Legal

Privacy Policy

Last updated: April 2026 · Effective: April 2026

Mathic is a children's educational app. We take your family's privacy extremely seriously. This policy explains exactly what we collect, why we collect it, and how it is protected. All emails and communications go to the parent account holder — never to the child.

1. Who we are

Mathic is operated as a sole trader business based in the United Kingdom. We are registered with the Information Commissioner's Office (ICO) as a data controller.

If you have any questions about this policy or how we handle your data, contact us at: privacy@mathic.app

2. What data we collect

We collect only the minimum data necessary to provide the Mathic service.

Parent account data:

Email address (used to create and access your account)
Password (stored encrypted — we never see it in plain text)
Subscription status and billing information (processed by Apple or Stripe — we do not store card details)

Child profile data:

First name or nickname (chosen by the parent)
Year group (Year 1 through Year 6)
Learning progress (questions answered, islands completed, scores)
Session data (time spent, accuracy rates)

Technical data:

Device type and operating system version
App version
Crash reports (via Sentry — anonymised)
Usage analytics (via PostHog — anonymised and aggregated)

3. How we use your data

To provide the Mathic app and track your child's learning progress
To send transactional emails (subscription confirmations, password resets)
To improve the app based on aggregated, anonymised usage patterns
To comply with legal obligations

We do not use your data for advertising. We do not sell your data to third parties. We do not use your data to train AI models.

4. Children's privacy

Mathic is designed for children aged 5–11, but the account holder is always the parent or guardian. We do not knowingly collect personal data directly from children.

Children do not create their own accounts — a parent creates the account and child profiles
Children do not enter their own email addresses
We do not send emails to child profiles
We comply with the ICO's Age-Appropriate Design Code (Children's Code)
We comply with GDPR-UK requirements for processing data related to children

5. Legal basis for processing

We process your data under the following legal bases (UK GDPR):

Contract: To provide the Mathic service you have subscribed to
Legitimate interests: To improve the app and prevent fraud
Legal obligation: To comply with UK law
Consent: For optional marketing emails (which you can withdraw at any time)

6. Third-party services

We use the following third-party services to operate Mathic:

Supabase — database and authentication (EU data centres)
Apple App Store — iOS app distribution and in-app payments
Stripe — web payment processing
Resend — transactional email delivery
PostHog — anonymised usage analytics
Sentry — anonymised crash reporting

Each of these providers processes data under their own privacy policies and is bound by data processing agreements with us.

7. Data retention

Your account data is retained while your account is active
When you delete your account, all personal data (parent and child profiles) is permanently deleted within 30 days
Anonymised, aggregated analytics data may be retained indefinitely
We may retain billing records for up to 7 years to comply with UK tax law

8. Your rights

Under UK GDPR, you have the right to:

Access — request a copy of all data we hold about you
Rectification — correct any inaccurate data
Erasure — request deletion of your data
Portability — receive your data in a portable format
Object — object to processing based on legitimate interests
Withdraw consent — for any processing based on consent

To exercise any of these rights, email privacy@mathic.app. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. Security

We implement appropriate technical and organisational measures to protect your data, including encryption at rest and in transit, access controls, and regular security reviews.

10. Changes to this policy

We may update this policy from time to time. We will notify you by email of any significant changes. Continued use of Mathic after changes constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions: privacy@mathic.app