HysonLearn
🚧 DRAFT β€” Pending legal review. Do not consider final.

Children's Privacy Notice

Last updated: 2026-05-09

Version: 0.1-draft

1. Overview

HysonLearn is built for primary-school children. This notice sits alongside our main Privacy Policy and explains the extra protections we apply when a child uses the service. It is written for the parent or guardian who manages the child's account.

2. What we collect from children

  • A first name or chosen display name.
  • Year group and an age derived from date of birth.
  • An avatar the child builds inside the app.
  • Answers given to learning activities and the time taken on each.
  • Badges earned and lessons completed.
  • Optional voice notes the child chooses to record while using certain activities.

We do not collect a child's contact details, location, or photos. We do not show third-party advertising to children and we do not use marketing trackers.

3. Parental consent

A parent or legal guardian creates and manages the child's account. By signing up and adding a child, the parent confirms that they have the authority to do so and consents on the child's behalf to the processing described in this notice and in the main Privacy Policy.

Where a feature collects optional data (for example, voice notes), the parent can turn it off at any time from the parent dashboard.

4. Parental controls and rights

  • Review: see what data the child has generated, including their answers, badges, and any voice notes.
  • Correct:edit a child's display name, year group, or avatar.
  • Delete: remove individual items (e.g. a single voice note) or the whole child profile.
  • Export:ask us for a copy of the child's data in a portable format.
  • Withdraw consent:turn off optional features or close the child's account at any time.

5. Children's own rights

Children have the same data-protection rights as adults, but those rights are usually exercised through the parent. A child who is old enough to understand can ask us directly to look at, correct, or delete their data. We will normally respond by talking to the parent first.

6. Age Appropriate Design Code (Children's Code)

For children in the United Kingdom, we follow the ICO's Age Appropriate Design Code (the β€œChildren's Code”). Below is a plain-English summary of the 15 standards and how we apply them today. We will publish a fuller assessment before general release.

  1. Best interests of the child β€” every product decision is checked against what is good for the child using the service.
  2. Data Protection Impact Assessments β€” we will complete a DPIA before launching new features that could affect children, and before general release.
  3. Age-appropriate application β€” the experience is designed for primary ages and content is presented in language children can understand.
  4. Transparency β€” we explain in plain English what we do with data, including in this notice.
  5. Detrimental use of dataβ€” we do not use children's data in ways that could harm them, such as for behavioural advertising.
  6. Policies and community standards β€” we follow our own published policies and review them regularly.
  7. Default settings β€” privacy settings start at the most protective level. Optional features are off by default.
  8. Data minimisation β€” we collect only the data we need to run the service.
  9. Data sharingβ€” we do not share children's data with third parties for their own purposes.
  10. Geolocationβ€” we do not collect or use a child's location.
  11. Parental controlsβ€” parents can review, edit, export, and delete the child's data, and turn off optional features.
  12. Profiling β€” we do not use profiling to make decisions about a child beyond choosing which lesson is most useful to show next.
  13. Nudge techniques β€” we do not use design patterns that pressure children to share more data than they need to.
  14. Connected toys and devices β€” HysonLearn does not connect to physical toys or smart devices.
  15. Online tools β€” we provide easy ways for parents and children to exercise their rights, including the parent dashboard and the contact email below.

7. Children in Hong Kong

Hong Kong's PDPO does not have a children-specific code equivalent to the UK's Children's Code, but the PCPD has issued guidance on processing children's data. We apply the same protections described above to children in Hong Kong, and we treat the parent as the person who exercises the data-protection rights on the child's behalf.

8. Reporting a concern

If you are worried about how a child's data is being handled β€” by us or by anyone using the service β€” please contact us straight away. You can also complain to the Information Commissioner's Office (UK) or the Office of the Privacy Commissioner for Personal Data (Hong Kong).

9. Contact