← Back

Privacy Policy

Last updated: 25 May 2026

1. Who we are

Handwriting Made Easy is owned and operated by Headtummytail. We comply with the South African Protection of Personal Information Act (POPIA), the EU General Data Protection Regulation (GDPR) where applicable, and the US Children's Online Privacy Protection Act (COPPA).

For any privacy enquiry or data request, contact us at info@headtummytail.com.

2. Information we collect

  • Parent / teacher account details (name, email, school).
  • Learner profile details (first name, age / grade, avatar).
  • Learning progress, activity completion and practice recordings.
  • Teacher-uploaded activities with author and school attribution.
  • Photos uploaded by parents, teachers, or children via the in-app camera (only when explicitly initiated by tapping "Upload my work").
  • A push notification token generated by Apple (APNs) or Google (FCM) when the user grants notification permission.
  • Technical diagnostics if a user submits a bug report (browser, OS, recent errors).

3. How we use it

To provide personalised learning, track progress, allow teachers to plan lessons, send reminders and assignment notifications, and improve the platform. We do not sell personal information to third parties and we do not show advertising of any kind.

4. Camera & photos

The camera is only activated when a parent, teacher, or child explicitly taps an "Upload my work" button. Photos are uploaded to a private, access-controlled storage area visible only to the child's linked parent and teacher. Photos are never made public, shared with other users, or used for any purpose other than learning feedback.

5. Push notifications

With your permission, we register a device token with Apple Push Notification Service (APNs) or Firebase Cloud Messaging (FCM). We use this token only to send learning-related messages such as streak reminders, new teacher assignments, and messages from a linked parent or teacher. You may revoke notification permission at any time in your device settings.

6. Children's privacy (COPPA & POPIA)

Accounts for children under 13 must be created and managed by a verified parent, guardian, or teacher. Children cannot independently create accounts, make purchases, communicate with strangers, or access external links — all such actions are protected by a parental gate. We collect the minimum information necessary to deliver the learning experience and never use children's data for marketing or behavioural advertising. A parent or guardian may review, modify, or request deletion of their child's data at any time by emailing info@headtummytail.com.

7. Data storage & security

Data is stored on secure cloud infrastructure with industry-standard encryption in transit (TLS) and at rest. Database access is restricted via authentication and row-level security policies so users can only access their own (or their child's / class's) records.

8. Third parties

We use the following infrastructure providers strictly to operate the service:

  • Supabase — database and file storage hosting.
  • Apple Push Notification Service — delivering notifications to iOS devices.
  • Firebase Cloud Messaging (Google) — delivering notifications to Android devices.

We do not use analytics trackers, advertising SDKs, or social media tracking pixels.

9. Data retention & deletion

We retain account and learning data for as long as the account remains active. To delete your account and all associated learner data, email info@headtummytail.com from the email address on the account. We process deletion requests within 30 days. Some records may be retained briefly thereafter where required by law (e.g. financial records).

10. Your rights

You may request access to, correction of, export of, or deletion of personal information at any time by contacting info@headtummytail.com.

11. Contact

For privacy enquiries or data requests, contact Headtummytail at info@headtummytail.com.

© Headtummytail 2026. All rights reserved.

© Headtummytail 2026