Privacy Policy

Effective date: 5 November 2025

Summary (Private Teachers Launch)

Lingjo complies with UK GDPR and the Data Protection Act 2018. During our initial launch phase focused on private teachers, a student email can be connected to teacher/school at a time. If a private teacher deletes their account, we delete the student data linked to that teacher but do not delete the student's account automatically.

1. Who we are

Lingjo (“we”, “us”, “our”) provides learning and assessment tools for teachers and students. We are the data controller for most processing described here. Where we act strictly on behalf of a school/institution under contract, we may act as a data processor.

Registered business name: Lingjo. See Section 17 for contact details.

2. Scope (launch focus)

This policy covers personal data processed via Lingjo’s websites, apps, and related services. During our initial launch we focus on private teachers and their invited/linked students.

3. Data relationships & limits

One-Teacher/School Mapping

Each student email can be connected to one school or private teacher at any given time.
If a student needs to switch teacher/school, the previous connection must be removed before a new connection is made.

Account Deletion Behaviour

When a private teacher deletes their account, Lingjo deletes the student data associated with that teacher — e.g., assignments, feedback, scores, enrolment links — to uphold data minimisation.
We do not automatically delete the student’s own account. Students may delete their account at any time through in-product settings or by contacting us.
Where we act as a processor for a school, we will follow the school’s instructions and retention policies.

4. Lawful bases

Performance of a contract: account access, classroom features, assessment, account administration.
Legitimate interests: platform security, service improvement, preventing abuse, learning analytics consistent with user expectations.
Consent: optional communications and non-essential cookies; parental consent for under-13s where required.
Public task: when we process on behalf of schools fulfilling educational duties.

5. Data we collect

Categories of personal data
Category	Examples	Purpose	Lawful basis
Account & Identity	Email; display name (optional); role (student/teacher); teacher–student linkage	Create/manage accounts; link students to a single teacher/school	Contract; Legitimate interests; Public task
Authentication (via Clerk)	Session tokens; sign-in logs; MFA status	Secure login and session management	Contract; Legitimate interests
Education Records	Assignments, submissions, scores, teacher feedback, progress	Provide learning and reporting features	Contract; Public task
Usage & Device	App interactions, timestamps, IP address, device/browser metadata	Security, reliability, service improvement	Legitimate interests; Consent for non-essential analytics
Support & Communications	Support tickets, email threads, in-app messages	Resolve issues; service updates	Contract; Legitimate interests; Consent (marketing)

We do not intentionally collect special category data. If such data is shared inadvertently, we will minimise, delete, or protect it appropriately.

6. How we use data

Operate and secure accounts, classes, and assessments.
Authenticate users and protect sessions.
Provide teacher dashboards and student progress tracking.
Detect/prevent fraud and misuse.
Improve performance and user experience.
Provide support and service communications.
Use aggregated/anonymised data to inform improvements.

7. Cookies & tracking

We use strictly necessary cookies (e.g., authentication). With your consent, we may use analytics cookies to understand usage. Manage preferences via your browser or in-product controls (where available).

8. Sharing & processors

We do not sell personal data. We use vetted service providers under UK GDPR-compliant terms, limited to what’s necessary.

Our core processors
Processor	Role	Data handled	Primary region
Clerk	Authentication & identity	Sign-in data, sessions, MFA status	EU region (e.g., eu-west)
Cloud/Hosting Provider	Infrastructure & databases	App data, encrypted at rest	UK/EU
AI/LLM Provider (e.g., OpenAI)	Language processing for selected features	Pseudonymised prompts/content; no direct identifiers by default	EU/UK where available; else SCCs

Disclosures may occur where required by law, to protect users, or to defend our legal rights, following due process.

9. Third-party AI & API services (anonymised)

No direct identifiers by default: we remove or pseudonymise names, emails, IDs before requests.
Minimum necessary: only the text needed to fulfil a feature (e.g., paragraph of an essay) is sent.
Provider controls: where available, we disable provider training on your data and request minimal retention.
Regional processing & safeguards: UK/EU preferred; otherwise adequacy/SCCs with additional measures.
School/teacher controls: AI features can be disabled or limited on request.

10. Retention & deletion

We retain personal data only as long as necessary for the purposes described or as required by law/contract.
Teacher deletion: when a private teacher deletes their account, Lingjo deletes the student data linked to that teacher (assignments, feedback, scores, and linkage). The student’s account remains; students may delete their account separately at any time.
Backups are encrypted and retained for limited periods before secure deletion.

11. Security

Technical

TLS for data in transit; encryption at rest.
Secrets management; no hard-coded credentials.
RBAC and least-privilege access.
Admin access audit logging.
Regular patching and dependency scanning.
Signed webhooks (e.g., Clerk) with signature verification.

Organisational

Data Protection Impact Assessments where required.
Staff confidentiality & access training.
Incident response & disaster recovery plans.
Vendor due diligence and DPAs with processors.
Privacy by design & default.

12. Children’s Code (Age-Appropriate Design Code)

High-privacy defaults for under-18 users.
Clear, age-appropriate explanations of settings and features.
Parental consent for under-13 account creation where required.
Geolocation/social features off unless strictly needed.

13. International transfers

We prefer UK/EU processing and storage. Where transfers/access occur outside the UK/EU, we rely on adequacy regulations or Standard Contractual Clauses with appropriate safeguards.

14. Your rights

Under UK GDPR, you can request access, rectification, erasure, restriction, portability, or object to processing. When processing is based on consent, you can withdraw consent at any time. To exercise your rights, contact us via Section 17. Where we act as a processor for a school, we may redirect your request to the controller.

15. Breaches & reporting

We investigate all personal data incidents. Where required, we notify the ICO within 72 hours and affected users without undue delay if there is a high risk to their rights and freedoms.

16. Changes to this policy

We may update this policy to reflect changes in the law, guidance, or our services. We will post updates here and, where appropriate, provide in-app or email notices.

17. Contact & Data Protection Officer

If you have questions or wish to exercise your rights, contact:

Emailprivacy@lingjo.com
PostalLingjo, [Business Address], United Kingdom

Data Protection Officer (DPO): [Name], dpo@lingjo.com. If you are unsatisfied with our response, you may contact the UK Information Commissioner’s Office (ICO).

Clerk Authentication Notice

We use Clerk for authentication. Clerk acts as our data processor and stores authentication data in the EU region. We do not store user passwords.

EU region configured for auth data
MFA enforced for admin accounts
Session/device management & signed webhooks