Easy Spelling Privacy Policy

1. Introduction

Easy Spelling (“we”, “our”, “us”) is committed to protecting the privacy and security of all users, including schools, teachers, students, parents, and website visitors.

We take a simple, minimal, and responsible approach to data handling. We only collect what is necessary, protect it appropriately, and do not use it for purposes outside education.

This policy outlines how we collect, use, store, and protect information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Who This Policy Applies To

This policy applies to:

• Schools and educational organisations
• Teachers and school administrators
• Students
• Home-schooling families
• Website users

3. What Information We Collect

We follow a data minimisation approach. This means we only collect the information required to provide access, manage learning, and support schools and users.

3.1 Student Information

For students using the platform, we may collect:

• First name and surname
• Email address

This information is used only for:

• Platform access
• Progress tracking
• Certificate generation

3.2 Teachers and Administrators

For teachers and school administrators, we may collect:

• Name
• Email address
• Role within the school or organisation

This information is used to:

• Manage accounts
• Provide access to tools
• Support administration and reporting
• Monitor teacher progress where applicable

3.3 School Information

For schools or organisations, we may collect:

• School or organisation name
• Number of licences or users
• Account and access details
• Subscription and licence information

This information is used solely to manage access, subscriptions, licences, and delivery of services.

3.4 Payment Information

Payments are processed securely through Stripe. Easy Spelling does not store or access credit card, banking, or full payment details.

3.5 Technical Information

We may collect limited technical information such as:

• IP address
• Browser type
• Device information
• Basic usage data

This information helps us maintain, secure, and improve the platform.

4. How We Use Information

We use information only to:

• Deliver educational content
• Manage accounts and licences
• Track learning progress
• Issue certificates where applicable
• Communicate with users and schools
• Maintain and improve the platform

5. School Control of Student Data

When Easy Spelling is used by a school:

• The school acts as the controlling authority for student data
• Easy Spelling acts as a service provider
• The school is responsible for parental or guardian consent where required
• Student data is processed only under school instruction
• Student data is used strictly for educational purposes

6. Sharing of Information

We only share information where necessary to operate the platform. This may include essential providers such as:

• Hostinger — hosting infrastructure
• Stripe — payment processing

These providers are expected to:

• Handle data securely
• Access only the data needed for their role
• Meet appropriate privacy and security standards

We do not share personal information for marketing or unrelated purposes.

7. Data Storage & Security

We take reasonable and practical steps to protect user and school data. These safeguards include:

• Secure hosting infrastructure
• Encrypted transmission using TLS 1.2 or higher
• Secure password storage, not plain text
• Role-based access control (RBAC)
• Restricted administrative access
• Regular backups through hosting infrastructure

8. Data Storage Location

Data may be stored or processed outside Australia through trusted providers. Where this occurs, we take reasonable steps to ensure data is handled in line with Australian privacy standards.

9. Data Retention & Deletion

We retain data only for as long as necessary to:

• Provide services
• Manage licences and accounts
• Meet legal or contractual obligations

Schools and users may request:

• Deletion of user or student data
• Closure of accounts
• Correction of inaccurate information

10. Data Breaches

In the event of a data breach, we will investigate promptly, take appropriate action, notify affected parties where required, and comply with the Notifiable Data Breaches (NDB) scheme.

11. Cookies & Tracking

We use cookies and similar technologies to:

• Maintain login sessions
• Improve user experience
• Analyse basic usage patterns
• Support platform performance

Users may manage or disable cookies through their browser settings.

12. Children’s Privacy

Easy Spelling recognises that the platform may be used by students. We take extra care to keep student data limited and protected.

• We collect only minimal student information
• We do not advertise to students
• We do not profile students for marketing
• Learning progress is used only for educational purposes
• The platform operates under school or parent supervision

13. Artificial Intelligence (AI)

Easy Spelling may use limited algorithmic processing to support learning activities, such as pronunciation feedback.

We do not:

• Use generative AI chatbots for student interaction
• Train AI models using user data
• Store AI interaction data for model training
• Use open-ended AI content generation

All learning content is controlled, structured, and designed for safe educational use.

14. Access, Correction & Compliance

Users and schools may request access to their data or corrections to inaccurate information.

We aim to comply with:

• Privacy Act 1988 (Cth)
• Australian Privacy Principles (APPs)
• Notifiable Data Breaches (NDB) scheme

We also align with:

• GDPR principles, although not formally certified
• FERPA/COPPA principles, although not formally certified

HIPAA is not applicable because Easy Spelling does not collect or process health data.

Platform Security & Compliance Overview

15. Changes to This Policy

We may update this policy from time to time. Any updates will be published on our website with a revised “Last Updated” date.