We process your learning behaviour to help you learn better. MemoryLab adapts based on your learning behaviour, like the speed and accuracy of your answers. We may process this information to improve the system, or – without anyone being able to recognize you in it – to make statements about the learning behaviour of larger groups of people.
To comply with privacy legislation, it is important to know whether you are younger than 16 years old. We store your screen name and email address to ensure that you can log in and change or retrieve your password if you have forgotten it. We will only use your personal information for purposes related to your use of MemoryLab, for example to notify you of important changes or to contact you if necessary. We will never provide your personal information to other parties or use it for commercial purposes.
1. Introduction: Who is MemoryLab?
SlimStampen BV ('Company', 'we', 'us', 'our', 'MemoryLab' or 'SlimStampen') is a company established in the Netherlands that uses the trade name MemoryLab. MemoryLab operates under Dutch law. Our office is located at Stationsstraat 10 in Groningen (9711 AS), the Netherlands. We are registered with the Dutch Chamber of Commerce (KVK) with KVK-number 81374755. If you have any questions or concerns, please contact us at firstname.lastname@example.org.
2. Personal information
To use our Services, you must create a MemoryLab account. You must create a personal profile for this. You can change the information you provide at any time.
We process the following data provided by you:
Year of birth*;
Email contact preference;
Profile picture (optional).
*If you are under 16 years old, your parent(s)/guardian(s) must give their permission to create an Account for you.
Your e-mail address is required to ensure that (only) you can log in, and possibly change or retrieve your password if you have forgotten it. We will never provide this information to other parties. We may use it, for example, to occasionally alert you to important changes in the system, or to contact you if this is necessary for the proper use of MemoryLab.
We also use the above information to tailor MemoryLab more to you as a user. We use your year of birth to know which Services are relevant to you. You can create a screenname and add a picture to personalise your profile. In short, we process your information because it is important to us to make our Services as easy and useful as possible for you.
No sensitive information processing.
In accordance with privacy laws, we do not process sensitive information such as someone’s race, religion or health.
3. How and why do we process your data?
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
To make adaptive learning possible
MemoryLab adapts based on your previous learning behavior. That is why we store that learning behavior as:
what you answered;
how long it took you to do so;
practice time per exercise;
which fact lists were practiced;
when you practised
We only use this data to improve the system, or – without anyone being able to recognize you in it – to make statements about the learning behaviour of larger groups of people. For this it is important to know your age, so that is why we ask your year of birth too.
To deliver and facilitate delivery of services to you
When you practise with MemoryLab lessons, we keep track of how you practise. This information is also stored in our systems and used to analyse, optimise and improve MemoryLab. In addition, some of your usage information is necessary to be able to offer you the Service. For example, you can favourite, create and share lessons and lesson groups. You – and with your consent, the lesson’s instructor – can view your practise results on the statistics page.
We temporarily collect anonymous error information to help us ‘debug’ (solve) problems, so we can see how problems have arisen. This information contains your IP address (the number of your computer that makes it possible to recognize your computer), and the type of browser (the computer program to view internet pages). It is automatically removed after 14 days. The processing of this information is necessary to securely and correctly offer our Service and will not be used for any purpose other than debugging problems.
To send newsletters
You can sign up for our newsletter. If you (or your parent/guardian) have signed up for the newsletter, we will send emails to the email address you provided. We may use your name to personalize the newsletter. You can unsubscribe at any time using the unsubscribe option offered in each email. You will then be removed from the emailing lists.
To enable the use of third-party software
We do not share personal data with third-party software providers. However, there are some third parties who perform Services for us or on our behalf and require access to certain information to do that work. The third parties we use include the following:
User Account Registration and Authentication – For example Google OAuth 2.0, Facebook Login and Microsoft Login
Converting speech to text – Google Speech-to-Text
When you say your answer out loud during a speech lesson, your speech is converted to text using Google’s Speech-to-Text service so we can determine whether the answer was correct.
Cloud computing services –Microsoft Azure
To insure an industry standard application and provide you with our Service, our software’s storage and hosting is handled through the Microsoft Azure Cloud service. Microsoft does not share your data with advertiser-supported services, nor do they mine it for any purposes like marketing research or advertising.
- Email list and newsletter management – Brevo
4. What legal bases do we rely on to process your information?
If you are located in the EU or UK, this section applies to you.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:
Consent. We may process your information if you have given us permission (i.e. consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:
Analyse how our Services are used so we can improve them to engage and retain users
Understand how our users use our products and Services so we can improve user experience
Improve the system, or – without anyone being able to recognize you in it – to make statements about the learning behaviour of larger groups of people.
Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
5. What are your rights?
In some regions (like the EEA and UK), you have certain rights under applicable data protection laws. These rights are outlined below. We will consider and act upon any request in accordance with applicable data protection laws.
If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you are located in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.
5.1. Right of access
You can ask us whether we store your personal data. If we process the data, the request is not excessive and sharing the data does not violate the privacy of others, we may send you a copy of that data.
5.2. Right to rectification
You can make changes to correct incorrect personal data yourself directly in your Profile.
5.3. Right to erasure
You can ask us to delete (certain) personal data about you. If we comply with your request, we will delete that personal data. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.
5.4. Right to restriction of processing
You can ask us not to use your personal data for a while. This means that if we comply with your request, we will not use your personal data for a certain period of time unless this is permitted by law.
5.5. Right to data portability
You can ask us to send you your data so that you can easily give it to another party (data portability). If we comply with your request, we will provide the data to you so that you can give it to a third party,
5.6. Right to object
You can object to the use of your personal data in certain cases, for example if we use your personal data for our interest.
5.7. Right to a human eye when making decisions
Privacy related decisions regarding your data will not be automated. Your request will always be reviewed by a person.
5.8 Right to withdraw your consent
You have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us or removing your account on the ‘Profile’ page. However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
6. How long do we keep your information?
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
7. How do we keep your information safe?
We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
8. Do we make updates to this policy?
If you have any questions about your privacy or this policy, please let us know by sending an email to email@example.com.
Last updated: September 19, 2023