top of page

Login via Desktop or Tablet

GDPR and Data Protection

Last updated: February 2026

Young Primary Leaders is committed to protecting the privacy and personal data of schools, staff and pupils in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy explains how we collect, use, store and protect personal data when schools use the Young Primary Leaders platform.

1. Who We Are
 

Young Primary Leaders provides an online educational leadership platform for primary schools across the United Kingdom.

For the purposes of UK GDPR:

- Schools are the Data Controller for pupil data entered into the platform.

- Young Primary Leaders acts as a Data Processor, processing data on behalf of the school.

2. What Data We Collect

We only collect data necessary to deliver the Young Primary Leaders programme.

Teacher Data

  • Name

  • Email address

  • School name

  • Account login details

  • Payment information (processed securely via third-party provider)

Pupil Data

  • First name

  • Last name

  • Username (generated by teacher)

  • Password (generated by system)

  • Module progress scores

  • Completion status

We do not collect:

  • Home addresses

  • Dates of birth

  • Sensitive medical information

  • Biometric data

  • Special category data

3. How We Use The Information

We use personal data to:

  • Create and manage teacher accounts

  • Generate pupil login credentials

  • Track pupil module progress

  • Produce completion certificates

  • Provide teacher dashboards and reporting

  • Deliver technical support

  • Process payments and invoices

We do not sell or share personal data for marketing purposes.

4. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contract – To provide access to the Young Primary Leaders platform.

  • Legitimate Interest – To deliver educational services requested by the school.

  • Legal Obligation – To comply with UK data protection law.

Schools are responsible for ensuring they have appropriate parental notification arrangements in place where required.

5. Data Storage and Security

We take appropriate technical and organisational measures to protect personal data.

This includes:

  • Secure hosting environment

  • Password-protected teacher accounts

  • Role-based access (teachers only see their own pupils)

  • Encrypted connections (HTTPS)

  • Restricted administrative access

  • Regular platform monitoring

Access to pupil data is limited to authorised staff within the purchasing school.

6. Data Sharing

We do not share pupil data with third parties except:

  • Secure hosting providers

  • Legal authorities where required by law

All third-party providers are compliant with UK GDPR standards.

7. Data Retention

We retain data only for as long as necessary.

  • Pupil data is stored while the school maintains an active subscription.

  • Schools may request deletion of pupil data at any time.

  • If a subscription ends, data may be deleted after a reasonable retention period unless otherwise agreed.

8. Data Subject Rights

Under UK GDPR, individuals have the right to:

  • Access their data

  • Rectify inaccurate data

  • Request deletion (where applicable)

  • Restrict processing

  • Object to processing

  • Data portability (where applicable)

Schools should contact us to make requests on behalf of pupils.

9. International Transfers

Young Primary Leaders aims to store data within the United Kingdom or countries with adequate data protection safeguards.

Where international hosting services are used, appropriate safeguards are in place.

10. Data Breach Procedures

In the unlikely event of a data breach:

  • We will investigate immediately.

  • Affected schools will be notified without undue delay.

  • The Information Commissioner’s Office (ICO) will be informed where legally required.

11. Cookies and Website Data

Our website may use essential cookies for:

  • Secure login

  • Session management

  • Basic functionality

We do not use behavioural advertising or intrusive tracking technologies.

12. Safeguarding and Data Protection

Young Primary Leaders understands that safeguarding and data protection go hand in hand.

We:

  • Limit the personal data collected

  • Avoid sensitive data storage

  • Ensure teachers control pupil accounts

  • Do not allow pupil-to-pupil messaging

13. Changes To This Policy

We may update this policy from time to time.

The latest version will always be available on our website.

14. Contact

For data protection enquiries:

office@youngprimaryleaders.com

If you are unhappy with how your data has been handled, you have the right to complain to:

Information Commissioner’s Office (ICO)
www.ico.org.uk

bottom of page