Effective date: 25 May 2018

Memrise is an online learning service offered by Memrise Limited (“Memrise”). Our services (“Services”) include a wide variety of beginner to advanced language content and courses. This content is available (i) on applications (“Apps”) for various operating systems available to download on mobile, laptop and/or tablet devices, and (ii) at our website https://www.memrise.com (“Website”).

This Privacy Policy explains what personal data (as defined below) we collect through the Services, how we use and share that data, and your choices concerning our data practices.

This Privacy Policy forms part of our Terms of Use, which are available at https://www.memrise.com/terms/.

By providing us with your personal data when using the Services, you consent to the processing of your personal data as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not access or use the Services.

1. Personal Data That We Collect

When you interact with our Website or Apps, we collect information that, alone or in combination with other information, could be used to identify you (“Personal Data”).

Personal Data You Give Us. When you sign up for or use the Services, you voluntarily give us certain Personal Data, including your name, email address, username, and profile picture. If you register for an account through your social media account (including Facebook and Google Sign-in), you may see which of your friends are using the Services. The information we get from these accounts depends on your settings and the privacy policies of the social media platforms, so please check those policies to understand the privacy practices of those platforms.

If you buy a Memrise Pro subscription, you may be asked to provide payment information (including payment card number, security code associated with the card, expiry date), to one or more of our payment service providers (please see “Sharing and Disclosure” section below).

When you use the Services, you may generate learning data such as test answers, learning scores, and progress within a course, which we will collect and store for use in connection with the Services.

We also collect information you choose to provide to us when you complete any “free text” boxes in our forms (for example, support request or survey submission). In addition, we may collect Personal Data disclosed by you on our forums, blogs and our other areas of the Services to which you can post information and materials.

We may also collect non-Personal Data, such as your time zone or language.

Automatically Collected Data: When you use the Services, the following information is created and automatically logged in our systems:
Log data: Information (“log data”) that your browser automatically sends whenever you visit the Website, or that the Apps automatically send when you use them. Log data includes your Internet Protocol (“IP”) address (so we understand which country you are connecting from when you visit the Website), browser type and settings, the date and time of your request, and how you interacted with the Services.
Cookies: Information from cookies and other technologies stored on your device. Please see the “Cookies” section below to learn more about how we use cookies and other technologies.
Device information: Includes type of device you are using, operating system, settings, unique device identifiers, network information and other device-specific information. Information collected may depend on the type of device you use and its settings.
Usage Information: We collect information about how you use our Services, such as the types of content that you view or engage with, the features you use, the actions you take, the other users you interact with and the time, frequency and duration of your activities.

2. How We Use Data

We use the data we collect, described above:

To authenticate users, provide the Services, process transactions and respond to your requests. For users located within the EU , this use is necessary to perform the contract with you.

As necessary for certain legitimate business interests, which include the following:

To customize the learning experience and degree of difficulty to our users’ level and needs.

To better understand how visitors interact with our Website and ensure that our Website is presented in the most effective manner for you, and as part of our efforts to keep our Website, network and information systems secure.

To conduct analytics to inform our marketing strategy and enable us to enhance and personalize our communications and the experience we offer to our users.

To provide communications by post which we think will be of interest to you.

If you ask us to delete your data or to be removed from our marketing lists and we are required to fulfil your request, we will keep basic data to identify you and prevent further unwanted processing.

We may anonymize, de-identify and/or aggregate the information that we collect and use such anonymized, de-identified and/or aggregated data for commercial, statistical and market research purposes, including sharing it with affiliates and business partners.

To conduct or assist research, and prepare scholarly papers. We may share the information we collect in anonymized and de-identified form with researchers who help us to improve the Service’s learning tools. We may also use such information to publish papers on language learning.

Marketing. We will send you updates and information about our new products and services, upcoming events or other promotions or news by email or push notification. Where required by law, we will only send you marketing information if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving such emails by following the instructions contained in each promotional email we send you or by updating your user settings. In addition, if at any time you do not wish to receive future marketing communications, please contact us at privacy@memrise.com. We will continue to contact you via email regarding the provision of our Services and to respond to your requests.

For information on your rights under the applicable European Union (“EU”) law, please see the “Rights under EU Law” section below.

3. Sharing And Disclosure

Other users of the Services can see the profile information you upload to the Services including courses, learning scores and users you are following.

We may share your Personal Data and other information with certain third parties in the following circumstances:

Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions your Personal Data may be shared with third-party providers of hosting, email communication and customer support services, analytics, marketing, advertising (including Amazon Web Services and Google in the United States, both certified to the Privacy Shield). For more details on the third parties that may place cookies through the Website, please see the “Cookies” section below. Following our instructions, these parties may access, process or store Personal Data in the course of performing their duties for us.

Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of a service to another provider, your Personal Data and other information may be transferred to a successor or affiliate as part of that transaction.

Legal Requirements: If required to do so by law, applicable regulation or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Memrise, (iii) act in urgent circumstances to protect the personal safety of users of the Website or the Apps, or the public, or (iv) protect Memrise against legal liability.

4. Data Retention

We will keep your Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

5. Update Your Information

If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us. We will address your request as required by applicable law. You are also able to update your Personal Data yourself from your user settings.

6. California Privacy Disclosures

We may use cookies or other technologies on our Website or Apps that collect information about your browsing activities over time and across different websites following your use of the Website or Apps. We may allow third party service providers and other third parties to do the same. We currently do not respond to “Do Not Track” (DNT) signals and operate as described in this Privacy Policy whether or not a DNT signal is received.

If you would like to request information about third parties that collect Personal Data on our site for direct marketing purposes please contact us.

7. Rights Under EU Law

Scope. This section provides information on your rights under EU law (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway).

Data Controller. Memrise Limited is the data controller for your Personal Data. To find out our registered office, please see our Contact Us page.

Your Rights. Subject to EU law, you have the following rights in relation to your Personal Data:

Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
Right to erasure: You may ask us to erase your Personal Data in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable). If we shared your data with others, we will alert them to the need for erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
If we are relying on a legitimate interest (described under the “How We Use Data” section above) to process your Personal Data -- unless we demonstrate compelling legitimate grounds for the processing; or
If we are processing your Personal Data for direct marketing.
Rights in relation to automated decision-making and profiling: You have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, unless this is necessary in relation to a contract between you and us or you provide your explicit consent to this use.
Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.
Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns.

You may contact us to exercise your rights.

Legitimate Interest. “Legitimate interests” means our interests in conducting our business, managing and delivering the best Services to you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Changes. We will notify you of changes to the data processing activities described in this Privacy Policy by posting a prominent notice on the Website or the Apps or as otherwise required by law.

8. Publicly Posted Information

This Privacy Policy shall not apply to any information you post to the public areas of the Services. This includes, but is not limited to comments on the Memrise blog or public forums. Comments posted to public areas may be viewed, accessed, and used by third parties subject to those parties’ privacy practices and policies.

9. Children

Memrise does not knowingly collect Personal Data from children under the age of 13. If you have reason to believe that a child under the age of 13 has provided Personal Data to Memrise through the Services please contact us and we will endeavour to delete that information from our databases.

10. Links to Other Websites

The Website and the Apps may contain links to other websites not operated or controlled by us (“Third Party Sites”), including social media websites and services. The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of such Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact those sites directly for information on their privacy practices and policies.

11. Security

We take reasonable administrative and technical steps to protect the Personal Data from loss, misuse and unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the internet is 100% secure. Therefore, while we strive to protect your data, we cannot guarantee its absolute security.

12. Cookies

The Website uses cookies and other technologies to make it easier for you to use the Services during future visits, monitor traffic on our website or apps and to personalize instructional content. For more information, please refer to our Cookie Policy.

13. Changes To Our Privacy Policy

We may change this Privacy Policy at any time and when we do we will post an updated version on this page. By continuing to use the Website and the Apps or providing us with information after we have posted an updated Privacy Policy you consent to the revised Privacy Policy and practices described in it.

14. Contact Us

If you have any questions about our Privacy Policy or our data practices, please contact us.