Privacy Policy

Privacy Statement

We take safeguarding online privacy seriously. Please read the whole of this statement carefully as it sets out what information we may collect from you, how we may use it and your rights in respect of our use and the key details of our privacy policy.

From time to time, we may need to change our privacy policy because of changes in our organisation, legislation or in our attempts to serve your needs better. We will use reasonable efforts to publish any changes to our privacy statement. 

Social Blox, trading as myPTA, is responsible for collecting, processing, storing and safe-keeping personal and other information as part of providing a service and carrying out our regular business activities. We manage personal information in accordance with the Data Protection Act 2018.

Any questions regarding our processing of personal data should be directed to us via email to info@mypta.co.uk 

The following policy applies to the use of our site and/or App.

Scope

Our Privacy Statement governs any kind of processing where we are acting as a data controller or co-controller (including collection, use, transfer, storage and deletion) of personally identifiable information (any information that may be used to identify a physical person, and any other information associated therewith) about natural persons. This statement applies to our processing of data collected through any means, actively as well as passively, from persons located anywhere in the world. 

We are guided by the following principles when processing data:

  •     We will only collect data for specific and specified purposes; we will make it clear at the point when we request your information, what we are collecting it for and how we are going to use it;

  •     We will not collect data beyond what is necessary to accomplish those purposes; we will minimise the amount of information we collect from you to what we need to deliver the services required;

  •     We will collect your personal information only if we have sensible business reasons for doing so, such as ensuring you are able to sign up to and fully access the service;

  •     We will not use your data for purposes other than those for which it was collected, accepted as stated within our policy, or with your prior consent;

  •     We will seek to verify your data upon registration;

  •     We will apply high technical standards to make our processing of data secure;

  •     Except otherwise stated, we will not store data in identifiable form longer than is necessary to accomplish its purpose or as required by law.

Information Collected

The information we may collect about you could include, but is not limited to:

  • Personal details such as your name and email address

  • User agents

  • IP addresses

  • Firebase installation IDs

  • Crashlytics Instalaltion UUIDs  to assess whether people are crashing when using the site/App

  • Crash traces

  • Breakpad minidump formatted data (for NDK crashes only)

If we obtain special category data from you, we will always get your consent first.

We will collect information from you when:

  • You download our App

  • You contact us for information via our website or social media channels, by phone or email

  • You post on our social media channels, website or blog

  • You work with us in a commercial capacity

  • You register via our website

We may use the information collected to:

  • Allow you access to our App and Admin Panel 

  • Create a profile for you on our site or App

  • Ensure that content from our site is presented to you in the most effective manner for you and your computer

  • Allow you to participate in the service you have chosen to do so

  • Notify you about changes to our service

  • Enable end-user authentication and facilitate end-user account management

  • Provide added security and prevent abuse during sign up authentication

  • Process and debug crashes

Information Storage

If you provide us with your email address when registering on our website it will be stored, along with your first name and surname via Mailerlite.  Mailerlite have their own privacy policy and will protect your data. You can find out more here: https://www.mailerlite.com/legal/privacy-policy

When you download the myPTA App your personal information including your name, email address will be accessed and stored by Apple and/or Google.  If you are already an Apple or Google Pay user, your billing details will already be stored with Apple and/or Google, and can be used when you make purchases, pay for events or make a donation via myPTA to your school’s PTA account.   myPTA will never have access to your billing information or card details and no-one from our company will ever request such information. 

If you prefer to pay for your purchases or donations by credit or debit card rather than Apple or Google Pay, you will be able to do so via Stripe.  Stripe is an online payment processing system and have their own privacy policy which can be accessed here: https://stripe.com/gb/privacy 

We use Firebase to enable end-user authentication and facilitate end-user account management. Firebase Authentication keeps logged IP addresses for a few weeks. It retains other authentication information until the Firebase customer initiates deletion of the associated user, after which data is removed from live and backup systems within 180 days. Firebase retains Firebase installation IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days.

Firebase Cloud Messaging uses Firebase installation IDs to determine which devices to deliver messages to. Firebase retains Firebase installation IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days.

Firebase Crashlytics uses crash stack traces to associate crashes with a project, send email alerts to project members and display them in the Firebase Console, and help Firebase customers debug crashes. It uses Crashlytics Installation UUIDs to measure the number of users impacted by a crash and minidump data to process NDK crashes. Firebase Crashlytics retains crash stack traces, extracted minidump data, and associated identifiers (including Crashlytics Installation UUIDs) for 90 days.

We will never sell or share your personal information with third parties.

Legal Basis for processing your data

The General Data Protection Regulation (GDPR) provides that processing of your data shall only be lawful if and to the extent that at least one of the following applies:

  • You have consented

  • For the performance of a contract

  • For compliance with a legal obligation which we must perform

  • To protect vital interests of your or another person

  • It is in the public interest

  • It is in the legitimate interests pursued by us or a third party

We collect data for the purposes set out above. Data is managed to ensure that it is either erased from our system when it is no longer required for the purpose for which it was collected, retained for legal reasons or minimised and retained. 

Website analytics & targeted marketing

We use website analytics to provide the best user experience and service to you and to evaluate and improve our site. We utilise third party data analytics service providers, google analytics and Facebook pixel, to improve our visibility and to monitor website browser behaviour and navigation across our site.

These third-party data analytics service providers collect this information on our behalf in accordance with our instructions and in line with their own privacy policies. Our service providers may collect the following data about the way you use our site, which will almost always be anonymised and aggregated before reporting back to us:

  • Number of visitors to our site

  • Pages visited whilst using the site and time spent per page

  • Page interaction information, such as scrolling, clicks and browsing methods

  • Source location and details about where users go when they leave the site

  • Page response times and any download errors

  • Other technical information relating to end user device, such as IP address or browser plug-in

Policy Details

We continually review our privacy practices and may change our policy and privacy statement from time to time. When we do this an amended privacy statement will be placed on our website at https://mypta.co.uk and will be accessible from the App.

This privacy notice was published in February 2024

If you are concerned about how we are collecting, using and/or sharing your personal information, you can contact us at info@mypta.co.uk