Privacy Policy

Rocket Learning is operated by Rocket Software Ltd, a company registered in the Isle of Man (company number 136537C), with its registered office at 9 Auldyn Walk, Ramsey, Isle of Man, IM8 2TN.

We are the data controller for the personal data processed through the Rocket Learning platform (web application and iPad app). Our ICO registration number is R990140. We are also registered with the Isle of Man Information Commissioner where required.

We are not required to appoint a statutory Data Protection Officer under UK GDPR Article 37. Our Data Protection Contact is Leon, founder of Rocket Software Ltd. For any data protection matter, contact [email protected]and mark your message “Data Protection”.

We process personal data in compliance with the Isle of Man Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and the EU GDPR where applicable.

Each processing purpose has a specific lawful basis:

For children's data, we additionally rely on Article 8 UK GDPR (parental consent for information society services where consent is the lawful basis, for children under 13).

Parent/Guardian accounts:

• Username, email address, first name, last name
• Password (stored as a one-way bcrypt hash; we cannot read your password)
• Apple ID (if using Apple Sign-In)
• Marketing and weekly report email preferences
• IP address and user agent (for consent audit trail only)

Student accounts:

• Username, first name, last name
• Date of birth (optional, provided by parent)
• Year group
• Avatar component selections

Guest accounts:

• Auto-generated or chosen username
• Year group and selected subjects
• Parent/guardian email address (required for under-13 users)
• Parental consent timestamp (for under-13 users)

Usage data (all users):

• Lesson completion records, scores, and accuracy
• Interactive puzzle responses
• Exam attempt results and marks
• RocketFuel balance and transaction history
• League tier, leaderboard position, and earned badges
• Streak data and daily activity
• Skill progress and mastery levels

Payment data:

We do not store credit or debit card details. Card payments are processed by Trust Payments (SecureTrading) and Apple (for iPad In-App Purchases). We store only subscription status, billing dates, and transaction reference IDs for our records.

AI tutor data (where AI tutor consent has been granted):

• Student first name, age, and year group (context for educational responses)
• The text of messages sent by the student to the AI tutor, and the tutor's responses — sent to Anthropic for processing but not retained in our database
• Session metadata: lesson, duration, message lengths, timestamps (retained for operational monitoring)
• Long-term learning context: topics the child has struggled with, which teaching approaches have been effective or ineffective, average help-seeking patterns (retained to improve the tutor's continuity across sessions)

Flagged message content. If a student's message to the AI tutor is flagged by our moderation system as indicating a potential safeguarding concern (such as self-harm indicators), the message text is stored — up to 2000 characters — so that a parent can review it via the Safeguarding Alerts page in Parent Zone. See §9 for how safeguarding data is handled.

Safeguarding and moderation data:

• Automated moderation flags raised on student messages (category and confidence score)
• Records of any safeguarding events detected, including timestamp and action taken (e.g. parent notified, crisis resources displayed)
• Parent acknowledgement of safeguarding notifications

Device and technical data:

• Device type, operating system, app version
• Crash and diagnostic data (no personal content, used only to fix technical issues)
• iPad push notification tokens (if you have enabled notifications)

• To provide and operate the platform (lessons, exams, puzzles, progress tracking)
• To manage your account, subscription, and billing
• To personalise learning through adaptive lesson selection (see §7 for how we approach profiling for children)
• To generate and send weekly progress reports to parents who have enabled them
• To operate gamification features (leaderboards, leagues, RocketFuel rewards, badges)
• To power the AI tutor, where parental consent has been granted
• To screen student messages for content that may indicate harm, including safeguarding concerns, and to act on detected concerns (see §9)
• To send marketing communications, where consent has been granted
• To improve the platform through aggregated, anonymised usage analysis that cannot be traced back to individuals

We share the minimum data necessary with the following third-party services. All processors below act on our instructions under written data processing agreements or their published standard terms. Apple and Trust Payments are independent controllers for their specific processing (payment authorisation and fraud checks).

AI provider training data position. Anthropic and OpenAI do not train their models on API data under their standard API terms. We currently rely on these standard terms rather than configuring additional zero-retention arrangements. This means data sent to these providers is subject to their default retention windows for abuse monitoring and operational purposes, but is not used to train their models.

What we do not do. We do not sell personal data. We do not use personal data for advertising. We do not share data with advertising networks or data brokers.

Provider privacy policies. You can read each of our processors' privacy policies directly:

• Anthropic — https://www.anthropic.com/legal/privacy
• OpenAI — https://openai.com/policies/privacy-policy
• Google Cloud — https://policies.google.com/privacy
• Trust Payments — https://www.trustpayments.com/privacy-policy/
• Apple — https://www.apple.com/legal/privacy/
• DigitalOcean — https://www.digitalocean.com/legal/privacy-policy
• Microsoft — https://privacy.microsoft.com/en-gb/privacystatement
• Mailchimp — https://www.intuit.com/privacy/statement/

Rocket Learning is designed for use by children aged 5 to 16 under parental supervision. We process children's data in compliance with UK GDPR, the Isle of Man Data Protection Act 2018, and the ICO Age Appropriate Design Code (“the Children's Code”). We do not rely on COPPA (a US framework); we mention it only to note that our standards meet or exceed COPPA requirements for any US visitors.

Our Children's Code commitments:

• High privacy defaults for optional features. Optional features that involve additional data sharing — AI tutoring, marketing emails, and third-party AI sharing — are off by default on new child profiles. A parent must actively enable each one. Core platform functionality (lesson delivery, adaptive learning, progress tracking) operates from the moment the account is created because these are the service you have subscribed to — see §7 below for the distinction.
• Data minimisation. We collect only the data we need to deliver the service. Date of birth is optional and used only to align content to the correct year group.
• Profiling off by default. We use skill-progress data to adapt lesson difficulty for the individual child. This is limited to the educational service itself and is not used to make decisions with legal or similarly significant effects. See §7.
• No detrimental use of data. We do not use children's data in ways we have reason to believe would be detrimental to their wellbeing.
• No nudge techniques that harm. Our gamification (RocketFuel, leaderboards, streaks) is designed to support engagement with learning. We review these features for excessive-engagement risks and do not use dark patterns.
• No behavioural advertising. We do not serve advertising to children. We do not share children's data with advertising networks.
• Age-appropriate transparency. We write our policies in plain English and provide an “In a Nutshell” summary at the top of this document.
• Parental controls. Parents can view their child's activity, manage consent, and request deletion at any time from the parent dashboard.

Under-13 users: Guest accounts for children under 13 require a parent or guardian's email address and explicit consent before creation, in line with UK GDPR Article 8. Student accounts for under-13s are created and managed only via a parent account.

AI features: AI tutoring for any child requires separate parental consent, which can be granted or withdrawn at any time from the parent dashboard.

Concerns: If you have a concern about how we handle your child's data, please contact [email protected] marked “Children's Privacy”.

Rocket Learning adapts each lesson to your child's current skill level. The platform uses your child's own answers to previous questions to select the next lesson at an appropriate difficulty — harder when they're doing well, easier when they're struggling, with review lessons where skills are at risk of fading. This is the central educational mechanism of the platform.

Lawful basis: performance of contract (UK GDPR Article 6(1)(b)). When you subscribe to Rocket Learning, you are subscribing to an adaptive learning platform. Delivering lessons tailored to each child's skill level is the core of the service, not an optional feature. We therefore process your child's learning data on the basis that it is necessary to perform our contract with you. We do not rely on consent for this processing, because consent can be freely withdrawn without consequence — and adaptive learning cannot be withdrawn without fundamentally changing the product you've paid for.

Under UK GDPR Article 4(4), this form of automated adaptation is technically classified as profiling. We disclose this here for transparency. It is limited strictly to:

• Selecting the next lesson or question at an appropriate difficulty level for the individual child
• Recommending topics based on areas where the child is progressing or struggling
• Generating the weekly progress report

It is not automated decision-making with legal or similarly significant effects under Article 22. Nothing the platform decides about your child affects their statutory rights, their grades from exam boards, their access to education outside the platform, or any outcome beyond which lesson Rocket Learning shows them next.

What we do not do. In line with the ICO Children's Code, we do not use your child's data for:

• Behavioural advertising or any advertising
• Building long-term behavioural profiles beyond the educational service
• Profiling for any purpose outside the Rocket Learning platform
• Sharing with advertising networks or data brokers (we have none)

Your right to object. Under UK GDPR Article 21, you have the right to object to processing based on performance of contract. If you object to the adaptive learning processing, we cannot continue providing the service, because adaptive learning is the service. In that case we will close the account and provide a pro-rata refund of any unused subscription period. To object, contact [email protected].

Other forms of processing that are optional. Separate from adaptive lesson selection, we offer three features that involve additional or third-party data processing. These are genuinely optional, operate on the basis of consent, and can be turned on or off at any time from Parent Zone:

• AI tutor (Claude by Anthropic) — helps your child when they get stuck
• Marketing emails — occasional updates about new features or offers
• Third-party AI sharing — controls whether we can use external AI providers for supplementary features

Each can be granted, revoked, and managed independently. See §8 for how consent management works.

We operate a granular consent system. Parents can manage the following consents for their children:

• Contract Performance (not based on consent): Certain processing of personal data is necessary for us to provide the platform to you — for example, login, subscription management, lesson delivery, and progress tracking. The lawful basis for this processing is contractual necessity under UK GDPR Article 6(1)(b), not consent. If you do not wish this processing to take place, you will need to close your account.
• AI Tutor: For AI-assisted tutoring features. Optional; can be withdrawn at any time.
• Marketing: For promotional emails to parents. Optional; can be withdrawn at any time.
• Third-Party AI: For sharing data with AI providers. Optional; can be withdrawn at any time.

All consent actions (grants and withdrawals) are logged with a timestamp, IP address, and platform identifier for audit purposes.

Our safeguarding systems screen student messages sent to the AI tutor and other interactive features for indicators of harm (including self-harm, grooming, and other concerns). This screening uses automated content moderation (currently OpenAI) and is a separate process from AI tutoring.

When a concern is detected:

• The event is logged with a timestamp, category, and confidence score
• Crisis support resources may be surfaced to the student
• The parent account may be notified
• In rare cases, we may take further action if we reasonably consider it necessary to protect a user

Lawful basis: We process safeguarding data on the basis of legal obligation and, where applicable, vital interests (UK GDPR Article 6(1)(c) and (d)). This processing cannot be disabled by withdrawing consent.

Who sees safeguarding data: Safeguarding records are accessible only to authorised personnel on a strict need-to-know basis.

External disclosure: We do not routinely share safeguarding data with any external party. In rare cases, we may disclose information to emergency services, safeguarding authorities, or law enforcement where we reasonably believe this is necessary to protect life or prevent serious harm, and where such disclosure is lawful.

Retention. Safeguarding records are retained with their message content and context for as long as the account is active. On account deletion, message content and conversation context are permanently anonymised (set to null) but the incident metadata (type, severity, date, review status) is retained for our safeguarding records. Scheduled deletion of older anonymised records is a planned future enhancement; at present anonymised safeguarding metadata is retained indefinitely as part of our safeguarding obligations.

Your data is stored on servers operated by DigitalOcean, primarily in UK and EU data centres.

Our security measures include:

• Encryption in transit using TLS/SSL for all connections
• Encryption at rest for database storage
• One-way bcrypt hashing for passwords — we cannot read your password
• Role-based access controls limiting who can access production data
• Multi-factor authentication required for administrative access
• Regular dependency and platform updates
• Periodic internal review of security configuration

Payments. Card details are never stored on our systems. Web payments are processed on Trust Payments' hosted payment page; card details are entered directly with them. iPad subscriptions are processed by Apple through the App Store; we receive only a transaction reference and subscription tier information. We maintain payment transaction records (amounts, dates, references, but not card details) for tax and accounting purposes as required by HMRC and Isle of Man tax law.

The iPad app caches lesson content locally using Apple's standard on-device storage (SwiftData, Keychain, and UserDefaults). Cached data is removed when you delete the app.

Despite our measures, no online service can be guaranteed completely secure. If a personal data breach occurs that is likely to result in risk to your rights or freedoms, we will notify the Isle of Man Information Commissioner and/or the UK Information Commissioner's Office within 72 hours as required by law, and we will notify affected users without undue delay where the breach is likely to result in a high risk to their rights or freedoms.

Your data is primarily stored in the UK and EU. Some of our processors are based outside the UK/EU (principally in the United States). Where transfers to third countries occur, we rely on one or more of the following safeguards:

• The UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses
• The UK Extension to the EU-US Data Privacy Framework, where the processor is DPF-certified
• The European Commission's Standard Contractual Clauses for EU-origin data

We carry out transfer risk assessments where required, and we rely on the data processing agreements in place with each provider. You can request details of the safeguards in place for any specific transfer by emailing [email protected].

We retain personal data only for as long as necessary for the purposes set out in this policy. Our retention schedule is:

Inactive accounts. If an account shows no activity (no parent login and no child activity) for 24 months, we will email the parent account holder to check whether they wish to keep the account. If the account remains inactive for a further 6 months (30 months total), we will delete the account and associated data, except for categories we are legally required to retain above.

You may delete your account at any time, via any of the following:

• In the iPad app: Settings → Account → Delete Account
• On the web: Parent Zone → Profile → Delete Account
• By email: [email protected]

All three routes use the same deletion process.

When a parent account is deleted, all associated child profiles and their data are deleted in the same operation.

Deleted immediately on account closure:

• Personal profile information (names, email, credentials)
• Lesson progress, scores, and attempt history
• RocketFuel balances, leaderboard entries, avatar customisations, badges
• AI tutor conversation history
• Marketing preferences
• Active session and cache data

Retained for the periods set out in §12 (Data Retention):

• Payment and subscription records (7 years, for tax and accounting compliance)
• Consent audit logs (7 years)
• Safeguarding records (7 years, where any safeguarding event was logged)

Retained records are minimised and access is restricted. They are permanently deleted at the end of the applicable retention period.

For users who signed in via Apple, we also revoke Apple Sign-In tokens on account deletion. If you have an active Apple subscription, you must cancel it separately via your Apple ID settings.

Under UK GDPR and Isle of Man data protection law, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Ask us to correct inaccurate or incomplete data.
• Erasure: Request deletion of your personal data (see §13).
• Restriction: Ask us to limit how we process your data in certain circumstances.
• Portability: Request your data in a structured, machine-readable format.
• Object: Object to processing based on legitimate interests or performance of contract. Note that objecting to the adaptive lesson selection (which is processed on the basis of performance of contract, see §7) cannot be accommodated while continuing the service — the platform would no longer be able to function as advertised. In that case we will close the account and provide a pro-rata refund for any unused subscription period.
• Withdraw consent: Withdraw any consent previously given, at any time.
• Complain: Lodge a complaint with a supervisory authority at any time (see §19).

To exercise any of these rights, contact us at [email protected]. We will respond to requests within one calendar month of receipt. For complex or numerous requests, we may extend this by up to two further months and will tell you within the first month if we need to do so. Most requests are free; we may charge a reasonable fee or refuse to act on a request that is manifestly unfounded or excessive, in line with UK GDPR Article 12(5).

Parents/guardians: A parent or guardian of a child under 16 may exercise any of the rights in §14 on behalf of the child.

Children under 13: Rights are exercised by the parent or guardian who holds the account.

Children aged 13 to 17: The child may exercise their own rights where they have the capacity to understand what is being asked. We will consider each request on its merits and may, where appropriate, consult with the parent or guardian. If there is disagreement between a child and parent about how rights are exercised, we will act consistently with UK GDPR and ICO guidance.

Verification: Before acting on any rights request, we will take reasonable steps to verify the identity of the person making the request and, where relevant, their authority to act on behalf of a child.

The Rocket Learning web application uses only strictly necessary cookies. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. Because all our cookies are strictly necessary, we do not require a cookie consent banner under the Privacy and Electronic Communications Regulations.

The cookies we use are:

We use browser local storage to persist session state and UI preferences. No personally identifiable information is stored in local storage beyond what is necessary for the application to function.

The iPad app does not use cookies. Session data is stored securely using iOS Keychain and UserDefaults.

You can clear cookies at any time through your browser settings. Clearing the session cookie will log you out but will not delete your account data.

If you have opted in to marketing communications, we may send you emails about new features, content updates, and promotional offers via Mailchimp. You can unsubscribe at any time using the link in any marketing email, or by updating your preferences in your account settings.

Weekly progress reports are sent to parents who have enabled them. These are a platform feature, not marketing, and are managed separately from marketing preferences.

We may update this privacy policy from time to time. Material changes will be communicated via email or in-platform notification at least 30 days before they take effect, to give you time to review and, if you disagree, exercise your rights. Minor changes (such as typographical corrections) will take effect on posting. The “Last updated” date at the top of this page indicates the most recent revision.

If you are unhappy with how we handle your data, please contact us first at [email protected].

You also have the right to lodge a complaint with a supervisory authority. For Isle of Man residents, this is the Isle of Man Information Commissioner (inforights.im). For UK residents, this is the Information Commissioner's Office (ico.org.uk).

For any questions about this privacy policy or your personal data:

• Email: [email protected]
• Post: Rocket Software Ltd, 9 Auldyn Walk, Ramsey, Isle of Man, IM8 2TN
• Data Protection Contact: Leon, Founder
• ICO Registration: R990140