top of page

Privacy Policy

Introduction

Effective data: 26/10/2025

 

Welcome to Liaura.app. Your privacy is important to us, and this Privacy Policy explains how we collect, use, and protect your personal information when you submit your data on our website and our mobile app. Liaura.app is committed to ensuring that your privacy is safeguarded while supporting the development of our safe and engaging social media and learning platform for children.

This Privacy Policy applies globally wherever Liaura is made available, including the United Kingdom, European Economic Area, North America (United States and Canada), Singapore, India, and other territories where Liaura operates. Nothing in this Policy limits your rights under mandatory local data-protection or consumer-protection laws.

What data we collect

We may collect the following information when you submit your details through our platforms:

  • Contact Information: Name, email address, and any additional information voluntarily provided.

  • Feedback and Participation Data: Responses or preferences shared during enrollment in app testing or development surveys.

  • We may collect and process images of child users (uploaded by parents/guardians) to allow trusted identification by their approved friends and their friends’ guardians. These images are visible only within the child’s approved network and are not shared or made public. Guardians provide consent when uploading imagery.

  • Images are stored securely and moderated to prevent inappropriate content. We encourage the use of avatars or non-identifiable images, but allow recognisable profile pictures where in uploading this imagery the guardian provides explicit consent. By uploading a child’s image, guardians acknowledge and accept legal responsibility for the content of the image and confirm that it is appropriate, safe, and used solely for identification within the child’s approved network. This visibility supports safety and familiarity between connected children and their guardians, and images are never shared publicly or outside the approved network.

  • We collect and process personal data in accordance with the UK GDPR, EU GDPR, Singapore’s PDPA (2012), India’s Digital Personal Data Protection Act (2023), and comparable US privacy laws including COPPA and CCPA, as applicable.

How we use your data

The data we collect is used to:

  1. Contact parents and teachers about opportunities to participate in app testing and provide feedback.

  2. Inform and guide the development of the Liaura app to ensure it meets the needs of its users.

  3. Under legitimate interest to provide you our services.

  4. Communicate updates, progress, or follow-up regarding testing or app-related developments.

  5. Fulfill obligations to funding and development partners for reporting purposes.

We process your child’s profile image based on your explicit consent (Article 6(1)(a), Article 8 UK GDPR), and their ID documentation based on our legal obligations under safeguarding and online safety regulations (Article 6(1)(c)). We also comply with the Children’s Code by applying high privacy settings by default and minimising unnecessary data collection.

Data Retention After Account Deletion

 

We are committed to protecting user data while ensuring we meet our safeguarding responsibilities. When a user account is deleted (either by a parent/guardian or through a moderation action), we follow a two-step approach to data handling:

Immediate Deletion of Non-Essential Data

Upon account deletion, we promptly and permanently delete:

 

  • Profile photos, stickers, theme settings, badges, and cosmetic display nicknames

 

Retention of Essential Safeguarding Records (up to 5 years)

We retain, where relevant to safeguarding:

 

  • ID verification records from the supervising adult

  • Metadata tied to safeguarding logs (e.g. system-generated usernames, email tags)

  • Chat logs, post history, and reported content

  • Logs of moderation actions or incident flags

 

This data is retained only:

 

  • For the legitimate interest of safeguarding children and evidencing proper action if a future investigation is required

  • Under strict access controls and used only where necessary

 

We never retain biometric data, nor do we repurpose this information for marketing or analytics.

Liaura is designed for supervised use by children. We only use personal data for the purposes for which it was collected, unless otherwise permitted or required by law. We do not use children’s data for advertising or profiling.

 

In the United States, we comply with the Children’s Online Privacy Protection Act (COPPA), requiring verifiable parental consent before collecting data from children under 13.

In Singapore, we comply with the Personal Data Protection Act (PDPA) which requires parental consent for users under 13.

In the European Union and United Kingdom, the minimum age of digital consent is typically 16 (or lower where allowed by national law).

In India, we comply with the Digital Personal Data Protection Act 2023, which requires guardian consent for processing children’s data.

Parents can review, manage, or delete their child’s information through in-app settings or by contacting us at hello@liaura.app.

Who We Share Your Data With

We only share usage data with trusted partners who are directly involved in the development, delivery, or evaluation of the Liaura app. These partners include:

 

  • Innovate UK and other relevant funding bodies for monitoring and reporting purposes.

All shared data is limited to what is strictly necessary, and is subject to appropriate confidentiality and data processing agreements.

 

Contact data (such as names or email addresses) will only be shared in anonymised or pseudonymised form, and solely for the purpose of delivering our services to you — for example, through email platforms or notification systems.

Where required by local law, we rely on your consent or your parent/guardian’s consent (for children), contractual necessity, or our legitimate interests to process your data. These legal bases are consistent with the requirements of the GDPR, PDPA, DPDP Act 2023, and comparable frameworks.

 

We will never sell your data or share it with third parties for third-party marketing, advertising, or other unrelated commercial purposes.

We may transfer personal data internationally to our service providers or partners located outside your country. When we do so, we ensure a comparable standard of protection through contractual safeguards, such as Standard Contractual Clauses (SCCs) under the GDPR or equivalent mechanisms required under the PDPA and DPDP Act 2023.

Data Security

We are committed to ensuring that your information is secure. To prevent unauthorized access or disclosure, we have implemented suitable physical, electronic, and managerial procedures to safeguard the data we collect online.

Images and ID documents are encrypted at rest and in transit using industry-standard protocols, including TLS 1.2+ and AES-256 encryption. Supabase’s managed infrastructure ensures secure data handling, with access strictly limited through Role-Based Access Control (RBAC) and Row-Level Security (RLS) policies to authorised Liaura personnel or backend systems supporting moderation, verification, and safety within the child’s approved network. All data is stored in secure, GDPR-compliant data centres within the UK or EEA, and subject to planned penetration testing and security audits.

All data is stored securely in data centres located within the United Kingdom and European Union, with controlled cross-border transfers under compliant safeguards.

Data Retention

We will retain your data only as long as necessary for the purposes outlined in this Privacy Policy or as required by law.

Liaura retains encrypted identity documents (e.g. government-issued ID) for up to five (5) years after an account is deleted. This is required:

(a) to evidence lawful age verification and compliance with safeguarding regulations;

(b) to respond to legal, regulatory, or child protection enquiries.

We retain data only as long as necessary for the purposes outlined in this Policy or to comply with legal, safeguarding, or regulatory requirements. Retention periods are applied consistently with the UK GDPR, EU GDPR, PDPA (Singapore), DPDP Act (India), and relevant US state laws.

These documents are securely destroyed or anonymised after this period.

Your Rights

You have the right to:

  1. Access the personal data we hold about you.

  2. Request corrections to your data if it is inaccurate or incomplete.

  3. Request deletion of your data, subject to legal and operational requirements.

  4. Withdraw consent for us to contact you at any time.

To exercise any of these rights, please email us at hello@liaura.app.

You may access, update, or delete your child’s profile image at any time via the app. Profile images are deleted upon account closure. However, associated ID documentation and other information may be retained in accordance with our verification document retention policy (Data Retention). You can also request confirmation of what personal data we continue to hold and why.

Right to Lodge a Complaint with a Supervisory Authority

If you have any concerns about our use of your personal information, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues:

 

Website: https://ico.org.uk

Phone: +44 (0)303 123 1113

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

  • UK: Information Commissioner’s Office (ICO) – ico.org.uk
  • EU: Contact your national Data Protection Authority (list available at edpb.europa.eu)
  • Singapore: Personal Data Protection Commission (PDPC) – www.pdpc.gov.sg
  • India: Data Protection Board (under the Digital Personal Data Protection Act 2023)
  • United States: Federal Trade Commission (FTC) for COPPA compliance

Depending on where you live, you may have additional rights:

 

  • Singapore (PDPA): Right to access, correct, and withdraw consent to processing.
  • India (DPDP 2023): Right to access, correct, and request erasure of personal data.
  • United States (CCPA): Right to know, delete, and opt-out of the sale or sharing of personal data (note: Liaura does not sell personal data).
  • EU/UK (GDPR): Right of access, rectification, erasure, restriction, portability, and objection.
To exercise any of these rights, please contact our Data Protection Officer at hello@liaura.app. We will respond in accordance with the laws applicable to your jurisdiction.

Cookies & Analytics

Our website and our app may use cookies and analytics tools to improve user experience and gather non-personal data about website usage. You can manage your cookie preferences through your browser settings.

Third Party Links

Our platform may contain links to external sites. We are not responsible for the content or privacy practices of these external sites. We will never provide third party external links to children using our mobile app, except where it enables in-app interactive experiences and allowing no transit out of our secure application.

Changes to this Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated effective date. 

We may update this Privacy Policy from time to time to reflect legal or operational changes. The latest version will always be available at https://www.liaura.app/privacy-policy, and the “Effective Date” at the top indicates when it was last revised. Your continued use of the App after an update constitutes acceptance of the revised Policy.

Contact us

If you have any questions or concerns about this Privacy Policy, please contact us at:
Email: hello@liaura.app

1. Data Controller Identification

The data controller responsible for your personal information is:

 

  • Name: Hugh Anthony Shepherd

  • Organisation: Liaura Limited

  • Address: Capital House, 272 Manchester Road, Droylsden, Manchester, M43 6PW, United Kingdom

  • Email: hello@liaura.app

 

2. Data Protection Officer (DPO) Contact

Our appointed Data Protection Officer is Hugh Anthony Shepherd.

You can contact our DPO with any questions about this privacy policy or your data rights at:

 

Your agreement

By using our platforms and submitting your data, you consent to this Privacy Policy and the processing of your information as described. Thank you for supporting Liaura.app and helping us create a safer, more engaging environment for young users.

bottom of page