๐Ÿฃ

Early Years (EYFS)

Ages 3โ€“5 ยท Nursery & Reception

Playful, milestone-led learning across the seven areas of the EYFS framework.

๐Ÿ”ฅ Popular in EYFS
Explore all EYFS โ†’
๐Ÿ“š

Key Stage 1

Years 1โ€“2 ยท Ages 5โ€“7

Reading, writing, number bonds and the Phonics Screening Check.

๐Ÿ”ฅ Popular in KS1
Explore all KS1 โ†’
๐Ÿš€

Key Stage 2

Years 3โ€“6 ยท Ages 7โ€“11

SATs, the times-tables check and the full wider curriculum.

๐Ÿ”ฅ Popular in KS2
Explore all KS2 โ†’
๐Ÿ”ฌ

Key Stage 3

Years 7โ€“9 ยท Ages 11โ€“14

Secondary foundations building toward GCSE option choices.

๐Ÿ”ฅ Popular in KS3
Explore all KS3 โ†’
๐ŸŽ“

GCSE

Years 10โ€“11 ยท Ages 14โ€“16

Exam-board-matched revision for AQA, Edexcel, OCR & WJEC.

๐Ÿ”ฅ Popular in GCSE
Explore all GCSE โ†’
๐Ÿ‘ช
Parents & GuardiansLearning at home

Support your child from EYFS to GCSE โ€” with progress you can actually see.

Why parents & guardians choose us โ†’ ๐Ÿ“ŠParent dashboard ๐Ÿ’ทFamily plans & pricing โœจCreate a child account ๐ŸŽFree resources
๐ŸŽ
Teachers & TutorsPlan, assign, assess

Curriculum-mapped resources, one-click assignment and class-wide tracking.

Why teachers choose us โ†’ ๐Ÿ“ŠTeacher dashboard ๐Ÿ’ทEducator plans & pricing ๐ŸซFor schools ๐Ÿ“šBrowse the library
๐ŸŽ’
StudentsLearn & revise

Quizzes, games and past papers mapped to exactly what you're studying.

Why students love it โ†’ ๐Ÿ“ŠStudent dashboard ๐Ÿ“šBrowse the library ๐Ÿ“Past papers & practice ๐ŸŽFree resources
๐Ÿค
Not sure which fits?

Start your free trial โ€” works for families, classes and self-study.

Start free trial โ†’ Compare all plans โ†’

LearnarooHub · Legal

Privacy Policy

Effective date: 14 June 2026 Version: 1.0 Data controller: Learnaroo Hub Ltd

Our promise, in one line: we keep only the data you give us to run your account — your details as the account holder, and the learner accounts you create — that data belongs to you, we protect it with the security measures described below, and we never sell it or share it outside our business for anyone else's purposes.

This Privacy Policy explains, in plain and transparent terms, exactly what personal data Learnaroo Hub Ltd ("we", "us", "our" — part of the Learnaroo Hub Group) collects when you use learnaroohub.com and related services (the "Platform"), and how we protect it. The Platform brings together two integrated products of the Learnaroo Hub Group: the learning side (LMS) that delivers lessons, quizzes, games, flashcards, printables and progress tracking, and the management side (MIS) that runs accounts, classes, dashboards and reporting. Because the Platform is designed for use by children, we take particular care with children's data and follow the ICO's Age Appropriate Design Code (the Children's Code).

1.Who we are (the Learnaroo Hub Group)

The data controller is Learnaroo Hub Ltd, part of the Learnaroo Hub Group, company number 17300700, registered office 20 Wenlock Road, London, England, N1 7GU. We are registered with the Information Commissioner's Office under reference to be confirmed. Our data protection contact is privacy@learnaroohub.com, and our Data Protection Officer is Humaira Ahmed.

The Learnaroo Hub Platform is delivered as two integrated products of the Learnaroo Hub Group: the LMS (learning management system — lessons, quizzes, games, flashcards, printables and progress tracking) and the MIS (management information system — account, class and pupil administration, dashboards and reporting). Both run on the same secure infrastructure under this single Privacy Policy, personal data is handled consistently across them, and it is not shared outside the Group except with the essential service providers listed in section 8.

2.Our role, your ownership and data minimisation

You own your data. The personal data in your account — your details as the account holder, and the learner accounts (for example your children, pupils or students) that you create — belongs to you and the people it is about. We hold it only as custodian to run the service for you: we do not claim ownership of it, we do not sell or rent it, and we do not share it outside our business for anyone else's purposes. You can access, export or delete it at any time (see section 13).

We keep only what is needed. By design we collect the minimum required to operate your account and deliver learning: the account holder's contact details, the learner accounts they create, and the learning and usage data those accounts generate. Beyond that we process only the limited operational data that any secure paid website must — payment status (handled by our payment provider), security and server logs, and, with your consent, anonymous analytics — as detailed in sections 3, 7 and 8.

We act as a data controller for account holders who register directly with us (for example parents/carers and individual teachers) and for visitors to our website. Where a school or organisation buys access and provides pupil data to us, we generally act as a data processor on that organisation's instructions (see section 9). This policy explains both situations.

3.Personal data we collect

CategoryExamplesSource
Account & contact dataName, email address, account type, password (stored hashed), school/organisation (if relevant)You, when you register
Child / student dataFirst name or display name, year group/key stage, assigned classes, learning progressThe supervising adult or school
Learning & progress dataModules completed, quiz scores, mastery levels, attempt counts, time-on-task, streaks, error logsGenerated as the learner uses the Platform
Transaction dataSubscription/licence, billing details, payment status (card details are handled by our payment processor, not stored by us)You and our payment processor
Technical dataDevice/browser type, IP address, log data, general location (city/region level)Automatically, when you use the Platform
Usage & cookie dataPages viewed, features used, preferencesCookies and similar technologies
Support & correspondenceMessages, enquiries, feedbackYou, when you contact us

We do not seek to collect special category data and ask that you do not submit it through the Platform.

4.Children's data and the Children's Code

Protecting children's data is central to how we operate. In line with the ICO Children's Code we:

  • treat the best interests of the child as a primary consideration in how we design and run the Platform;
  • apply high-privacy settings by default for student profiles;
  • practise data minimisation โ€” we collect only what is needed to deliver the learning experience and progress tracking;
  • do not use children's personal data for behavioural advertising and do not sell children's data;
  • keep precise geolocation off and do not track children's location beyond coarse, security-related signals;
  • avoid nudge techniques that encourage children to provide more data or weaken their privacy;
  • present privacy information in clear, age-appropriate language alongside this full policy.

Children's accounts are set up and supervised by a responsible adult. Where consent is a lawful basis and the user is a child, we rely on the consent of the parent, carer, or school as appropriate. See our Child Safety & Safeguarding Policy for related protections.

5.How and why we use data (lawful bases)

PurposeLawful basis (UK GDPR Art. 6)
Creating and managing your account; providing the Platform and ContentPerformance of a contract
Tracking learning progress and powering student, parent and teacher dashboardsPerformance of a contract; legitimate interests
Taking payment and managing subscriptions/licencesPerformance of a contract
Keeping the Platform secure and preventing fraud and abuseLegitimate interests; legal obligation
Improving and developing our services (including first-party analytics)Legitimate interests (and, where required, consent)
Responding to support enquiriesPerformance of a contract; legitimate interests
Sending service messages (e.g. renewal reminders, security notices)Performance of a contract; legal obligation
Optional marketing to adultsConsent
Meeting legal, tax and accounting obligationsLegal obligation

Where we rely on legitimate interests, we have balanced those interests against your rights and, where the data relates to a child, given the child's interests particular weight. The Data (Use and Access) Act 2025 introduced certain "recognised legitimate interests"; where we rely on these we will do so consistently with the safeguards that apply to children's data.

Where we rely on consent (for example for certain non-essential cookies or optional marketing), you can withdraw it at any time without affecting the lawfulness of earlier processing. For children using Student Accounts, the supervising adult or school provides any consent required and can withdraw it by contacting us or adjusting account settings.

7.Analytics and progress tracking

We generate learning analytics (such as completion states, mastery percentages, scores, time-on-task, streaks, and error logs) to deliver dashboards to students, parents/carers, and teachers, and to improve our Content. For children, this data is used to support learning, not to profile children for commercial purposes. We use first-party analytics to understand and improve how the Platform performs; following the Data (Use and Access) Act 2025 some low-risk first-party statistical analytics may operate without consent, while any higher-risk or third-party tracking is used only with consent as described in our Cookie Policy.

8.Who we share data with

We do not sell or rent your personal data, we do not share it outside our business for any third party's own purposes, and we never use it for advertising. Your data stays within the Learnaroo Hub Group and a small number of trusted service providers we rely on to run and protect the Platform. Those providers act only on our documented instructions, under contract, and may not use your data for their own purposes:

  • Secure UK hosting — our hosting provider stores the Platform and its data on protected servers;
  • Payment processing — our PCI-DSS-compliant payment provider processes card payments; we never see or store full card numbers;
  • Security — our web application firewall and malware-protection service processes limited technical data (such as IP addresses) to detect and block attacks;
  • Analytics (only if you consent) — anonymous website analytics that are off unless you allow them, and are never used to profile children.

Separately, and only as part of delivering the service to you, account data is visible to the people entitled to see it: parents/carers can see the progress of children on their account, and teachers or organisation administrators can see the progress of pupils in their care. We will disclose data to authorities or professional advisers only where the law requires, to protect a child's safety, or to establish or defend legal claims; and to a successor only if our business is reorganised, sold or transferred, in which case it remains protected by this policy.

9.Data we process for schools

When a school or organisation provides pupil data so its students can use the Platform, the organisation is the data controller and we are the data processor. We process that data only to provide the service and on the organisation's documented instructions, under data processing terms that meet UK GDPR Article 28. Schools remain responsible for their own privacy notices to pupils and parents.

10.International transfers

We aim to store and process personal data in the UK or European Economic Area. Where a provider processes data outside the UK, we ensure an appropriate safeguard is in place, such as UK adequacy regulations or the International Data Transfer Agreement / UK Addendum to the EU Standard Contractual Clauses. You can ask us for details of the safeguards used.

11.How long we keep data

We keep personal data only as long as necessary for the purposes set out above, then delete or anonymise it. Indicative periods:

DataRetention
Account and learning/progress dataFor the life of the account, then deleted within 12 months of closure
Transaction and tax records6 years, to meet HMRC and accounting obligations
Support correspondence24 months
Marketing consent recordsUntil consent is withdrawn, plus a short audit period

12.How we protect data, including student information

We collect a limited amount of student information โ€” such as a first name or display name, year group or key stage, assigned classes, and learning progress โ€” and we protect it with appropriate technical and organisational measures. Without disclosing details that would assist anyone trying to attack the Platform, our safeguards include:

  • Encryption in transit using industry-standard TLS/SSL across the whole site, so data sent between your device and us is encrypted;
  • Encryption at rest — sensitive pupil and staff information (legal names, date of birth, Unique Pupil Number, contact and address details, medical information, SEND and safeguarding fields, and staff DBS details) is encrypted within our database using authenticated 256-bit encryption, with the encryption keys held separately from the database;
  • Searchable without exposure — where an identifier must be looked up (for example to prevent duplicate pupil records), we match on a one-way keyed index rather than the readable value;
  • Per-school data separation — each school’s records are kept isolated, so staff only ever see pupils and information belonging to their own school and classes;
  • A web application firewall and malware protection provided by Wordfence, which monitors for and blocks malicious traffic, intrusion attempts, and known threats;
  • Hardened, managed hosting on Hostinger premium infrastructure, including server-level firewalling, DDoS mitigation, malware scanning, automated patching, and regular encrypted backups;
  • Access controls and least-privilege access, so staff can reach only the data they need, with passwords stored only in hashed form;
  • Secure payment handling โ€” card details are processed by our PCI-DSS-compliant payment provider and are never stored on our servers;
  • Activity logging and monitoring, staff confidentiality obligations, and regular review of our security measures.

No online service can be guaranteed to be completely secure. If a personal data breach is likely to result in a risk to people's rights and freedoms, we will notify the ICO within 72 hours where required, and affected individuals (or, for pupils, the relevant parent, carer, or school) without undue delay where the law requires.

13.Your rights

Subject to conditions in the law, you have the right to: be informed; access your data; have inaccurate data corrected; have data erased; restrict processing; data portability; object to processing (including direct marketing); and not be subject to solely automated decisions with legal or similarly significant effects. Children have these rights too, and a parent, carer, or school may exercise them on a child's behalf where appropriate.

To exercise any right, contact privacy@learnaroohub.com. We will respond within one month (extendable for complex requests) and will not charge a fee unless a request is manifestly unfounded or excessive.

14.Complaints and the ICO

We operate a formal data-protection complaints procedure in line with the Data (Use and Access) Act 2025. If you are unhappy with how we handle your data, please contact privacy@learnaroohub.com first so we can try to put it right. We will acknowledge your complaint and respond within 30 days.

You also have the right to complain to the Information Commissioner's Office at any time: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; helpline 0303 123 1113; ico.org.uk. We would, however, appreciate the chance to address your concerns first.

15.Marketing communications

We only send marketing to adults who have agreed to receive it, and never to children. You can opt out at any time using the unsubscribe link in any marketing email or by contacting us. We will still send essential service messages (such as renewal reminders, billing notices, and security alerts) regardless of marketing preferences.

16.Cookies

We use cookies and similar technologies as described in our Cookie Policy. You can manage non-essential cookies through our cookie banner and settings.

17.Changes to this policy

We may update this policy to reflect changes in the law or our services. We will post the updated version with a new effective date and, for significant changes affecting your rights, give additional notice.

18.How to contact us

For any privacy question or to exercise your rights, contact privacy@learnaroohub.com or write to the Data Protection Contact at 20 Wenlock Road, London, England, N1 7GU.

Ready to make learning click?

Create a free account in under a minute. No ads, ever.

๐Ÿš€ Start your free trial Explore the library
Back to school: sign up before 1 September 2026 and save 20%. Sign up & save 20%
Get in touch