Privacy Policy

Last updated: 4th February 2026

ReadingSpace Ltd ("ReadingSpace", "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when schools, parents, and children use the ReadingSpace app and website.

This policy has been written with UK schools and families in mind and complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.


1. Who we are

Data Controller: ReadingSpace Ltd
Website: https://www.readingspace.app
Contact email: info@readingspace.app

When ReadingSpace is used by a school, the school is typically the Data Controller and ReadingSpace acts as a Data Processor. When ReadingSpace is used directly by families, ReadingSpace acts as the Data Controller.

2. What data we collect

We collect only the minimum data required to operate ReadingSpace safely and effectively.

a) Child user data

  • First name

  • Surname

  • Year group

  • Reading activity data (books logged, reading streaks, rewards earned)

  • In-app progress linked to the ReadingSpace storyline

We do not collect:

  • Home addresses

  • Photos

  • Contact details for children

  • Social or messaging data

b) Parent or guardian data

  • Email address

  • Parent PIN (used to verify reading sessions)

c) Teacher and school data

  • Name

  • School email address

  • School name

  • Class-level or group-level reading data (not behavioural or academic assessment data)

d) Technical data

  • Device type

  • App usage information

  • Error and performance data

3. How we use personal data

We use personal data only to:

  • Support children in building regular reading habits

  • Allow teachers to view reading engagement data

  • Prevent misuse of the app (e.g. false reading claims)

  • Maintain the safety and functionality of the platform

  • Respond to enquiries and provide support

ReadingSpace is not designed to assess reading ability or comprehension. Any verification questions exist solely to discourage misuse and confirm that reading has taken place.


4. Lawful basis for processing

Under UK GDPR, we rely on the following lawful bases:

  • Public task – when ReadingSpace is used by schools as part of their educational provision

  • Legitimate interests – to operate and improve the service safely and effectively

  • Consent – where required, particularly for family accounts

Schools remain responsible for ensuring appropriate parent communication and consent where necessary.

5. Data storage and security

  • All data is stored securely using GDPR-compliant cloud infrastructure

  • Data is stored within the UK or EU

  • Access to data is restricted and protected by authentication controls

  • Regular security reviews are carried out

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, or misuse.


6. Data sharing

We do not sell or rent personal data.

Data may only be shared with:

  • Approved service providers acting as data processors (e.g. hosting providers)

  • Schools, limited to their own pupils and aggregated data

  • Legal or regulatory authorities where required by law

All third-party processors are required to meet GDPR standards.


7. Data retention

We retain personal data only for as long as necessary:

  • School data is retained for the duration of the school’s use of ReadingSpace

  • Data can be deleted upon request by the school or parent

  • Inactive accounts may be anonymised or deleted after a reasonable period


8. Children’s privacy

Protecting children’s privacy is central to ReadingSpace.

  • Children cannot communicate with other users

  • No advertising or marketing is shown to children

  • Parents and schools maintain oversight of usage

  • Data collected is strictly limited to reading engagement

9. Your rights

Under UK GDPR, individuals have the right to:

  • Access their personal data

  • Request correction of inaccurate data

  • Request deletion of data

  • Restrict or object to processing

  • Request data portability

Requests can be made via info@readingspace.app. Schools may also submit requests on behalf of pupils.


10. Data breaches

In the event of a data breach, ReadingSpace will:

  • Investigate and contain the issue promptly

  • Notify affected schools and users where required

  • Report the breach to the ICO if legally necessary


11. Changes to this policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated via the website or directly to schools.


12. Contact us

If you have any questions about this Privacy Policy or how data is handled, please contact:

Email: info@readingspace.app


This policy is intended to support transparency and trust for schools, parents, and families using ReadingSpace.