GDPR Compliant

GDPR Compliance Statement

Your privacy and data protection rights are our top priority. We are fully compliant with the General Data Protection Regulation (GDPR).

Data Protection

Your data is encrypted, secure, and only used for providing our services.

Your Rights

Access, correct, delete, or export your data at any time.

Transparency

Clear information about what data we collect and why.

Who We Are

Data Controller: Inspir Learning Ltd

Registered: United Kingdom

Contact: privacy@inspir.uk

DPO (Data Protection Officer): Available upon request

What Data We Collect

Account Information (Optional)

  • Email address (only if you create an account)
  • Name (optional)
  • Study preferences and settings

Usage Data

  • Chat conversations and study sessions (stored locally)
  • Tool usage statistics
  • Performance metrics

Technical Data

  • IP address (anonymized)
  • Browser type and version
  • Device information
  • Cookies (with your consent)

Legal Basis for Processing

We process your personal data under the following legal bases:

Consent

For optional features like analytics and marketing cookies

Contract Performance

To provide the AI tutoring services you've requested

Legitimate Interest

To improve our services and prevent fraud

Legal Obligation

To comply with UK laws and regulations

Your GDPR Rights

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct any inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data in certain circumstances.

Right to Data Portability

Receive your data in a machine-readable format to transfer to another service.

Right to Object

Object to processing based on legitimate interests or direct marketing.

Right to Restrict Processing

Request limitation of how we process your data in certain situations.

Right to Withdraw Consent

Withdraw consent for processing at any time (doesn't affect prior processing).

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us:

  • Email: privacy@inspir.uk
  • Subject Line: "GDPR Request - [Type of Request]"
  • Response Time: Within 30 days (may extend to 60 days for complex requests)

We may request identification verification to protect your data security.

How We Protect Your Data

Technical Measures

  • End-to-end encryption (SSL/TLS)
  • Secure database hosting (Supabase)
  • Regular security audits
  • Access controls and authentication

Organizational Measures

  • Staff training on data protection
  • Confidentiality agreements
  • Data breach response procedures
  • Regular policy reviews

International Data Transfers

Your data is primarily stored in the European Economic Area (EEA). When we transfer data outside the EEA:

  • We use EU-approved Standard Contractual Clauses
  • We ensure adequate safeguards are in place
  • We work only with GDPR-compliant service providers

Right to Lodge a Complaint

If you believe we have not handled your data correctly, you have the right to lodge a complaint with a supervisory authority:

UK Supervisory Authority: Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

Policy Updates

We may update this GDPR compliance statement from time to time. Any changes will be posted on this page with an updated "Last updated" date. For significant changes, we will notify you via email or prominent notice on our website.

Questions About Your Data?

We're committed to transparency and protecting your privacy rights.

Contact Our Privacy Team

Related Policies

Privacy PolicyCookie PolicyTerms & Conditions