Draft for solicitor review. [COMPANY NAME] · [REGISTERED ADDRESS]
This app is designed for children aged about 5–11. Parents and guardians create profiles and control data on the device. This policy explains what we collect, why, and your rights.
1. Who we are
Data controller: [COMPANY NAME], trading as SpellBands.
Address: [REGISTERED ADDRESS]
Website: www.spellbands.co.uk
Privacy contact: privacy@spellbands.co.uk ([DATA PROTECTION CONTACT])
2. Data on your device (no account required)
By default, child profiles and progress are stored in browser/app local storage and are not sent to our servers.
| Data | Purpose |
|---|---|
| Child profile name & age band | Personalise gameplay |
| Spelling progress, levels, streaks | Save learning journey |
| Badges & achievements | Motivation |
| Theme, avatar, sound settings | Preferences |
| Signed entitlement token | Unlock paid content after purchase |
| Word etymology cache | Performance (words only, 30-day TTL) |
| TTS usage counters | API budget limits (not child identity) |
Lawful basis: Legitimate interests (UK GDPR Art. 6(1)(f)), providing the service with minimal data, stored locally.
3. Optional parent account (Supabase)
Accounts are for parents/guardians aged 18+, not children.
- Email address, sign-in and recovery
- Optional display name
- Purchase entitlement flag
Cloud sync of child profiles is not currently live (types exist for future development only).
Lawful basis: Contract (Art. 6(1)(b)).
4. Purchases
- Web (Stripe): payment processed by Stripe; we may receive email (guest checkout) and entitlement status, not card numbers.
- iOS / Android (RevenueCat): Apple or Google process payment; we receive entitlement status via RevenueCat.
5. Feedback
We may store your message, optional contact email, optional user ID, and a hashed IP address for rate limiting (5 submissions per hour).
6. Optional online features
Text-to-speech (Azure)
If enabled, individual words are sent to Microsoft Azure Speech (UK South when configured). No child name or profile data is sent. Default device speech synthesis processes locally.
Dictionary (Word Detective)
Individual words are sent to dictionaryapi.dev. No personal data.
7. Marketing analytics (website, consent required)
If you click Accept on our cookie banner, we load the Meta Pixel (ID 2028526094425499) to measure ad performance. Events may include page views and checkout steps. We do not send child names or spelling data. Click Reject to opt out. See our Cookie Policy.
8. Children's privacy (UK GDPR, AADC, COPPA-style)
We do not knowingly collect contact information directly from children under 13 for accounts. Child profiles are managed by parents on the device. We do not profile children for commercial advertising or sell children's data.
Contact privacy@spellbands.co.uk if you believe a child provided personal data without consent.
9. Processors & sharing
| Service | Purpose | Data |
|---|---|---|
| Supabase | Auth, database, edge functions | Parent email, entitlements, feedback |
| Vercel | Hosting | Standard server logs |
| Stripe | Web payments | Payment metadata (not card numbers) |
| Apple / Google / RevenueCat | App purchases | Store transaction data |
| Microsoft Azure | Optional TTS | Words only |
| dictionaryapi.dev | Definitions | Words only |
| Meta Platforms | Marketing analytics (consent) | Events, device identifiers |
| Resend | Feedback email alerts | Feedback content |
Recraft AI is used offline in development scripts to generate artwork, not at runtime in the app.
10. International transfers
Where data leaves the UK, we use appropriate safeguards (UK IDTA, SCCs, or adequacy) with our processors.
11. Retention
- Device data: until you delete profiles, clear storage, or uninstall
- Accounts: while active; deleted within 30 days of verified deletion request
- Etymology cache: 30 days per word
- Feedback: up to 24 months
12. Your rights
Access, rectification, erasure, restriction, objection, portability, and complaint to the ICO (ico.org.uk). Email privacy@spellbands.co.uk, we respond within 30 days.
Delete device data via profile delete or device settings. Account deletion: email us (self-serve UI planned).
13. Security
HTTPS, Supabase Row Level Security, hashed feedback IPs, HMAC-signed local entitlement tokens. Purchases handled by Apple, Google, or Stripe.
14. Changes
We update the "Last updated" date and notify account holders of material changes where appropriate.
15. Contact
[COMPANY NAME] · [REGISTERED ADDRESS]
Privacy: privacy@spellbands.co.uk
General: hello@spellbands.co.uk