πŸ’¬ Feedback
← Back to home

Privacy Policy

Last updated: March 2026

This policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Children's Online Privacy standards. We take children's data extremely seriously.

1. Data Controller

The data controller is Jagannath Software Services Limited (company no. 07819137), The Long Lodge, 265–269 Kingston Road, Wimbledon, London, SW19 3NW. Email: [email protected]

2. What Data We Collect

Account data (parents/guardians): email address, name, subscription status, billing information (processed securely by our payment provider β€” we do not store card details).

Child profile data: first name or nickname, school year, practice session history (topics, scores, XP, badges, streaks). We do not collect a child's date of birth, school name, or any sensitive personal data.

Usage data: pages visited, features used, session durations, device type, and browser. This is collected in anonymised or pseudonymised form for service improvement.

Cookies: see our Cookie Policy for details.

3. How We Use Your Data

We use your data to:
  • Provide, maintain, and improve the YearWise service.
  • Personalise practice content using AI (Premium plan).
  • Send transactional emails (account creation, subscription receipts, password reset).
  • Generate parent alerts and progress reports.
  • Comply with legal obligations.
We do not sell your data. We do not use children's data for advertising.

4. Legal Basis for Processing

  • Contract β€” to provide the subscription service you have signed up for.
  • Legitimate interests β€” to improve the service, prevent fraud, and ensure security.
  • Legal obligation β€” to comply with applicable laws.
  • Consent β€” for non-essential cookies (you can withdraw consent at any time).

5. Children's Data

We are committed to protecting children's privacy. Child profile data is minimal by design and linked only to the parent/guardian account. We do not knowingly collect data directly from children without verifiable parental consent. If you believe a child has provided data without consent, please contact us immediately.

6. Data Sharing

We share data only with:
  • Supabase β€” our database provider (EU/UK data centres, GDPR compliant).
  • Anthropic β€” AI question generation (prompts do not contain personal data β€” only year group, subject, and topic).
  • Stripe / payment processor β€” for secure billing (they are PCI-DSS compliant).
  • Legal authorities β€” if required by law.
We do not transfer personal data outside the UK/EEA without appropriate safeguards (e.g., Standard Contractual Clauses).

7. Data Retention

We retain your account data for as long as your account is active plus 2 years, or as required by law. You may request deletion at any time (see Your Rights below). Child practice history is deleted when a child profile is deleted.

8. Your Rights (UK GDPR)

As a data subject you have the right to:
  • Access β€” request a copy of the personal data we hold about you.
  • Rectification β€” correct inaccurate data.
  • Erasure β€” request deletion of your data ("right to be forgotten").
  • Restriction β€” restrict processing in certain circumstances.
  • Portability β€” receive your data in a structured, machine-readable format.
  • Object β€” object to processing based on legitimate interests.
  • Withdraw consent β€” at any time, for consent-based processing.
To exercise any right, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. Security

We implement industry-standard security measures including HTTPS encryption, access controls, and regular security reviews. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

10. Changes to This Policy

We may update this policy periodically. Material changes will be communicated by email or in-app notice. The date at the top of this page indicates when the policy was last revised.