MyStickers was created by The Carrot Company, the team behind School Stickers, provider of millions of school rewards to thousands of schools across the world since 2000.
We obtain information about you when you use our website, for example when you or your school sign you up to use MyStickers.
The personal information we collect might include your name, school year, email address, IP address and information regarding what pages are accessed and when.
We only use this data to enable your account. It will never be used for any other purpose.
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to send you emails).
However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
As MyStickers is a website for children we have made the decision to ensure we conform with all relevant regulations that parents / legal guardians must consent to you having a MyStickers account.
When you first log in after 25th May we will ask for your parents email address so we can request this consent.
Your school also have the ability to grant this consent in line with their own GDPR policy.
The accuracy of your information is important to us. We're working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: [email protected], or simply log in to your account on our website.
You have the right to ask for a copy of the information Carrot Rewards Limited hold about you. To request a copy of information held please email [email protected]
When you give us personal information, we take steps to ensure that it's treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software 256 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Data is only ever stored in three locations, Carrot Rewards Secure Data Server, Google Cloud Services and if the School has opted for MIS integration with Wonde.
Carrot Rewards stores school data with Fasthosts. The Gloucester data centres are state-of-the art and are ISO 27001 certificate. CCTV covers all areas of the data centre, with highly experienced security guards on duty 24/7, 365 days a year. Role-based access control swipe-card system across multiple secure areas ensure absolutely no access by unauthorised personnel.
Further information on Fasthosts privacy policy can be found here.
https://www.fasthosts.co.uk/terms/privacy-notice
Wonde our MIS integration Partner stores school data within Amazon Web Services (AWS). The Ireland data centres are used to ensure the data stays within the EEA. Wonde are also now ISO 27001 accredited. Wonde has also committed to Cyber Essentials which will follow the ISO 27001 accreditation.
Further information on Wonde’s GDPR policy can be found here
https://www.wonde.com/downloads/Wonde - School Data and GDPR.pdf
Further information on Google’s Cloud GDPR statement can be found here.
https://cloud.google.com/security/gdpr
A cookie is a small text file that we store on your device if you agree.
Our website uses cookies to distinguish you from other users of our website. Cookies also provide us with information about how this website is used so we can keep it is as up to date, relevant and error-free as possible. Further information about the types of cookies that may be used on this website is set out below:
These are cookies that are essential to the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website or use a shopping basket.
These cookies allow us to recognise and count the number of visitors to our website and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
These cookies are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
| Cookie Name | Cookie Type | Cookie Description | Cookie Expiration |
|---|---|---|---|
| gdprCookie | Strictly Necessary | A cookie that determines your additional cookies preferences. | 1 year |
| gdprCookieHidden | Strictly Necessary | A cookie that determines if you've agreed to the use of cookies. | 1 year |
| PHPSESSID | Strictly Necessary | Your session ID on the server. | 24 minutes of inactivity |
| __utma | Analytical | Used by Google Analytics to analyse website usage. | 2 years |
| __utmb | Analytical | Used by Google Analytics to analyse website usage. | 30 minutes |
| __utmc | Analytical | Used by Google Analytics to analyse website usage. | End of browser session |
| __utmz | Analytical | Used by Google Analytics to analyse website usage. | 6 months |
| _ga | Analytical | Used by Google Analytics to analyse website usage. | 2 years |
| _gid | Analytical | Used by Google Analytics to analyse website usage. | 24 hours |
You can choose to manage the cookies we use on this website through your browser settings at any time.
However, if you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of our site. For more information about how to change your browser settings, and about cookies in general, you can visit www.allaboutcookies.org.
