Privacy Policy
What this policy covers at a glance
- Spello is designed for children. We collect as little data as possible and apply the highest privacy settings by default.
- Children never create their own accounts — a parent or school does this on their behalf.
- We collect a child's name, month and year of birth, username, and their spelling and typing activity. Nothing more.
- We never sell personal data or use it for advertising.
- Performance data stays on your device unless you actively choose to share it anonymously with our AI service.
- You can ask us to delete your data at any time by emailing hello@spello.uk.
1. Who we are
Viaduct Industries Limited is the data controller for personal data collected through Spello. We are registered in England and Wales, with our registered office at 3rd Floor, 86–90 Paul Street, London, EC2A 4NE.
You can contact us about any privacy matter at hello@spello.uk.
We are registered with the Information Commissioner's Office (ICO) as a data controller. Our ICO registration number is ZC122777.
2. Who this policy applies to
This policy applies to:
- Parents and guardians who create and manage accounts on behalf of their children;
- Schools and educational institutions that subscribe to Spello and enrol children; and
- Children who use Spello through an account created for them by a parent or school.
Because Spello is designed for children aged 5 to 11, we apply the highest level of data protection by default across the entire service, regardless of whether a particular user is a child or an adult.
3. What data we collect
3.1 Account holders (parents and schools)
| Data | Why we collect it |
|---|---|
| Name | To identify the account holder and personalise communications. |
| Email address | To send account confirmations, subscription receipts, and important service updates. |
| Billing information | To process subscription payments via Stripe. We do not store card numbers — these are handled entirely by Stripe. |
| Account preferences and settings | To save your choices within the Platform. |
3.2 Children
| Data | Why we collect it |
|---|---|
| Name | To identify the child within the account and personalise their experience. Chosen by the parent or school — typically a first name plus last initial, but any identifier can be used. |
| Month and year of birth | To determine the child's school year group and deliver age-appropriate content. We deliberately do not store the day of birth to minimise identifiability. |
| Username | To allow the child to log in. Chosen by the parent or school — it need not contain the child's real name. |
| Password (stored as a secure hash) | To authenticate the child's login. We never store passwords in plain text. |
| Spelling and typing performance data | To track progress, identify areas for improvement, and deliver personalised learning support. |
We do not collect children's full dates of birth, email addresses, phone numbers, photographs, precise location, IP addresses tied to child profiles, or any information about their social connections.
3.3 Technical data
When you use Spello, we may collect limited technical data including browser type, device type, and anonymised usage logs. This data is used only for maintaining and improving the Platform and is not linked to individual child profiles.
4. How we use your data
| Purpose | Data used |
|---|---|
| Providing and operating the Platform | All account and child data |
| Determining year group and age-appropriate content | Month and year of birth |
| Tracking and displaying a child's spelling and typing progress | Performance data |
| Generating personalised learning recommendations | Performance data |
| Processing subscription payments | Billing information (via Stripe) |
| Sending account and service communications | Account holder email address |
| Maintaining security and preventing misuse | Technical and account data |
| Complying with legal obligations | As required by law |
| AI-assisted performance analysis (optional, opt-in only) | Anonymised performance data only — see Section 8 |
We do not use personal data for advertising, profiling for commercial purposes, or any purpose beyond those listed above.
5. Legal basis for processing
| Legal basis | When we rely on it |
|---|---|
| Contract performance | Processing necessary to provide the Platform and subscription services you have signed up for, including account creation, progress tracking, and payment processing. |
| Legitimate interests | Maintaining Platform security, preventing fraud and misuse, and improving the service through anonymised technical data. We have assessed that these interests do not override the rights of users, particularly children. |
| Legal obligation | Where we are required to retain or disclose data to comply with applicable law. |
| Consent | Where a parent or school opts in to AI-assisted analysis (Section 8). This consent can be withdrawn at any time. |
We do not rely on consent as the basis for processing children's data in the ordinary operation of the Platform, as consent from a child is not considered freely given in this context. Instead, we rely on contract performance and legitimate interests, and apply strict data minimisation throughout.
6. Children's privacy
Spello is designed for primary school children aged 5 to 11. We take our responsibilities under the ICO's Children's Code (Age Appropriate Design Code) seriously and have built the Platform with the following principles in mind:
- High privacy by default. The most privacy-protective settings are applied automatically. No action is required from a parent to protect a child's data.
- Data minimisation. We collect only what is strictly necessary. Children's accounts require only a name, month and year of birth, and a username.
- No child-facing data collection. Children do not create their own accounts, agree to terms, or provide any data themselves. All account setup is done by a parent or school.
- No social features. Children cannot see, interact with, or be seen by other users of the Platform.
- No advertising or commercial profiling. We do not serve adverts to children and do not use their data for any commercial profiling purpose.
- No nudge techniques. The Platform does not use design techniques intended to encourage children to share more data or spend more time on the Platform than is in their best interests.
- Parental visibility. Parents always have access to view and request deletion of their child's data.
Where a school sets up accounts for children, we treat the school as responsible for ensuring appropriate authority exists to enrol those children. We recommend schools maintain their own records of parental consent in line with their data protection obligations.
7. Sharing data with third parties
We do not sell personal data. We share data only with the following processors, who act on our instructions under written data processing agreements:
| Processor | Purpose | Location |
|---|---|---|
| Stripe | Payment processing | USA (Standard Contractual Clauses apply) |
| Cloudflare, Inc. | Security, DDoS protection, content delivery | USA (Standard Contractual Clauses apply) |
| Krystal Hosting Ltd | Web hosting and infrastructure | United Kingdom |
| Brevo (Sendinblue SAS) | Transactional email delivery (account notifications, contact form replies and similar service emails) | France (European Union) |
| BunnyWay d.o.o. (BunnyCDN) | Content delivery for static game assets (images, audio and similar media). No account, personal or performance data is transmitted to BunnyCDN beyond the standard HTTP request metadata (such as IP address) inherent to any CDN request. | Slovenia (European Union) |
Where data is transferred outside the UK (Stripe and Cloudflare), we ensure appropriate safeguards are in place in accordance with UK GDPR, including reliance on the UK's International Data Transfer Agreement (IDTA) or Standard Contractual Clauses. Transfers to Brevo and BunnyCDN take place within the EU, which the UK recognises as providing an adequate level of data protection.
We may also disclose data where required to do so by law, or to protect the rights, property, or safety of Viaduct Industries Limited, our users, or others.
8. Optional AI-assisted analysis
Spello includes an optional feature that uses an AI service to provide additional personalised learning guidance based on a child's performance data. This feature is off by default and must be actively enabled by a parent or school.
When this feature is enabled:
- performance data is anonymised before being transmitted to the AI service — no name, username, month/year of birth, or any account identifier is included;
- the AI service uses the data only to generate learning recommendations and does not retain it for its own purposes;
- the AI service will be listed as a data processor in this policy once selected — we will update this policy accordingly; and
- consent can be withdrawn at any time via account settings, after which no further data will be shared.
Spello is fully functional without this feature enabled.
9. Cookies and similar technologies
We use a small number of cookies that are strictly necessary to operate the Platform — for example, to keep you logged in during a session. We do not use advertising cookies, tracking cookies, or any cookies that follow users across other websites.
| Cookie | Purpose | Duration |
|---|---|---|
| Session cookie | Maintains your login session while you use the Platform | Deleted when browser closes |
| Authentication token | Keeps you logged in between visits if you choose "stay logged in" | Up to 30 days |
| [Analytics cookie — if applicable] | [e.g. anonymised usage analytics] | [Duration] |
You can control cookies through your browser settings. Disabling strictly necessary cookies may affect your ability to use the Platform.
10. How long we keep data
| Data type | Retention period |
|---|---|
| Account holder data (parents / schools) | For the duration of the account, plus 3 years after closure to meet legal and contractual obligations. |
| Children's profile data (name, initial, month/year of birth, username) | For the duration of the account. Deleted within 30 days of account closure or deletion request. |
| Children's performance data | For the duration of the account. Deleted within 30 days of account closure or deletion request. |
| Payment records | 7 years, as required by HMRC regulations. |
| Technical/server logs | Up to 90 days, after which they are automatically deleted or anonymised. |
You may request early deletion of any data at any time by contacting us at hello@spello.uk. We will action deletion requests within 30 days, subject to any legal obligations that require us to retain certain records.
11. Security
We take the security of personal data seriously, particularly because the Platform is used by children. Our measures include:
- all data transmitted between your device and our servers is encrypted using TLS;
- parent, teacher & staff passwords are stored as secure cryptographic hashes — we cannot read them;
- access to personal data within our systems is restricted to those who need it to operate the Platform;
- our infrastructure is protected by Cloudflare's security and DDoS mitigation services; and
- we conduct regular reviews of our security practices.
In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the ICO within 72 hours and affected users without undue delay, as required by UK GDPR.
12. Your rights
Under UK GDPR, you have the following rights in relation to personal data we hold about you or your child:
| Right | What it means |
|---|---|
| Access | Request a copy of the personal data we hold. |
| Rectification | Ask us to correct inaccurate or incomplete data. |
| Erasure | Ask us to delete personal data where there is no longer a valid reason to keep it. |
| Restriction | Ask us to limit how we use data while a concern is being resolved. |
| Portability | Receive a copy of data in a structured, machine-readable format. |
| Objection | Object to processing based on legitimate interests. |
| Withdraw consent | Where processing is based on consent (e.g. AI analysis), withdraw it at any time without affecting prior processing. |
To exercise any of these rights, email us at hello@spello.uk. We will respond within one calendar month. There is no charge for making a request.
If you are not satisfied with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
13. Changes to this policy
We may update this Privacy Policy from time to time. Where changes are material — for example, if we begin collecting new types of data or share data with a new third party — we will notify account holders by email at least 14 days before the changes take effect.
The current version of this policy is always available at spello.uk/privacy. The date at the top of the page shows when it was last updated.
14. How to contact us
For any questions about this Privacy Policy or how we handle personal data, please get in touch:
- Email: hello@spello.uk
- Post: Viaduct Industries Limited, 3rd Floor, 86–90 Paul Street, London, EC2A 4NE
We aim to respond to all privacy enquiries within 5 business days.