 
2.3 How we share information with third parties

We share your personal information (limited to what’s mentioned in sections 1.1.1 and 1.1.2) with our offices around the world. As a result, your personal information may be transferred to locations outside Europe, as well as within it for the purposes described above. 

We do not sell, trade, or rent your personal information to third parties. However, we may share your information with our service providers to help us deliver our services, such as payment processing and data analysis. 

We may share your information outside CAP. This may include: 

  • Third party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your personal information for the purposes described in this Policy. This may include, but is not limited to, payment processors, IT infrastructure providers, and communications service providers. 
  • Third parties relevant to the services that we provide. This may include, but is not limited to, counterparties to litigation, professional service providers, sponsors of our events, regulators, authorities and governmental institutions.

3.0 Protecting your data outside the EEA (EU Member States and Iceland, Liechtenstein and Norway)

We may transfer data that we collect from you to third-party data processors in countries that are outside the EEA such as Australia or the USA. This might be required, for example, in order to provide services, process your payment details or provide support services. 

If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. 

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice. 

4.0 Keeping your information and information security

4.1 Duration

How long we hold your personal information for will vary and will depend principally on: 

  • the purpose for which we are using your personal information – we will need to keep the information for as long as is necessary for the relevant purpose, and 
  • legal obligations – laws or regulation, may set a minimum period for which we have to keep your personal information. 
4.2 Security Measures

We implement appropriate security measures to protect your personal information. However, the transmission of information via the internet is not completely secure, and we cannot guarantee the security of your information transmitted to our App. 

We will ensure that the personal information that we hold is subject to appropriate security measures such as:
  • Use of standard HTTPS encryption when transferring data across networks 
  • Database access restricted to VPN, and segregation of services within the VPN when applicable.. 
  • Adhering to internal data handling processes. 
We also have following measures in place to avert a data breach:
  • Preventive measures against SQL injection and XSS. 
  • Session based standard authentication for web portals. 
  • OAuth 2.0 client-credentials implementation for internal and external third- party APIs. 
  • OAuth 2.0 password grant implementation for mobile app communication. 
  • Linux security settings to prevent unwanted access to the sensitive information in configuration files or in source codes and prevent execution or writes from another user from another group. 
  • Servers block port 22 used for SSH access (using a firewall option). 
  • If above is enabled (rarely happens for debugging purposes), then SSH happens through a key pair. 
  • Also, servers block all the ports except the one that exposes the APIs. 

5.0 Your choices and rights

You have a number of legal rights in relation to the personal information that we hold about you and you can exercise your rights by contacting us using the details set out below. These rights include: 

  • Obtaining information regarding the processing of your personal information and access to the personal information which we hold about you. 
  • Please note that there may be circumstances in which we are entitled to refuse requests for access to copies of personal information. 
  • Requesting that we correct your personal information if it is inaccurate or incomplete. 
  • Requesting that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information but we are legally entitled to retain it. 
  • Objecting to, and requesting that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request. 
  • In some circumstances, receiving some personal information in a structured, commonly used and machine-readable format and/or requesting that we transmit such information to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided to us. 
  • Withdrawing your consent, although in certain circumstances it may be lawful for us to continue processing without your consent if we have another legitimate reason (other than consent) for doing so. 
  • Lodging a complaint with the relevant data protection authority, if you think that any of your rights have been infringed by us. 
  • We can, on request, tell you which data protection authority is relevant to the processing of your personal information. 

7.0 How to contact us and other important information

If you would like further information on the collection, use, disclosure, transfer or processing of your personal information or the exercise of any of the rights listed above, please contact us. You can do this by writing to us at: 

  • CAP – uk@capcertified.com 
  • CAP’s Data Protection Team – uk@capcertified.com or Data Protection Team, CAP Certified Ltd, Ground Unit, Wharfside House, Prentice Road, Stowmarket, IP14 1RD. 
Project Finished
0
Years Experience
0 +
Happy Clients
0
Recognition
0
Team Member

Our Proficient Team

Rossy Miller
Rossy Miller

HR Manager

John William
John William

Product Manager

Sofia Johnson
Sofia Johnson

Web Designer

Donald Moreo
Donald Moreo

Marketing Manager

Any Query

Frequently Asked questions

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo consectetur adipiscing elit.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo consectetur adipiscing elit.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo consectetur adipiscing elit.