Privacy Policy - Updated

Effective: March 20, 2019

The Walt Disney Company has acquired certain 21st Century Fox businesses, including those providing the services described below. This policy has been updated to reflect that transaction.

Table of Contents:

1. INTRODUCTION

2. COLLECTION OF INFORMATION

3. USE AND DISCLOSURE

4. SECURITY

5. OTHER INFORMATION

6. CONTACT US

1. INTRODUCTION

The privacy of children is important to us. This Privacy Policy explains how National Geographic Partners, LLC (“Nat Geo Kids”, “Company” or “we”) collects, uses and discloses the personal information of children under the age of thirteen through this website, mobile site, application or widget (each, a “Company Service”). This policy also explains the rights that parents have with respect to their children’s personal information.

2. COLLECTION OF INFORMATION

To access some of the Company Services, the child’s parent or guardian must authenticate through a television provider authorized by Company to distribute Company’s channels (“Distributor”). To do so, the parent/guardian will be required to select the Distributor with whom they have a subscription. He/she will be redirected to the Distributor’s website registration page where the parent/guardian will be required to register or sign in directly with the Distributor (the “Distributor Site”). The registration information submitted to the Distributor is not shared with the Company. The Distributor Site is hosted and managed by your Distributor and Company has no control over the Distributor Site or the Distributor’s registration page. Please contact your Distributor directly for questions related to your Distributor subscription account, including how to access or cancel your account ("Distributor Account").

Activity Information. When a child accesses and interacts with the Company Services, we may collect certain information about those visits. For example, in order to permit a child’s connection to the Company Services, our servers receive and record information about his or her computer, device, and browser, including potentially IP address, browser type, and other software or hardware information. If a child accesses the Company Services from a mobile or other device, we may collect a unique device identifier assigned to that device or other transactional information for that device.

Cookies and other tracking technologies (such as pixels, beacons, and Adobe Flash technology, including cookies) are comprised of small bits of data that often include a de-identified or anonymous unique identifier. Websites, apps and other services send this data to a child’s browser when he or she first requests a web page and then stores the data on the child’s computer so the website can access the information when the child makes subsequent requests for pages from that service. These technologies may also be used to collect and store information about a child’s usage of the Company Services, such as pages visited, content viewed, search queries run and advertisements served. Company uses these types of information to support the internal operations of the Company Services.

Third parties that support the Company Services by serving advertisements or providing services, such as maintaining and analyzing the functioning of the Company Services, assisting in network communications, stability of the Company Services, hosting, content delivery, and authentication may also use these technologies to collect similar information.

3. USE AND DISCLOSURE

We use the information we collect from and about a child to provide the Company Services and features to him or her, including: to measure and improve those Company Services and features; to improve the child’s experience with both online and off-line Company Services by delivering content he or she will find relevant and interesting, including advertising; to provide the child with customer support and to respond to inquiries. When the information collected from or about a child does not identify him or her as a specific person, we may use that information for any purpose or share it with third parties.

We use the information we collect from and about children for these additional purposes:

To allow service providers to assist us in providing and managing the Company Services. Company may make a child’s information available to certain third-party service providers, such as contractors, agents or sponsors, who help us manage or provide the Company Services.

To protect the rights of Company and others. There may be instances when Company may disclose a child’s information, including situations where Company has a good faith belief that such disclosure is necessary in order to: (i) protect, enforce, or defend the legal rights, privacy, safety, or property of Company, our Company Affiliates or their employees, agents and contractors (including enforcement of our agreements and our terms of use); (ii) protect the safety, privacy, and security of users of the Company Services or members of the public; (iii) protect against fraud or for risk management purposes; (iv) comply with the law or legal process; or (v) respond to requests from public and government authorities.

To complete a merger or sale of assets. If Company sells all or part of its business or makes a sale or transfer of its assets or is otherwise involved in a merger or transfer of all or a material part of its business, Company may transfer children’s information to the party or parties involved in the transaction as part of that transaction.

4. SECURITY

Company uses commercially reasonable administrative, technical, personnel and physical measures to safeguard information in its possession against loss, theft and unauthorized use, disclosure or modification. However, no one can guarantee the complete safety of your information.

5. OTHER IMPORTANT INFORMATION

Updates to Privacy Policy. Company may modify this Privacy Policy. Please look at the Effective Date at the top of this Privacy Policy to see when this Privacy Policy was last revised. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on the Company Services.

Location of Data. The Company Services are hosted in and managed from the United States. If you are a user located outside the United States, you understand and consent to having any personal information processed in the United States. United States data protection and other relevant laws may not be the same as those in your jurisdiction. This includes the use of cookies and other tracking technologies as described above. As a result, please read this Privacy Policy with care.

Linked Services. The Company Services may also be linked to sites operated by unaffiliated companies, and may carry advertisements or offer content, functionality, games, newsletters, contests or sweepstakes, or applications developed and maintained by unaffiliated companies. Company is not responsible for the privacy practices of unaffiliated companies,and once you leave the Company Services or click an advertisement you should check the applicable privacy policy of the other service.

In addition, Company is not responsible for the privacy or data security practices of other organizations, such as Facebook, Tumblr, Twitter, Apple, Google, Microsoft or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including in connection with any information you disclose to other organizations through or in connection with the Company Services.

Collection of Personal Financial Information by a Payment Service. In some cases, we may use an unaffiliated payment service to allow you to purchase a product or make payments (“Payment Service”). If the parent/guardian of a child wishes to purchase a product or make a payment using a Payment Service, you will be directed to a Payment Service webpage. Any information that you provide to a Payment Service will be subject to the applicable Payment Service's privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, any Payment Service's use of information collected through any Payment Service.

Data Retention. We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.

Remember that even after you cancel your account, copies of some information from your account may remain viewable in some circumstances where, for example, you have shared information with social media or other services. Because of the nature of caching technology, your account may not be instantly inaccessible to others. We may also retain backup information related to your account on our servers for some time after cancelation for fraud detection or to comply with applicable law or our internal security policies. It is not always possible to completely remove or delete all of your information due to technical constraints, contractual, financial or legal requirements.

Sensitive Information. We ask that you not send us, and you not disclose, any sensitive personal information (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Company Services or otherwise.

6. The GDPR and Additional Information for Individuals in the European Economic Area ("EEA")

If you are a resident of the European Economic Area (“EEA”) and the Services are targeted to you, please note:

The EU General Data Protection Regulation (GDPR) is a new comprehensive data protection law that updates existing EU laws to strengthen the protection of “personal data” (any information relating to an identified or identifiable natural person, so called “data subjects”) in light of rapid technological developments, the increasingly global nature of business and more complex international flows of personal data. The GDPR replaces the current patchwork of national data protection laws with a single set of rules, directly enforceable in each EU member state. The GDPR takes effect on May 25, 2018. In addition to this Privacy Policy, if you would like to know more about how we are implementing the requirements of the GDPR please visit our Frequently Asked Questions.

If you would like to receive an electronic copy of your Personal Information for purposes of transmitting it to another company, you may contact us here.

Regarding the section entitled “Location of Data” in Section 5, above: Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting NGPPrivacy@natgeo.com or by following this link: http://help.nationalgeographic.com/customer/portal/emails/new?t=638080 and providing your contact information, selecting “Other” from the drop-down menu and providing a brief description in the text box available.

You may lodge a complaint with a supervisory authority competent for your country or region.

If you wish to inquire about your privacy rights in relation to the National Geographic Society please email the National Geographic Society at dataprivacy@ngs.org.

7. CONTACT US

If you have additional questions regarding this privacy policy, please contact us at:

Email: NGPPrivacy@natgeo.com

Or

National Geographic Partners, LLC

Attn: Business and Legal Affairs - Privacy

1145 17th Street NW

Washington, DC 20036-4688