Privacy Policy

Version 2.1 · Last updated 11 June 2026

We read and extract events from your emails and documents, then discard the originals — we don't store the full text. We don't sell your data, we don't use advertising or analytics cookies, and when we use AI we send only the relevant text, never your name or account ID.

1. Who We Are

SchoolSphere is operated by SchoolSphere Ltd, a company registered in England and Wales. We are the data controller of your personal data under UK GDPR and the Data Protection Act 2018.

Questions or requests? Email privacy@schoolsphere.app. We respond within 30 days.

You also have the right to contact the Information Commissioner's Office (ICO) at ico.org.uk or 0303 123 1113.

2. Who This Policy Applies To

SchoolSphere is designed for parents and carers aged 18 and over, based primarily in the United Kingdom. This policy is governed by UK law (UK GDPR and the Data Protection Act 2018).

If you are located in the European Union or EEA, you have additional rights under EU GDPR, including the right to lodge a complaint with your local supervisory authority. If you are located in California, USA, you may have additional rights under the CCPA/CPRA, including the right to know, delete, and opt out of the sale of personal information — we do not sell personal information. If you are located elsewhere, local data protection laws may also apply. In all cases, we apply the same high standard of protection described in this policy.

SchoolSphere is not directed at children under 13. We do not knowingly collect personal data from children under 13 without verifiable parental consent. If you believe a child under 13 has provided us with personal data, please contact privacy@schoolsphere.app and we will delete it promptly.

3. What Data We Collect

Account information

When you sign in via Google OAuth, we store your name, email address, unique user ID, and account creation date. We do not store your password. By completing sign-in, you confirm that you are 18 or over.

Children's profile information

When you add a child, we store their first name or nickname, year group, avatar emoji, and colour. We do not collect children's dates of birth, addresses, photographs, or government identifiers. Children cannot create accounts or access the app directly.

Events and calendar data

We store events you add manually or import via text, email, PDF extraction, or school letter scanning — including titles, dates, requirements, and the child they are associated with.

Gmail integration (optional, consent-based)

If you connect Gmail, we access your inbox with read-only scope to extract school events. We do not store the full text of your emails. Raw email content is processed in memory and discarded immediately after extraction. Only extracted event data is saved. You can disconnect Gmail at any time in Settings.

Outlook / Microsoft 365 integration (optional, consent-based)

If you connect Outlook, we access your inbox via the Microsoft Graph API with read-only scope to extract school events. We do not store the full text of your emails. Raw email content is processed in memory and discarded immediately after extraction. Only extracted event data is saved. You can disconnect Outlook at any time in Settings.

Uploaded documents

PDFs and photos you upload are processed by AI to extract event information. The original files are deleted immediately after extraction — we do not retain uploaded documents. Extracted events are saved to your account.

Pasted text

Text you paste (email text, WhatsApp messages) is sent to our AI for extraction. The original text is not stored — only the extracted events are saved to your account.

Subscription and billing data

If you subscribe, payment is processed by Stripe. We do not store your card details. We receive from Stripe: your customer ID, subscription status, plan type, and billing dates.

Push notification tokens

If you enable push notifications, we store a device push token to deliver reminders to your device.

Technical data

We collect standard server logs (IP addresses, request timestamps, error reports) for security monitoring only. These are retained for a maximum of 90 days and are not used for any other purpose. We do not use any third-party analytics services (such as Google Analytics, Firebase, or Mixpanel). No analytics cookies or tracking scripts are loaded.

4. How We Use Your Data

We use your data only to provide the SchoolSphere service. Specifically: to run your account and calendar (lawful basis: contract); to process Gmail, Outlook and uploaded documents with your consent (lawful basis: consent — revocable at any time in Settings); to process subscription payments (lawful basis: contract); and for security monitoring (lawful basis: legitimate interests).

We do not use your data for advertising, profiling, or any purpose not listed here.

5. Data Minimisation and Purpose Limitation

We collect only the minimum personal data necessary to provide the service. Each piece of data we hold has a specific, documented purpose, and we do not use it for anything beyond that purpose. We conduct periodic internal reviews of what data we hold to ensure we are not retaining anything unnecessary. If a feature is removed or changed, we delete any data that was collected solely for that feature.

For children's profiles in particular, we deliberately limit collection to first name and year group — the minimum needed to organise events by child. We do not collect, and actively avoid requesting, any additional information about children.

6. AI Processing — How It Works

SchoolSphere uses AI to extract event information from emails, documents, and natural language input. This processing is performed by Anthropic, PBC (USA) via AWS Bedrock, operating under a Data Processing Agreement (DPA) with SchoolSphere Ltd. Anthropic is contractually prohibited from using API data to train their models.

When we send content to Anthropic for processing, we send only the relevant text (for example, the body of a forwarded email or a pasted message). We do not send your name, account ID, or any other identifying information alongside the content. Anthropic processes the text and returns structured event data; the original text is not retained by us or Anthropic after processing.

AI processing is performed server-side (not on your device). All communication between our servers and Anthropic (via AWS Bedrock) is encrypted in transit. Anthropic is used solely for event extraction and calendar assistant features — it is not used for profiling, advertising, or any decision-making about you.

7. Children's Data — Special Protections

SchoolSphere is for parents and carers aged 18 and over. Children do not have accounts and cannot use the app directly. We apply the following protections in line with the ICO's Children's Code (Age Appropriate Design Code):

Age verification is carried out at sign-in: users sign in via Google OAuth and by completing registration they self-declare they are 18 or over. We do not knowingly allow users under 18 to create accounts. Before enabling Gmail or Outlook integration or AI features that process family content, users are shown a clear consent screen explaining what data is accessed and how it is used.

Children's data is stored only as entered by the parent or carer. Children cannot access or modify their own records. We do not use children's information for advertising or profiling. Household members only see children's data for children the account holder has explicitly shared. When an account is deleted, all children's data is permanently and immediately deleted. We collect only the minimum information necessary (first name or nickname and year group).

We do not knowingly process personal data relating to children under 13 without verifiable parental consent. If you believe this has occurred, please contact privacy@schoolsphere.app immediately.

8. Who We Share Data With

We do not sell your data. We share data only with the following trusted service providers acting as data processors under written DPAs:

Railway — platform hosting and database

Our application backend and database are hosted on Railway. Your account data, events, and calendar entries are stored in a managed MySQL database, held within the EU/UK region. Railway operates under a Data Processing Agreement with SchoolSphere Ltd.

Amazon Web Services (AWS) — temporary file storage

Uploaded files (PDFs, photos) are temporarily stored in AWS S3 (EU region) for the duration of AI processing only, then immediately deleted. AWS operates under SCCs and a DPA.

Google LLC — Gmail API

If you connect Gmail, we use the Google Gmail API (read-only scope) to fetch emails. Google acts as a data processor for this access. You can revoke access at any time via your Google account settings or within SchoolSphere Settings. Google operates under SCCs.

Microsoft Corporation — Outlook / Microsoft 365 API

If you connect Outlook, we use the Microsoft Graph API (read-only scope) to fetch emails. Microsoft acts as a data processor for this access. You can revoke access at any time via your Microsoft account settings or within SchoolSphere Settings. Microsoft operates under SCCs.

Stripe Inc — payment processing

Subscription payments are processed by Stripe. We share only the minimum information required (email, name, subscription plan). Stripe is PCI-DSS compliant and operates under a DPA and SCCs.

Anthropic, PBC (USA) via AWS Bedrock — AI event extraction and calendar assistant

Text content (email bodies, pasted text, document text, voice transcriptions) is sent to Anthropic (via AWS Bedrock) for event extraction and natural language processing. No names, account IDs, or identifying information are included. Anthropic is contractually prohibited from training on API user data and operates under a DPA.

Where data is transferred outside the UK, we ensure Standard Contractual Clauses (SCCs) or equivalent safeguards are in place as required by the ICO's international transfer guidance.

9. How Long We Keep Your Data

Account and profile data is retained until you delete your account. Events and calendar entries are retained until you delete them or your account. Uploaded files are deleted immediately after AI processing (typically within seconds). Gmail and Outlook OAuth tokens are retained until you disconnect them. Push notification tokens are retained until you revoke permission. Stripe billing records are retained for 7 years in compliance with UK financial regulations. Server logs are retained for 90 days. Consent records are retained for 7 years.

10. Your Rights

Under UK GDPR, you have the right to access a copy of your data (use "Download My Data" in Settings); rectify inaccurate data; erase your account and all data (Settings → Delete Account); data portability (export as JSON via Settings); restrict processing in certain circumstances; object to processing based on legitimate interests; and withdraw consent at any time for Gmail and Outlook sync, push notifications, and email digest.

If you are in the EU/EEA, you have equivalent rights under EU GDPR and may lodge a complaint with your local supervisory authority. If you are in California, you have rights under CCPA/CPRA including the right to know what data we hold, the right to delete it, and the right to opt out of sale (we do not sell data).

To exercise any right, email privacy@schoolsphere.app. We will respond within 30 days.

11. Security

All data is transmitted over HTTPS (TLS 1.2+). Session cookies are httpOnly and secure. OAuth tokens are stored encrypted at rest. Uploaded files use randomised storage keys and are deleted immediately after processing. We do not store passwords.

In the event of a data breach likely to risk your rights, we will notify you and the ICO within 72 hours as required by UK GDPR.

12. Cookies and Local Storage

SchoolSphere uses a single session cookie to keep you logged in. This cookie is strictly necessary for the app to function and does not track you across other websites. We do not use advertising cookies, analytics cookies, or third-party tracking cookies.

The app also uses browser local storage to cache your preferences (such as selected child filter and calendar view) so the app loads faster. This data is stored only on your device and is never transmitted to our servers. It is cleared when you log out or clear your browser data. We do not use device identifiers or fingerprinting techniques.

13. School Website Term Dates

Term dates retrieved from school websites are provided for convenience only and may not be accurate. Always verify important dates directly with your school. We are not affiliated with any school.

14. Changes to This Policy

If we make material changes to this policy, we will notify you by email (to the address associated with your account) and via an in-app banner, where possible, before the changes take effect. We will ask you to review and acknowledge the updated policy. Minor clarifications that do not affect your rights will be made without notice, but the version number and date at the top of this page will always reflect the most current version.

Previous versions of this policy are available on request by emailing privacy@schoolsphere.app.

15. Contact Us

Version 2.1 · Last updated 11 June 2026 · SchoolSphere Ltd, England and Wales