Privacy is SelfieCop's #1 priority. This includes the privacy of parents, children and third-parties. Nothing is more important to us.
Following the European Court of Justice ruling that invalidates Safe Harbor data transfers to the US, SelfieCop has started a process to ensure all data can in future be stored within the EU. We expect this change to be ready by early-mid 2016.
In the meantime, if you do not wish your data to be transferred to the USA, please do not use the SelfieCop service.
We have made special effort to make this policy easy to read. Please take time to go through it. It will help you to understand:
When installing the Parent-App and Parent-App you will see text that reads:
If you 'tick' the check-box, you are indicating your consent for SelfieCop Limited to process information in the manner described in this document and that you will comply with your own responsibilities.
For example, by consenting to this policy you agree that SelfieCop can do the following with you & your child's information:
A full description of everything we do with your information is below. Please read it carefully.
If you do not agree with this policy, DO NOT tick the check-box.
Version 1.0 | Effective 1st September 2015
In order to function as intended, the SelfieCop Service must collect, combine, use, store and disclose some parts of a Child's personal information. In particular, this includes a Child's photographs or videos.
It is our intention that the identity of an individual Child should not be easily established by anyone with access to the limited information we collect and process.
To that end, we have implemented measures that ensure information is dealt with confidentially and securely. For example, no-one at SelfieCop can view a Child's photos or videos. This is because all photos or videos are encrypted and we do not have access to the decryption keys.
However, in some limited situations, the information we collect or process could lead to the identification of an individual Child. (Full detail of all information we store or process is provided below.)
As a result, your consent (as the Child's Parent) is required in order for this Service to operate.
To find out more about the meaning of each term, click on the links.
In order to use the SelfieCop Service you must download and install the Child-App & Parent-App. You install the Child-App onto your Child's device. You install the Parent-App onto your (the Parent's) own device.
During installation and set-up, the SelfieCop Service collects certain information about you (the Parent) and your Child, as described below.
In order to install the Apps, Parents are required to provide the following information during set-up:
The information in the paragraph above is necessary to provide the SelfieCop Service. The SelfieCop Service aims to:
Yes. Without it the installation of the Apps cannot be completed.
SelfieCop also collects information from the device upon which the Parent-App is installed, i.e. the Parent's device:
This data is used for customer support, data security and for the development of the SelfieCop Service.
For example, this information allows us to understand how many types of device SelfieCop must support (business analysis purposes) and to help track performance on different devices (information about products and services).
Yes. Without it SelfieCop won't be able to provide you with the best service. If you don't want to provide us such data, you won't be able to use the service.
SelfieCop relies on "symmetric" encryption to work. An encryption key (called a "secret key" in the App) is automatically generated by the Parent-App during set-up.
For the SelfieCop Service to work, the encryption key generated by the Parent-App must also be manually input into the Child-App. This is the last step of set-up and ensures both Apps are in "symmetry" regarding encryption.
The Child-App can then encrypt photos/videos and the Parent-App decrypt photos/videos using the same key.
Important: Encryption keys are secret and must only be shared the Child-App you wish to link to. Never disclose an encryption key to anyone or write it down. You do not need to remember your encryption key. A new key can be generated at any time.
Note: A new encryption key may be generated on the Parent-App at any time. However, whenever a new key is generated, the old key is immediately deleted. This could cause the Parent-App and Child-App to go "out-of-symmetry". As such, the new key must also immediately be input to any Child-App the Parent-App is linked to.
In order to use SelfieCop Service you must download and install the Child-App onto your Child's device. During installation and set-up, the SelfieCop Service collects certain information about your Child, as described below.
In order to install the Apps, the SelfieCop Service collects confirmation of your Child's "acceptance" or "refusal" of consent to use the SelfieCop Service.
As noted above, in the event your Child's refuses consent to use the SelfieCop Service, SelfieCop will also record (if applicable) your intention to "override" that refusal.
This is referred to as the "Child's voice" and is used to record your Child's consent (or refusal) to use the SelfieCop Service.
Yes. This information is necessary to provide you the Service.
In order to function as intended, the SelfieCop Service routinely collects and processes information as follows:
This is used to deliver the core SelfieCop Service. This is in order to:
Yes. This information is necessary to provide you the Service. Without it, the Service does not work.
From the device upon which the Child-App has been installed, SelfieCop also collects and uses the following information:
This data is combined with (i) the date and time an encrypted file is stored and (ii) the link to the encrypted file mentioned in the paragraph above, and used for:
In addition, knowing which other Apps your Child has installed allows SelfieCop to:
Knowing the date & time each Child-App is installed allows SelfieCop to:
Retaining a record that SelfieCop Child-App is "live" every 10 minutes allows SelfieCop to:
Yes. Without it SelfieCop won't be able to provide you the best service. If you don't want to provide us such data, you won't be able to use the service.
Note: SelfieCop does NOT contact children for marketing purposes.
During set-up you (the Parent) must send at least one SMS message from your device to your Child's device. This is in order to assist set-up and create a valid link between devices (as described below).
To this end, the SelfieCop Service requires you (the Parent) to insert your Child's phone number into the Parent-App. The Child's phone number is used to:
As noted, when sending the SelfieCop temporary Parent-App Identity Code, the source number (Parent's number) is recorded by the SelfieCop Child-App on the Child's device. In addition, the destination number (Child's number) is recorded by the SelfieCop Parent-App on the Parent's device.
The phone numbers are recorded in order to allow the Parent and Child to visually validate that the correct link has been created. (As noted, neither number is recorded by the SelfieCop Central Customer Database.)
SelfieCop does not use your Child's information to identify him/her or monitor his/her habits.
In addition, we do not monitor your (the Parent's) habits.
NOTE: The Parent's primary duty when using SelfieCop is to consider the best interest of their Child. Parents are encouraged to speak with their Child about safe camera usage and to regularly review the need for the SelfieCop Service.
SelfieCop transfers, stores and further processes you and your Child's information in the United States of America, at the data centres operated by our host-provider Liquid Web.
Liquid Web agree to co-operate and comply with the EU and/or Swiss Data Protection Authorities & Law.
NOTE: A Certified Partner is an entity that has to comply with strong and rigid security measures (technical security measures and organisational measures). We require that Certified Partners:
With the exception of the above SelfieCop does NOT sell, rent, give, disclose or make available by any other way you or your Child's personal data.
Regarding information that does NOT identify you or your Child (anonymized data) SelfieCop may disclose it to third parties for analytics, marketing, research and other purposes.
SelfieCop has taken administrative, technical, physical and procedural security measures, including encrypting your information during transmission, to protect you and your Child's personal information.
Namely, SelfieCop staff cannot view the visual information of the photos or videos processed by the SelfieCop Service, since it cannot access the associated encryption keys.
Additionally, only Authorised Persons have access to personal data/information; whilst Certified Partners may be granted access only for a period required to complete specific tasks, e.g. development, analytics.
All processing takes place subject to a contract between SelfieCop and Certified Partners that specifies, namely, the following:
SelfieCop takes reasonable steps to ensure compliance by Certified Partners with the best international standards applicable.
You have the right to contact us to update, correct and request removal of inaccurate personal data we have about you or your Child.
You can review some of personal information you have provided us and make any reasonable desired changes by visiting the Child-App's or the Parent-App's Settings.
You also have the right to access to your personal data we hold about you or your Child.
To request it, please write to us at:
38 The Waterside
Please send us the following information together with your letter:
We will respond within 40 days.
You can refuse to allow any further collection or use of your of your Child's personal data. You can also request us to delete you or your Child's personal data.
Parent's email, parent's device number and password are deleted from the SelfieCop central customer database 6-months after the last recorded usage of an app or 6-months after service cancellation. (On the device this data is deleted when the user uninstalls SelfieCop.)
Encrypted image files are deleted from each step of the SelfieCop Service as they are processed. This includes:
This data is anonymised for individual records 6-months after the last recorded usage of an App, or 6-months after service cancellation.
Unique Identity Code has different data retention periods depending on the purpose for which it is used:
In order to initiate the process of creating a link between a Parent's device and Child's device, a temporary Parent-App Identity Code is sent from the Parent's device to the Child's device via SMS.
The temporary Parent-App Identity Code is then visible in plain-text format in the list of SMS messages on both the Parent and Child's device. When received by the Child's device and recognised by the Child-App, the code is uploaded to the SelfieCop Central Customer Database for processing.
After processing the temporary Parent-App Identity Code is deleted from the SelfieCop Central Customer Database when a link between the Parent-App and a Child-App is created.
The temporary Parent-App Identity Code must be manually deleted from the list of SMS messages on both the Parent and Child's device by the Parent.
All data is deleted 6-months after the last recorded usage of an App.
Individual data may be stored for longer than 10 minutes in instances of a record not being successful, i.e. if it appears a Child's device is not "live". In this event, the time/date of the last record is stored until a new record is received. When a new record is received, stored data is deleted.
In the Child-App, this data is deleted 6-months after the last recorded usage of the App, or 6-months after cancellation of the service.
On SelfieCop's central customer database, this data is deleted a maximum of 40-days after entry (if no request is made by the Parent-App to download this data).
A new encryption key may be generated on the Parent-App at any time. Whenever a new key is generated, the old key is immediately deleted from the Parent-App. To permanently delete all keys, uninstall the App.
To delete an encryption key from a Child-App, the Parent may:
Note: Encryption keys are not stored at the SelfieCop central customer database.
It is important to note that the SelfieCop Service may process images that contain personal data of your Child, your Child's friends and/or of Third Parties.
For example, when your Child takes a photo of a friend (who is identifiable by his/her face or a tattoo) that photo will be sent to the Parent-App through the SelfieCop infrastructure.
SelfieCop is not able to identify, avoid or block those situations. Neither is it able to obtain your Child's friend's consent or (friend's parent's consent) to process your Child's friend's personal data.
To minimize the risk of processing Third Parties' personal data, SelfieCop has included "privacy-by-design" principles in this Service. For example, this includes:
Protection of your Child's personal data and Third Parties' personal information is not only in SelfieCop's hands, but also in the hands of Parents who use the SelfieCop Service.
As such, and for the protection of your Child and Third Parties we created the following Privacy Related Obligations.
By accepting the present document, you consent, accept and agree to be solely responsible, accountable and liable for the following privacy related obligations:
Note: if a Parent receives an image that gives him cause of concern and copies it or forwards it to anyone, the Parent could be guilty of a Criminal Offence under child protection laws. Parents should report images of concern to the relevant law enforcement authorities.
By providing Consent, you are solely responsible for all liability that results with respect to any unpermitted or illegal use of the SelfieCop Service by any person that uses the device on which the Child-App or the Parent-App is installed, including yourself.
To the fullest extent allowed by applicable law, SelfieCop disclaims all warranties of every nature relating to privacy or the right to the protection of personal data of Third Parties, the Child, the Parent and/or any possible user of SelfieCop Service, without limitation, including implied warranties, providing the SelfieCop Service as it is.
SelfieCop shall not be liable to you or any Third Party, or any nature or legal person for any damages of any kind that arise out of or related to the SelfieCop Service, even if SelfieCop has been advised of the possibility of such damages.
You Consent, agree and recognize SelfieCop's right to determine the form and means of providing notifications to you, and you agree to receive legal notices electronically if SelfieCop so chooses.
If a revision is material we may notify you (at our sole discretion) and we will post a prominent notice on our website at www.selfiecop.com prior to the change becoming effective.
If the change would have the effect of introducing a purpose for the use of your personal data, which is inconsistent with this notice, and where required by applicable law, SelfieCop will either notify you or provide you with an opportunity to opt-out from such use.
If you have any questions, please contact us:
38 The Waterside
A "Parent" or "you" is the user of the SelfieCop Service that has confirmed themselves to SelfieCop to be the father, mother or legal guardian of the Child (minor) who Consents to use the SelfieCop Service in support of the Child's best interest.
The "Child" is the person (considered a minor under the applicable law) who requires the use of the SelfieCop Service to ensure her/his best interest and for whom the "Parent" has confirmed themselves to be the father, mother or legal guardian thereof.
A "Third Party" is any person, other than the Parent and/or the Child, whose personal data is captured by the device on which the Child-App is installed (e.g. a person whose identifiable face appears in a photo or video taken by the device upon which the Child-App is installed).
Any information relating to an identified or identifiable individual, such as faces, names, phone number, email, address, etc.
An entity that has to comply with strong and rigid security measures (technical security measures and organisational measures). We require that a "Certified Partner" (i) keep your personal information secure and confidential and (ii) use it only on our behalf.