As a site, we are fully compliant with, and are a registered data controller (no. Z2475988) under the Data Protection Act 1998. This means that we have a set of tried and tested procedures and policies that our lovely team must adhere to when dealing with any data we hold about you.
We utilise 3rd party payment services provided by three of the world's largest digital payment providers - Paypal, Adyen and Stripe. We have no access to the payment information you provide during payment/checkout as this is all processed by our payment provider. When you provide or update your payment information within your account area on our website, the information is transmitted directly between your device and one of these providers.
We adhere to industry standards, employing strong commercial SSL encryption to give you an assurance that all interactions are secure, private, and tamper-proof - your login and personal information is secured in transit. Twinkl has passed Extended Validation vetting checks designed to verify and provide assurance, to our users of the legitimacy of our website and business.
Our sites, services and infrastructure are scanned for vulnerabilities and malware/viruses on a daily basis by multiple leading third party solutions and we employ a number of industry standard controls to uphold the confidentiality, integrity and availability of data.
If you ever have any questions about security and privacy, we'd love to chat with you!
If you'd like additional information about our site security, you may wish to look at our technical help page here. We would recommend you do this if you'd like to understand more about how you can further verify the secure status of Twinkl or are someone responsible for ICT administration within a school, Education Authority or Grid For Learning/Regional Broadband Consortium context.