We respect your privacy and we are committed to protecting your personal data. This policy will tell you how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
Have a look at the glossary to understand the meaning of some of the terms we've used in this policy.
INFORMATION WE COLLECTION:
When you visit our website, our servers may automatically log the standard data provided by your web browser. This data is considered “non-identifying information”, as it does not personally identify you on its own. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
We may also collect data about the device you are using to access our website. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.
We may ask for personal information, such as your:
This data is considered “identifying information”, as it can personally identify you. We only request personal information relevant to providing you with a service, and only use it to help provide or improve this service.
How we collect information
We collect information by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used. You are free to refuse our request for this information, with the understanding that we may be unable to provide you with some of your desired services without it.
Use of information
We may use a combination of identifying and non-identifying information to understand who our visitors are, how they use our services, and how we may improve their experience of our website in future. We do not disclose the specifics of this information publicly, but may share aggregated and anonymised versions of this information, for example, in website and customer usage trend reports.
We may use your personal details to contact you with updates about our website and services, along with promotional content that we believe may be of interest to you. If you wish to opt out of receiving promotional content, you can follow the “unsubscribe” instructions provided alongside any promotional correspondence from us.
Data processing and storage
The personal information we collect is stored and processed in Gibraltar, or where we or our partners, affiliates and third-party providers maintain facilities. We only transfer data within jurisdictions subject to data protection laws that reflect our commitment to protecting the privacy of our users.
We only retain personal information for as long as necessary to provide a service, or to improve our services in future. While we retain this data, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure, and cannot guarantee absolute data security.
If you request your personal information be deleted, or where your personal information becomes no longer relevant to our operations, we will erase it from our system within a reasonable timeframe.
Third-party access to information
We use third-party services for:
Advertising and promotion
These services may access our data solely for the purpose of performing specific tasks on our behalf. We do not share any personally identifying information with them without your explicit consent. We do not give them permission to disclose or use any of our data for any other purpose.
We may, from time to time, allow limited access to our data by external consultants and agencies for the purpose of analysis and service improvement. This access is only permitted for as long as necessary to perform a specific function. We only work with external agencies whose privacy policies align with ours.
We will refuse government and law enforcement requests for data if we believe a request is too broad or unrelated to its stated purpose. However, we may cooperate if we believe the requested information is necessary and appropriate to comply with legal process, to protect our own rights and property, to protect the safety of the public and any person, to prevent a crime, or to prevent what we reasonably believe to be illegal, legally actionable, or unethical activity.
We do not otherwise share or supply personal information to third parties. We do not sell or rent your personal information to marketers or third parties.
Limits of our policy
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
Changes to this policy
Your rights and responsibilities
As our user, you have the right to be informed about how your data is collected and used. You are entitled to know what data we collect about you, and how it is processed. You are entitled to correct and update any personal information about you, and to request this information be deleted. You may amend or remove your account information at any time, using the tools provided in your account control panel.
You are entitled to restrict or object to our use of your data, while retaining the right to use your personal information for your own purposes. You have the right to opt out of data about you being used in decisions based solely on automated processing.
Feel free to contact us if you have any concerns or questions about how we handle your data and personal information.
Inc. Outside The Box Data Controller
This policy is effective as of 01 October 2021
We encourage parents to engage with us in protecting their children’s privacy, ensuring a safe and enjoyable online experience.
Collecting information from children
At times, we may require information from children to enable participation in certain activities, for example, registering an account, customising a profile, or receiving notifications. When collecting non-personal information, we encourage children never to provide any details that may personally identify them or reveal their location. We do not require children to provide more information than is necessary to participate in an activity.
We do not use children’s contact details for marketing purposes, though we may use them for our internal marketing and research in order to improve the quality of products and services offered across our site.
In accordance with COPPA, if an activity does require any personal information (such as first name, last name, or email address), we will provide notice to and seek consent from a parent or guardian prior to collecting the information. We only retain collected information for as long as necessary to enable participation in the requested activity.
In the event we discover we have collected personal information in a manner non-compliant with COPPA, we will either delete the information or seek parental consent.
As a parent/guardian, if you believe your child is participating in an activity that collects personal information, and you have not received a notification or request for consent, please feel free to get in touch via our contact page https://www.incoutsidethebox.com/. We do not use parent contact details for marketing purposes unless marketing materials are explicitly requested.
Safeguarding children’s privacy
We take security seriously, and do what we can within commercially acceptable means to protect your child’s personal information from loss or theft, as well as unauthorised access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure, and cannot guarantee absolute data security.
Information abuse and community misconduct
We do not tolerate doxing (publishing of private or personal information about an individual without their consent), cyberbullying, or other forms of information abuse on https://www.incoutsidethebox.com/.
If we discover that a child’s personal information has been disclosed on our site without the express consent of their parent/guardian, we will remove the content in question as quickly as possible and effect disciplinary measures (a warning, suspension or ban) on the offending account.
Third-party access to information
We do not knowingly disclose any personally identifying information or personal information provided by children to third parties. We may, however, disclose anonymised and aggregated versions of this information (analytics and statistics) for business, marketing or public relations purposes.
Parental controls and intervention
As a parent/guardian, you may at any time refuse to let us collect further information from your children for a particular activity or account. If you have given us consent previously, you may log in to your child’s account to review, edit or delete the information, or contact us via to request the removal of the information from our records.
Please be aware that the removal of certain information may result in the termination of the associated account, or withdrawal from the associated activity.