Privacy Policy
Last Updated: June 24, 2026
This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.
We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
Wobble Monkey Studios Ltd operates in strict accordance with the UK General Data Protection Regulation (UK GDPR), the EU GDPR, the Data Protection Act 2018, and applicable global children’s privacy frameworks.
Interpretation and Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Wobble Monkey Studios Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ. The Company acts as the Data Controller under applicable data protection laws. ICO Registration Number: ZB871230.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: United Kingdom
Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
Service refers to the Website, its internal lessons and activities, and all mobile applications published by the Company, including English Grammar Star, English Verb Smash, English Grammar Smash, Match Up Learn English Words, and Learn and Spell English Words.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service, specifically Apple Identity Services and Google Sign-In.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit or application telemetry).
Website refers to Wobble Monkey Studios, accessible from https://wobblemonkey.com
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name (provided via Third-Party Social Media Service login tokens)
- Self-selected public handles or Display Names (used for gamified leaderboard placements)
- Usage Data
Usage Data
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers (such as IDFA or GAID logs subject to Your explicit consent parameters), app crash diagnostics, and other structural data.
Information from Third-Party Social Media Services
The Company allows You to create an account and log in to use certain features within the Service through the following Third-party Social Media Services:
- Google Sign-In
- Apple Identity Services
If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal Data that is already associated with Your Third-Party Social Media Service's account, such as Your name and Your email address associated with that account. This synchronization data is collected solely under the lawful basis of Performance of a Contract to verify, protect, and sync Your educational history across multiple client devices.
Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use include:
- Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
- Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser.
Data Processing Architecture & Legal Frameworks
Lawful Bases for Processing under GDPR
| Processing Activity | Data Categories Collected | Lawful Basis (GDPR Art. 6) |
|---|---|---|
| Account Creation & Sign-In (Users aged 13+ only) | Email address, unique third-party authentication tokens, and full profile name pulled via OAuth platforms (Apple/Google) for private cloud data synchronization across devices. | Performance of a Contract: Necessary to host, manage, and securely synchronize your private learning profile and real name across devices. |
| Leaderboards & Gamification | Your chosen public Display Name / Gamertag and progress metrics (e.g., scores, quiz milestones, streaks). | Legitimate Interests: Necessary to provide competitive, community-driven, and engaging learning elements to users. |
| In-App Purchases & Subscriptions | Order transaction IDs, country of purchase, purchase history, and subscription status tokens. (Note: We never view or store credit card details; all financial processing remains locked inside platform-native secure environments). | Performance of a Contract: Validating purchases and billing terms via the Apple Media Services or Google Play Store systems. |
| In-App Advertising, Web Analytics & Metrics | Device IP addresses, browser types, advertising identifiers (IDFA/GAID), app crashes, cookie tokens, and basic web interaction logs. | Consent: Requested dynamically from eligible users via our Google User Messaging Platform (UMP) or cookie consent dialogue boxes. |
Children's Privacy & Age Gate Operations
We operate a strict split audience model across our systems to prioritize complete child safety:
- Child-Safe Products & Guest Workspace: Standalone applications like Learn and Spell English Words, alongside localized guest states within our authenticated apps, are structured for users under 13. These configurations display anonymous global leaderboards using non-editable random system strings, do not request cloud authentication, and process only non-targeted contextual advertisements.
- Account Privileges (Ages 13+ Only): Custom profile configurations, email attachment pipelines, real-name synchronization, and editable gamertags are blocked behind an in-app neutral age gate. If we find cloud documentation has been saved from a child under 13, it will be deleted immediately.
International Data Transfers (UK/EEA to USA)
Wobble Monkey Studios Ltd is corporate-headquartered in the United Kingdom. However, all personal user accounts and cloud profile data are processed and stored on cloud instances located in the United States of America via Google Firebase.
To protect your information, transfers from the UK or European Economic Area (EEA) to the United States are secured using approved legal mechanisms, specifically Standard Contractual Clauses (SCCs) approved by the European Commission and the UK International Data Transfer Addendum (IDTA), alongside relying on cloud infrastructure vendors certified under the Data Privacy Framework (DPF).
Data Retention and Account Deletion
We store your information only for as long as your profile remains active. If your account shows zero connectivity updates for a consecutive period of 24 months, your records will be purged from our active Firestore configurations. In compliance with Apple and Google storefront rules, users can delete their accounts at any time from within the app settings panel.
Your Legal Rights & Redress
Under the UK GDPR and EU GDPR, You possess distinct constitutional control options over Your Personal Data. You may contact us at any time to execute the following requests:
- Right to Access: Review a copy of all information attached to your UID.
- Right to Erasure ("Right to be Forgotten"): Permanently wipe your sync datasets from our cloud servers.
- Right to Rectification: Edit details linked to your account settings.
- Right to Withdraw Consent: You can open the "Privacy Settings" widget inside our apps to instantly revoke third-party cookie or device ad-tracking parameters via the Google UMP.
If You believe We have processed Your data unlawfully, You have the right to file an official complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
- Email: support@wobblemonkey.com
- Postal Mail: Wobble Monkey Studios Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ