PRIVACY POLICY

Who are we?

We’re the Children’s Intelligence Agency - a top secret network of child spies. We investigate global mysteries, fake news, criminal networks, homework crimes and what-not-not-you will-never-know. When we talk about ‘us’ or ‘we’, we’re talking about the CIA. When we mention the ‘CIA Platform’, we’re talking about our website or the app. When we talk about ‘our agents’, or ‘you’, or ‘fartmaker3.4’, we’re talking about you.

We have your data, Agent

IT'S VERY IMPORTANT THAT YOU READ THIS

Secret agents need to stay sharp, and that includes knowing about the data that you give away online. Even the CIA collects data from you, and only you have the power to control it. This is also true on every other website that you visit. You’re always in control of your own data.

But what is data?

Data is made up of facts and numbers and statistics, like your name, your favourite flavour of ice cream, and how many hours of TV you watch. People can use this information to find out what the most popular flavour of ice cream is, or whether people watch more TV in the summer or the winter. Data is usually kept in the form of numbers, like these ones: 4-18-15-14-5 24-1-19 8-5-18-5.

Our Privacy Policy

We collect your data to make sure that we can help you: in the field, online, and even on the toilet. We wrote this Privacy Policy to explain what information we collect, why we collect it, how we use it, and how we keep you safe.
Never sign up to things you don’t understand, you don’t agree with, or you haven’t read. If you don’t read things properly, you might miss sneaky rules or secret clues. For example, there might be a rule that tells you to do five star jumps whenever you hear the word ‘Banana’. You wouldn’t agree to that, would you? Or there could be a special code hidden somewhere REMEMBER A = D .

This Privacy Policy is only for the CIA Platform. It does not apply to any other websites or apps that we link to. If you use the CIA Platform, then you agree to the rules that we’ve written here. If you don’t like these rules, then you shouldn’t use our site. Feel free to tell us why you don’t like them by emailing us at [email protected]. Why is our favorite thing to know.

Why do we have your data?

Great question. Lots of good questions start with why. The European Commission calls us a data controller. This means that:

  • We collect your data
  • We decide what it’s used for (for example, so we can say hello to you when you log into the CIA)
  • We get to choose how to process it (for example, we save your name on a big spreadsheet)

We use your data for four main reasons:

1. So you can access the CIA Platform

Agents can create a profile on the CIA Platform. Your profile is top secret - the only personal information we collect is from your trusted adult. We don’t share it with anyone else, or with any other agents. Secret agents should always keep their identity secret, so don’t use your real name, or any other information that could give away your identity or location.

Your CIA profile shows:

Your Agent Name (AGAIN: this shouldn’t be your real name) / Your Avatar (no personal information here, either) 
/ The missions, levels and tasks that you’ve completed 
/ The badges, stickers and rewards that you’ve collected

We do not upload or store any voice or sound recordings that are recorded in the app.

If you forget your emoji-code password, then we can use your trusted adult’s email address to reset it.

Data used: your email address and agent name

2. So we can improve the CIA

We might also collect data on how our agents use the CIA Platform. For example:

  • What do you use to log on (is it a mobile, laptop, or tablet?)
  • What browser do you use?
  • What operating system do you use?
  • What language are you using on your computer?
  • Which parts of the Platform did you go to?

This non-personal information helps us to improve the CIA Platform, and gives you the best experience possible. For example, if we know that you don’t like missions involving socks, then we won’t send you any more missions involving socks (unless saving the world depends on it).

Also, if something breaks on the CIA Platform, then this data can help us to fix it. If you find that something is broken, then let us know here. Or send a carrier pigeon. Whatever is quicker.

We use cookies to get this information. Not the edible kind, but computer cookies. This is a type of digital sticker that a website puts on you.

If you come back again, then the website will remember. You can read our Cookie Policy for more information.

Lastly, we use this data to explain what we do, especially when we’re talking to a grown-up. We can’t just tell them that the dog ate our data.

Data used: How you use the CIA Platform

3. So we can help you

We use your information when you ask us for help. Whether you’ve lost your invisible pen, or can’t find the REDACTED, we are here to support all your technical needs.

CIA agents can also contact us directly, and give us personal information. Some agents (you know who you are) submit mission reports to our public email address, or send post to our public post address.

If you’ve sent in a mission report, with your details, then we will always reply. ESPECIALLY if it’s written in code.*

Data used: Agent profile and personal information

* According to American law (COPPA), this falls under the one-time use exception.

4. Because we have to

Sometimes we get asked questions by lawyers, or other people in charge, to make sure that we’re dealing with your data correctly. Any data that we share with other people/companies is completely anonymous.

We can may combine all the information we collect from you, or receive about you, for any of the reasons mentioned above.

FYI: We use other software too

As we can’t make everything ourselves, we use these other things to help us improve the CIA Platform:

  • Google Analytics lets us see what agents do at the CIA. You can choose to remove yourself from Google Analytics by visiting: https://tools.google.com/dlpage/gaoptout
  • Unity Analytics keeps track of what agents are doing on the app
  • Google Firebase stores agent names and agent progress
  • Copper keeps track of your trusted adult’s email address. This is our CRM (does not stand for Cryptic Robotic Mammals) system
  • Furniture isn’t a real type of software, but well done for paying attention. Email the CIA with the word ‘furniture’, and you will receive a top secret spy reward
  • Mailchimp helps to store your email and send out missions and CIA intel
  • Typeform lets us accept mission reports

All of these have their own privacy policies (yes, all of them). We conduct top secret security checks to make sure these services handle your data safely.

Want to know more? Excellent. Please contact us at [email protected].

Don’t worry, Agent. We always keep your data safe

1. Data is on triple lockdown

The CIA takes every precaution to protect against loss, misuse, unauthorised access, disclosure, alteration, digestion or destruction of data.

The security protocols include, but are not limited to:

The security protocols include, but are not limited to: Encrypted information / 
Robotic spiders / 
Digital banana peels

Despite our best efforts, no security measure is ever perfect or impenetrable, and we are always on the lookout for new ways to protect the CIA. Please send in your ideas.

2. We use a lot of secret codes

The Department of Encryption encourage Fartmaker3.4 to use the following codes:

Caesar Shift: shift the alphabet by three so A=C, B=D etc. / 
Vigenère square: write a phrase at the beginning of the alphabet to shift it all along / 
Hieroglyphics: use symbols instead of letters / 
The CIA-Cypher: this code is so secret that if you learnt what it was, your REDACTED might fall off

3. We don't share unless we have to

The CIA does not sell, trade, or rent any of your personal information to others. Sometimes we have to share your data, because the law says that we have to. The law is set by grown-ups. Some laws are reeeeally old, like laws about handling salmon under suspicious circumstances. Other laws are really new, like laws about stealing people’s online identity. And some laws don’t even exist yet, like laws about robot rights.

In other words, there are a lot of reasons why we may need to share our data. It may even be to protect ourselves. But we only do it if we absolutely have to.

Sometimes we will share your data if we’re working with someone else, but only if we have to. And when we do we make sure they agree treat your data the same way we do.

We might share images sent to us online, or on the CIA Platform. For example, we often share interesting gadget prototypes by posting them on the CIA Platform, but personal details are always hidden. We’re a spy organisation, after all.

4. Other agents can't see your data

Gxh wr wkh wrs vhfuhw-qhvv ri wkh fld, djhqwv duhq’w deoh wr vhqg sulydwh phvvdjhv ru kdyh sulydwh fkdqqhov rq fld sodwirupv. brx fdq’w vhdufk iru rwkhu djhqwv hlwkhu.

5. We only keep your data while you’re an agent

As long as you’re an agent, the CIA will keep your data.

If you decide you no longer want to be an agent, then you can ask us to remove all your data. If you no longer want to be an agent, and you don’t tell us, then we will keep hold of your data (for a reasonable time just in case you want to join us again in the future).

6. Even if it's leaving Europe

We are an international organisation, so sometimes your information leaves Europe. Sometimes it even leaves this planet.

This lets us communicate with other partners and service providers around the world (and beyond). We do this so we can make sure that the CIA Platform works for agents everywhere. Outside of Europe, different rules apply, so we take precautions to make sure that your data is still protected wherever it travels.

7. Even if it’s in California

Our intel shows us the following information about California:

  1. One out of every eight United States residents live in California
  2. There are no hippos in California
  3. If you live in California, you can request your data once a year. This data will include all the information we share with other companies about you. If you want, email us at [email protected], and include your California address along with your own fun fact about California. Please give us up to 30 days to respond.

If you don’t like the sound of this, then you always have the power to change it

You can change your data

You are in control of your own data. Agents can review, modify or correct any personal information that we (or anyone else) has about them. Of course, we always need to check that you are who you say you are. This may or may not include asking for your user ID, your agent number, your elbow print, or the first three lines from your favourite book.

Your trusted adult can change your data (which is why they’re trusted, obvs)

Your trusted adult can also request information about your agent account, but non-authorised adults may not have this information. We reserve the right to steal their hat if they try to get hold of it.

Depending on the device which you are using to complete your missions, you may have the right to request your data in a way that you can transfer onto another platform.

You can ask us not to share your data

At the CIA, we only share your data if we have to. As it’s your data, you have the right to remove it too. You can request this from any organisation or platform that has your data.

But...

To be an agent of the CIA, we do need some of your information. If you want us to delete all your information, then we may have to also delete your account on the CIA Platform. Even if you ask us to delete your data, we will sometimes have to keep your data for legal reasons.

WARNING: This policy could self-destruct (or change) at any moment

Changes to this Privacy Policy can be made at any time.
Anytime we do update it, we will try our best to let you know.
Noises, flashing lights and contacting your trusted adult are a few ways that we may do this.
You can contact us at any point to ask about when the last time this policy was updated.
Only the CIA has the power to change this Privacy Policy…
Unless you can work out how to edit it yourself.
Respectfully, we try not to change too much.
Everyone who has known us for a while will agree with that.
Agents are also able to send us suggestions to improve our privacy policy.
Do not worry: we only accept the best suggestions.
That means we don’t include suggestions from Shelly Inc.
However, we always try to include a secret code in every update.
In special cases, we even add a random word at the end, to make sure that you’re paying attention.
Sausages.

Question everything

We encourage all agents to question everything (including us), so if you think something that we’re doing is wrong, or if you disagree with us, then let us know at [email protected]

If you have any questions, you need information, you need help, you have a spy invention, you’ve created a self-ottering otter, or you’ve spotted something suspish, then please contact us at [email protected], or send us post at:

Privacy, Children’s Intelligence Agency,
69 Old Street,
London,
EC1V 9JB
UNITED KINGDOM

If you want to speak to someone else about your data, who is outside of the CIA, then you can contact the people who work with the government to look after information. They’re called the Information Commissioner’s Office (ICO). Call them on 0303 123 1113, or contact them using their live chat service (but always get the permission of a trusted grown-up first).

Remember that we’re a secret spy agency - not everyone knows about us.

Defined Words

Alteration: When something changes.

Anonymous: When we don’t mention your name or identity.

Browser: The programme your computer uses to access the internet. Chrome, Firefox, Safari, Internet Explorer, or something else.

Children’s Online Privacy Protection Act: A law in America that keeps children safe online.

CIA Platform: Anywhere that the CIA exists. On the website, the app, and (sometimes) on an internet-enabled toaster.

Cookie:: A type of digital sticker that a website puts on you. If you come back again, then the website will remember you.

CRM: Customer Relationship Management. This helps an organisation to talk to its customers.

Data: Facts and numbers and statistics, like your name, your favourite flavour of ice cream, and how many hours of TV you watch.

Data Controller: The person or company who has control of your data, and can decide what to do with it.

Destruction: When something is damaged so much that it doesn’t work anymore.

Digestion: When your stomach turns food into poop.

Disclosure: When you tell a secret to someone.

Encrypted: When a piece of data has been written in code, so that nobody else can read it.

Europe: A group of countries including the UK, France, Germany, Spain and Luxembourg.

European Commision: A group of grown-ups who make new laws for countries in Europe.

IP Address: A line of numbers that your computer uses to identify itself.

Modify: When you make small changes to something.

Non-personal data: Information that can’t be used to identify someone e.g. your agent name or your favourite colour

Operating System: The main programme on a computer, that helps all the other programmes to run.

Personal Data: Information that can be used to identify a person e.g. a name, email address or a fingerprint

Precaution: A backup plan that we’ve put in place (in case something bad happens).

Review: When you decide what you like about something, and if there’s anything you’d change.

Spy Hacks You Should Know:

‘Do Not Track’ disclosure

You can set your computer to send ‘Do Not Track’ to tell websites that you don’t want to be tracked. However, the CIA can’t handle these ‘Do Not Track’ messages... yet. If you want to set this up, then you MUST ask the permission of your trusted adult before you do this.