PRIVACY POLICY – INCREMENTAL DEVELOPER LIMITED

Effective Date: 11^th December 2025

1. About This Privacy Policy

1.1 This Privacy Policy explains how Incremental Developer Limited (“Incremental Developer”, “we”, “us”, or “our”) collects, uses, discloses, and protects information in connection with:
a. all mobile applications published by us under our developer account (the “Apps”); and
b. our website at https://incrementaldeveloper.com/ and any related pages that link to this Privacy Policy (the “Website”).

1.2 The Apps and the Website are referred to together in this Privacy Policy as the “Services”.

1.3 This Privacy Policy is designed to be transparent and understandable for parents and guardians while complying with applicable privacy and children’s data laws, including (where they apply) the UK GDPR, the EU GDPR, COPPA in the United States, CCPA/CPRA in California, and other local child-privacy requirements. This Policy applies to all mobile apps and websites published or operated by Incremental Developer Limited.

1.4 If you do not agree with this Privacy Policy, please do not use the Services and do not allow your child to use the Services.

2. Who We Are and How to Contact Us

2.1 The data controller (under the UK GDPR and EU GDPR) responsible for your personal data is:

Incremental Developer Limited
Company number: 16072298
Address: Peek House, 20 Eastcheap, London, England, EC3M 1EB

2.2 This Privacy Policy applies to all mobile applications and websites developed or published by Incremental Developer Limited, including but not limited to “Nelly & Jerry – Kids Math Game” and any future apps released under our developer account (together, the “Apps”).

2.3 For privacy matters, you may contact us at:
support@incrementaldeveloper.com

2.4 If we appoint a Data Protection Officer (DPO) or an EU/UK representative in the future, we will update their details here.

2.5 For UK users, you have the right to lodge concerns with the UK Information Commissioner’s Office (ICO). Details are available at https://ico.org.uk, although we encourage you to contact us first so we may resolve the issue directly.

3. Scope: Apps and Website

3.1 This Privacy Policy applies to information we collect when:
a. you or your child use our Apps;
b. you visit or use our Website;
c. you contact us by email or through our contact forms; and
d. we otherwise communicate with you in connection with the Services.

3.2 This Privacy Policy does not apply to third-party websites, apps, or services that may be linked from our Services. Please see Section 22 (Third-Party Links and Integrations) for more information.

4. Key Definitions

4.1 “Child” / “Children” means a natural person who is under the minimum age at which they can lawfully provide their own consent to the processing of their personal data in their country of residence, as explained in Section 5.

4.2 “Parent” / “Guardian” means a person with legal parental responsibility for a child.

4.3 “Personal data” / “Personal information” means any information relating to an identified or identifiable natural person, or as otherwise defined by applicable law.

4.4 “Processing” means any operation performed on personal data, such as collection, storage, use, disclosure, or deletion.

4.5 “Controller” and “Processor” have the meanings given in the UK GDPR and EU GDPR. In general, Incremental Developer Limited is the controller of the personal data described in this Privacy Policy (subject to exceptions noted for certain third-party services).

5. Age Limits and Who This Policy Is For

5.1 Our child-directed Apps, including “Nelly & Jerry – Kids Math Game”, are primarily designed for children aged approximately 4–8, and are intended to be used with the knowledge and supervision of a parent or guardian.

5.2 We must follow different rules for children’s data in different places:
a. In the United States, COPPA generally applies to children under 13 years old.
b. In the UK and EEA, the child’s digital consent age is usually 16 (although some EU Member States may set it between 13 and 16).

5.3 Where required by law, we will seek consent from a parent or guardian before processing a child’s personal data in ways that are not covered by an applicable exception (see Section 8).

5.4 Parents and guardians should read this Privacy Policy carefully and decide whether to allow their child to use the Services.

5.5 If we learn that we have collected personal information from a child in a way that is not permitted by law, we will take reasonable steps to delete that information (see Sections 8 and 17–20).

6. Types of Information We Collect

6.1 Depending on how you and your child use the Services, we may collect the following categories of information:

a. Information you (the parent or guardian) provide directly

Your name and contact details (e.g., email address) when you contact us through the Website or by email.
The content of your messages, inquiries, and support requests.

b. Information your child or you may provide via the Apps

Non-identifying profile information such as a nickname or in-game name.
In-game preferences and settings (e.g., language, difficulty level).
Other input the child provides in the course of gameplay (e.g., responses to math questions or puzzle choices).

We do not ask children to provide more personal information than is reasonably necessary for them to participate in the Apps activities.

c. Information collected automatically when using the Apps or Website

Device information (e.g., device type, operating system version, language, apps version).
Identifiers such as device identifiers, advertising IDs (where allowed and configured), and IP address.
Usage data such as the features used, screens viewed, session duration, crash logs, and performance data.
General location information derived from IP address (e.g., country or region), not precise GPS location, unless clearly stated otherwise.

d. Website and contact form information

Information you enter into any contact forms on our Website (e.g., your name, email address, subject and message).
Log files and analytics data relating to your visits (see Sections 11 and 12).

6.2 We do not knowingly seek or collect sensitive personal data (such as health information, biometric data, or precise geolocation) from children through the Apps. If we ever need to collect more sensitive categories of data, we will seek explicit consent from the parent or guardian where required by law.

7. How We Collect Information

7.1 We collect information:
a. directly from you, when you contact us or interact with the Website;
b. from your child’s use of the Apps, through in-app actions and gameplay; and
c. automatically, through technologies such as SDKs, logs, and cookies when you or your child use the Services.

7.2 We may also receive information from third-party service providers, such as analytics providers, advertising networks, attribution services, and crash reporting tools, as described in Sections 10 and 11.

7.3 Where we rely on parental consent (see Section 8), we may collect and maintain contact information for the parent/guardian in order to:

obtain verifiable consent;
send legally required notices; and
respond to parental requests regarding their child’s information.

8. Children’s Privacy and Parental Responsibility

8.1 We are committed to complying with COPPA in the US and relevant children’s privacy laws in the UK, EU and other regions.

8.2 We design our Apps so that it can be used without requiring a child to disclose more personal data than is reasonably necessary.

8.3 Parental consent and notice
a. Where required by law (for example, in the US for children under 13, or in the EEA/UK for children under the applicable digital consent age), we will:
– provide parents with notice of our data practices; and
– seek verifiable parental consent before collecting, using, or disclosing a child’s personal information beyond what is permitted by an applicable exception.
b. The specific method of obtaining consent may differ by jurisdiction and may include reasonable steps to verify that the person providing consent is the child’s parent or guardian.

8.4 Parents’ role
a. Parents and guardians should review this Privacy Policy and supervise their children’s use of the Apps and Website.
b. Parents may review, update, or request deletion of their child’s personal information, or withdraw consent, as described in Sections 17–20.

8.5 If we learn that we have collected personal information from a child without the required parental consent, we will promptly take reasonable steps to:

delete that information from our records; and
instruct our service providers to do the same, where applicable.

9. Legal Bases for Processing (EEA / UK Users)

9.1 Where the EU GDPR or UK GDPR applies, we rely on one or more of the following legal bases to process personal data:

a. Consent (Article 6(1)(a) GDPR) – for example, where a parent or guardian consents to our collection and use of their child’s personal data, or where a user consents to cookies or marketing communications.

b. Performance of a contract (Article 6(1)(b) GDPR) – where processing is necessary to provide the Services you requested, such as enabling functionality within the Apps or responding to support requests.

c. Legitimate interests (Article 6(1)(f) GDPR) – where processing is necessary for our legitimate interests (or those of a third party), provided that these interests are not overridden by the interests or fundamental rights and freedoms of children or other users. Our legitimate interests include improving the App, ensuring security and preventing fraud, and understanding how the Apps is used (subject to appropriate safeguards).

d. Compliance with legal obligations (Article 6(1)(c) GDPR) – where we must process data to comply with laws, including child-protection, tax, and regulatory obligations.

9.2 Where we rely on consent, you may withdraw that consent at any time (see Section 20). Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

10. How We Use Information

10.1 We use personal information for the following purposes, to the extent permitted by applicable law:

a. To provide and operate the Apps and Website
– enabling gameplay, progress tracking, rewards, and core educational features;
– operating the Website, including contact forms and navigation.

b. To maintain and improve the Services
– understanding how children and parents use our Apps (e.g., which levels are most played);
– debugging, fixing errors, and improving performance;
– developing new features and enhancements.

c. To provide support and communicate with parents
– responding to inquiries and support requests;
– sending important notices about changes to this Privacy Policy or our Terms;
– dealing with complaints and resolving disputes.

d. To personalise and contextualise content and experiences
– adapting difficulty levels or educational content to the child’s progress;
– presenting non-behavioural, contextual advertising where legally permitted and consistent with our children’s privacy obligations.

e. For analytics and measurement
– measuring usage and performance of the Apps and Website;
– understanding aggregated user behaviour to improve learning outcomes.

f. For safety, security and legal reasons
– protecting our users, including children, from fraud, misuse, and security threats;
– complying with legal obligations, responding to lawful requests, and enforcing our rights.

10.2 We will not use children’s personal information for purposes that are materially different from those described in this Privacy Policy without first obtaining any additional consent required by law (see Section 8).

11. Advertising, Analytics and Tracking Technologies

11.1 Our Services may integrate third-party software development kits (“SDKs”) and tools for analytics, attribution, and (where permitted) advertising. These may collect certain device and usage data (see Section 6.1(c)).

11.2 These third parties may include, for example:

analytics providers (to help us understand usage and performance);
ad networks / mediation platforms (to show ads, typically contextual and non-behavioural for children);
attribution providers (to understand which marketing channels lead to installs);
crash reporting and diagnostics tools.

11.3 Where the Apps or Website is directed to children, we configure these tools, where possible, to operate in a way that is consistent with COPPA and other child-privacy requirements, which may include:

limiting the use of persistent identifiers;
disabling interest-based or behavioural advertising; and/or
using only contextual advertising or no advertising at all in certain regions or experiences.

11.4 On the Website, we may also use cookies and similar technologies, described in more detail in Section 12.

11.5 To the extent required by law (for example, under the GDPR, UK GDPR, ePrivacy rules or certain US state laws), we will seek consent before using non-essential cookies or similar tracking technologies, particularly for advertising or advanced analytics.

11.6 We configure all advertising and analytics tools in our child-directed Apps to operate in child-safe mode in accordance with COPPA, the UK GDPR, the EU GDPR and the App Store/Google Play Families requirements, including disabling interest-based advertising.

12. Cookies and Similar Technologies on the Website

12.1 The Website may use:
a. Strictly necessary cookies – required for the basic operation and security of the Website.
b. Analytics cookies – to understand how visitors use the Website, so we can improve it.
c. Preference cookies – to remember your settings (e.g., language).

12.2 Where required by law, we will display a cookie notice or banner when you first visit the Website and will collect your consent before setting non-essential cookies.

12.3 You can manage cookies via:

the cookie settings (if offered on the Website); and/or
your browser settings, where you can block or delete cookies.

12.4 Disabling certain cookies may affect the functionality or performance of parts of the Website, but will not affect your ability to contact us or read key information.

13. Disclosure of Information to Third Parties

13.1 We may share personal information with the following categories of recipients, only as necessary and in accordance with this Privacy Policy:

a. Service providers and vendors – including hosting providers, analytics providers, ad networks (where permitted), crash reporting services, and email service providers, who process data on our behalf and under our instructions.

b. Platform providers – such as apps stores and operating system providers, to the extent needed to distribute and support the Apps.

c. Professional advisers – such as lawyers, accountants or auditors, where necessary for legitimate business purposes and subject to confidentiality obligations.

d. Authorities and regulators – where we are legally required or permitted to do so, for example to comply with a court order or to protect the safety of children or others.

e. Business transfers – in connection with a merger, acquisition, reorganisation, or sale of assets, in which case personal data may be transferred to the acquiring entity, subject to continued protection as described in this Privacy Policy.

13.2 We do not disclose children’s personal information to third parties for their own marketing purposes.

13.3 For users in certain US states, our disclosures are further explained in Section 19 (Additional Rights for US Residents), including whether such disclosures qualify as “selling” or “sharing” personal information under applicable law (we currently do not sell children’s personal information, see Section 23).

14. International Data Transfers

14.1 We are based in the United Kingdom, but our service providers, servers, and partners may be located in other countries. This means that your personal data, and your child’s personal data, may be processed in countries outside your country of residence, including outside the UK and EEA.

14.2 Where we transfer personal data from the UK or EEA to a country that has not been deemed to provide an adequate level of protection, we will implement appropriate safeguards, such as:

Standard Contractual Clauses approved by the European Commission or UK authorities; or
other lawful transfer mechanisms under applicable data protection law.

14.3 You can contact us (see Section 25) for more information about the specific safeguards we use for international transfers.

15. Data Security

15.1 We use reasonable technical and organisational measures designed to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures take into account the nature of the data and the risks associated with processing children’s information.

15.2 However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect personal data, we cannot guarantee absolute security.

15.3 If we become aware of a data breach that is likely to result in a high risk to your or your child’s rights and freedoms, and we are legally required to do so, we will notify you and the relevant authorities as required by applicable law.

16. Data Retention

16.1 We retain personal data only for as long as is reasonably necessary to fulfil the purposes described in this Privacy Policy (see Section 10), including for:

providing and improving the Services;
maintaining appropriate business and financial records;
complying with legal obligations; and
resolving disputes and enforcing agreements.

16.2 Criteria we use to determine retention periods include:

the type and sensitivity of the data;
how long the data is needed to provide the Apps or Website;
the length of the relationship with you;
applicable legal or regulatory retention requirements.

16.3 When personal data is no longer needed, we will delete or anonymise it, or, where this is not possible, securely store it and isolate it from any further use until deletion is possible.

17. Parents’ and Children’s Privacy Rights (Global)

17.1 Depending on your location and applicable law, you and your child may have some or all of the following rights in relation to personal data:

a. Access – to request a copy of the personal data we hold about you or your child.
b. Rectification – to request that we correct inaccurate or incomplete personal data.
c. Deletion – to request that we delete certain personal data, particularly where it pertains to a child and is no longer necessary or was collected unlawfully.
d. Restriction – to request that we restrict the processing of personal data in certain circumstances.
e. Objection – to object to certain processing, including where we rely on legitimate interests (see Section 9).
f. Portability – in some cases, to request a copy of personal data in a structured, commonly used, and machine-readable format.

17.2 Parental rights under children’s privacy laws

Parents and guardians of a child may, where applicable:
- review the personal information we have collected about their child;
- request deletion of their child’s personal information; and
- refuse to permit further collection or use of their child’s personal information.

17.3 To exercise these rights, please follow the steps in Section 20 (Exercising Your Rights and Choices).

18. Additional Rights for EEA / UK Users

18.1 In addition to the rights described in Section 17, individuals in the EEA and UK have specific rights under the EU GDPR and UK GDPR, including the right to:

lodge a complaint with a data protection authority; and
in certain circumstances, object to processing where we rely on legitimate interests (see Section 9).

18.2 If you are in the UK, you can contact the Information Commissioner’s Office (ICO). If you are in the EEA, you can contact your local data protection authority.

18.3 We encourage you to contact us first (see Section 25) so we can try to resolve your concerns directly.

19. Additional Rights for US Residents (including CCPA/CPRA)

19.1 If you are a resident of certain US states, including California, you may have additional rights under state privacy laws, such as:

the right to know what categories of personal information we collect and disclose;
the right to request access to specific pieces of personal information;
the right to request deletion of personal information, subject to exceptions;
the right to correct inaccurate information;
the right to know whether your personal information is sold or shared; and
the right to be free from discrimination for exercising your privacy rights.

19.2 For California residents, we treat information associated with a known child user in a manner consistent with our obligations under COPPA and applicable state law:

We do not sell or share children’s personal information for cross-context behavioural advertising (see Section 23).
Any use of persistent identifiers is limited to purposes compatible with COPPA, such as supporting internal operations, security, or non-behavioural contextual advertising.

19.3 Parents or guardians of children using the Apps in the US may exercise the rights described in Section 20 on behalf of their child.

20. Exercising Your Rights and Choices

20.1 To exercise any of the rights described in Sections 17–19, or to make a request related to your or your child’s personal information, please contact us (see Section 25) and:

clearly state that your request concerns privacy;
indicate whether the request relates to your child’s information, and provide enough details for us to identify the relevant account or device (without disclosing more information than necessary).

20.2 We may take reasonable steps to verify your identity (and, where appropriate, your relationship to the child) before responding to your request, especially where the request concerns children’s data.

20.3 We will respond to your request within the timeframe required by applicable law. If we cannot comply with your request, we will explain why (for example, where we have a legal obligation to retain certain data).

20.4 Where we rely on consent for processing, you may withdraw your consent at any time by:

adjusting your device settings (for certain permissions);
changing your preferences in the Apps or Website (if such options are available); or
contacting us (see Section 25).

Withdrawal of consent may affect your or your child’s ability to use some features of the Services.

21. App Store and Platform Requirements

21.1 Our Apps are distributed through third-party platforms such as the Apple App Store and Google Play Store. These platforms require us to provide accurate disclosures regarding what data the Apps collect, how the data is used, and with whom it is shared.

21.2 This Privacy Policy is intended to meet those platform requirements for all apps published by Incremental Developer Limited, including child-directed apps. We configure our Apps to comply with Apple’s App Store Review Guidelines, Google Play Families Policy, and all applicable child-privacy rules (including COPPA).

21.3 Your use of our Apps may also be governed by the terms and privacy policies of Apple, Google, or your device manufacturer. We are not responsible for those third-party policies.

22. Third-Party Links and Integrations

22.1 The Services may contain links to or integrations with third-party websites, content, or services that are not operated by us. For example, links to our pages on social networks or to download the Apps from app stores.

22.2 We do not control and are not responsible for the privacy practices of these third parties. Their collection and use of your information (including any information collected via cookies or other technologies) is governed by their own privacy policies.

22.3 We encourage parents and guardians to review the privacy policies of any third-party services before allowing children to interact with them.

23. No Sale of Children’s Personal Information

23.1 We do not sell personal information of children under the applicable age threshold (for example, under 13 in the US, or under the digital consent age in the EEA/UK) as the term “sale” is defined under the CCPA/CPRA and similar laws.

23.2 We do not “share” children’s personal information for cross-context behavioural advertising. Any disclosures to service providers for App operations, analytics, or contextual advertising are made under contracts that restrict the use of the information to specified purposes consistent with children’s privacy laws.

23.3 If this position changes in the future, we will:

update this Privacy Policy;
provide any legally required notices; and
obtain any necessary consents or offer opt-out rights as required by applicable law.

24. Changes to This Policy

24.1 We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

24.2 When we make material changes, we will:

change the “Effective date” date at the top of this Privacy Policy; and
take additional steps, such as providing notice within the Apps or on the Website, or seeking renewed consent where required by law.

24.3 We encourage parents and guardians to review this Privacy Policy regularly to stay informed about our information practices.

25. Contact Details and Complaints

25.1 If you have any questions or concerns about this Privacy Policy or our handling of personal data, including your child’s personal data, please contact us at:

Incremental Developer Limited
Peek House, 20 Eastcheap, London, England, EC3M 1EB
Email: support@incrementaldeveloper.com

25.2 If you reside in the UK or the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.
For UK users, this is the Information Commissioner’s Office (ICO): https://ico.org.uk.

25.3 If you are located outside the UK or EEA, you may have the right to contact your local privacy or data-protection regulator.