Privacy Policy

Last updated: 2 October 2025

This Privacy Policy explains how Parent Portal Ltd (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our website and services. It also explains your rights under UK GDPR and the Data Protection Act 2018.

We use personal data to provide and improve the service. By using the service, you agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

Words with initial capital letters have meanings defined below. The following definitions apply whether they appear in singular or plural.

Definitions

For the purposes of this Privacy Policy:

  • Account means a unique account created for you to access our service or parts of our service.

  • Company (referred to as “the Company”, “we”, “us” or “our”) refers to Parent Portal Ltd.

  • Cookies are small files placed on your device by the website to store information such as login credentials and preferences.

  • Country refers to the United Kingdom.

  • Device means any device that can access the service such as a computer, mobile phone, or tablet.

  • Personal Data is any information relating to an identified or identifiable individual.

  • Service refers to the website and the Parent Portal platform.

  • Service Provider means any natural or legal person who processes data on behalf of the Company.

  • Usage Data refers to data collected automatically, generated by the use of the Service or from the Service infrastructure itself.

  • Website refers to the Parent Portal website, accessible at https://parentportal.com/.

  • You means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

  • School refers to any educational organisation that uses the Service, including nurseries, primary and secondary schools, colleges, and similar settings.

Who is the Data Controller?

For information processed within the Parent Portal platform, the School is the Data Controller. Parent Portal Ltd is the Data Processor and processes personal data only on the School’s documented instructions. For information collected via our marketing website (for example, contact forms), Parent Portal Ltd is the Data Controller.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

  • Email address

  • First name and last name

  • Phone number (if provided)

  • Relationship to pupil (for parent or guardian users)

  • School, class, year group (as configured by the School)

  • Usage Data

Usage Data

Usage Data is collected automatically when using the Service and may include your IP address, browser type and version, pages visited, time and date of visit, time spent on pages, device identifiers, and diagnostic data. When accessing via a mobile device, we may collect device type, operating system, and mobile browser information.

Tracking Technologies and Cookies

We use Cookies to provide essential functionality, enhance performance, and remember preferences.

  • Necessary / Essential Cookies

    Type: Session Cookies | Administered by: Us

    Purpose: Required to operate core features, authenticate users, and prevent fraudulent use of accounts.

  • Cookies Policy / Notice Acceptance Cookies

    Type: Persistent Cookies | Administered by: Us

    Purpose: Records whether you have accepted our use of cookies.

  • Functionality Cookies

    Type: Persistent Cookies | Administered by: Us

    Purpose: Remembers choices such as login preferences and language to provide a more personal experience.

You can instruct your browser to refuse Cookies. If you do not accept Cookies, some parts of the Service may not function correctly.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including monitoring usage, resolving issues, and improving performance.

  • To manage your Account, including access control and user support.

  • For the performance of a contract, including providing the platform to your School.

  • To contact you about service updates, security notices, or important changes.

  • To support school–home communication, including announcements, homework, attendance, reports, clubs, safeguarding forms, and payments where enabled by the School.

  • For analytics and improvement, using aggregated or anonymised data that does not identify individuals.

  • To comply with legal obligations, including safeguarding and statutory reporting where required of Schools.

Sharing Your Personal Data

We do not sell personal data. We may share data as follows:

  • With the School that controls the data within the platform.

  • With Service Providers who support hosting and backup under GDPR-compliant contracts: OVH UK (hosting) and Wasabi UK (backup storage).

  • With authorities if required by law or to protect vital interests.

  • With your consent for any other purpose you have agreed to.

Retention of Your Personal Data

Personal Data is retained only for as long as necessary to provide the Service or as instructed by the School. When a School ceases using the Service, data is exported for the School and securely deleted from our systems within 30 days. Usage Data may be retained for a shorter period unless required for security or to improve functionality.

Location, Storage, and Transfers

Live systems are hosted on OVH UK servers and encrypted backups are stored on Wasabi UK servers. Data is stored in the United Kingdom. We do not routinely transfer personal data outside the UK. If a transfer is required, appropriate safeguards will be applied in accordance with UK GDPR.

Security of Your Personal Data

We employ layered security including encryption in transit (TLS/HTTPS) and at rest, firewalls, access controls, monitoring, regular patching, and independent security testing. While no method of transmission or storage is completely secure, we take appropriate steps to protect your data.

Children’s Privacy

The platform processes pupil information configured by the School. For children’s data, the School determines what is collected and shared. Where parents or guardians supply information about a child, it is processed strictly for the purposes of the Service and, where applicable, shared with the School in a clear and transparent manner.

Your Data Protection Rights

Under UK GDPR, you have rights to access, rectification, erasure, restriction, objection, and data portability, and the right to withdraw consent where processing is based on consent. To exercise your rights for pupil or parent data within the platform, please contact your School in the first instance. You also have the right to complain to the Information Commissioner’s Office (ICO).

Links to Other Websites

Our Service may contain links to third-party websites. We are not responsible for the content or privacy practices of those sites. We recommend you review the privacy policy of every site you visit.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the new Privacy Policy on this page and update the “Last updated” date at the top.

Contact Us

For privacy questions relating to the platform data controlled by your School, please contact the School directly. For website enquiries or technical matters, you can contact us: