Privacy Policy

Last updated: 8 July 2026

1. Introduction

Lingoodle is an Irish educational technology company that provides high-intensity Mandarin Chinese immersion programmes to the children of enterprise executives. This Privacy Policy explains how Lingoodle collects, uses, stores, and protects personal data in connection with our services.

Lingoodle is the data controller for all personal data processed under this policy. We are committed to protecting the privacy of all individuals whose data we process, with particular attention to the personal data of children.

This policy applies to all users of Lingoodle services, including enterprise clients, parents and guardians, and child participants enrolled in our programmes.

2. Legal Framework

As an Irish company, Lingoodle processes personal data in compliance with the following regulations:

  • General Data Protection Regulation (GDPR), Regulation (EU) 2016/679, as implemented in Irish law by the Data Protection Act 2018.
  • Children's Online Privacy Protection Act (COPPA), 15 U.S.C. 6501 to 6506, applicable where we provide services involving children located in the United States.

Where GDPR and COPPA impose different requirements, Lingoodle applies the stricter standard.

3. Data We Collect

3.1 Enterprise Client Data

We collect the following data from enterprise clients:

  • Company name and registered address
  • Contact details of authorised representatives (name, email, phone number)
  • Billing and payment information
  • Contract and procurement documentation

3.2 Parent and Guardian Data

We collect the following data from parents and guardians:

  • Full name and email address
  • Phone number
  • Relationship to the enrolled child
  • Parental consent records

3.3 Child Participant Data

We collect the following data about child participants:

  • First name and age
  • Language proficiency level
  • Session attendance and progress records
  • Session recordings (video and audio, where consent has been provided)
  • Learning outcomes and assessment data

We do not collect social media identifiers, precise geolocation data, or biometric data from children. We do not permit children to make their personal information publicly available.

4. Lawful Basis for Processing

Lingoodle processes personal data on the following legal bases under Article 6 of the GDPR:

  • Contract performance (Article 6(1)(b)): to deliver our Mandarin immersion programme and related services as agreed with the enterprise client.
  • Legitimate interest (Article 6(1)(f)): to maintain the security of our systems, to improve our programme, and to communicate with enterprise clients about their accounts.
  • Consent (Article 6(1)(a)): for session recordings and any processing of children's data that falls outside contractual necessity.
  • Legal obligation (Article 6(1)(c)): to comply with applicable laws, including tax and financial reporting obligations.

5. Parental Consent and Children's Data

Lingoodle requires verifiable parental consent before collecting or processing any personal data relating to a child participant. This applies regardless of the child's location and satisfies both GDPR requirements (Article 8) and COPPA requirements.

Our parental consent process includes the following:

  • A clear, written consent form is provided to the parent or guardian before the child's first session.
  • The consent form describes all categories of data collected, the purposes of processing, and the identities of any third parties who will receive the data.
  • Consent is collected and recorded electronically. A copy of the signed consent is retained for the duration of the programme plus 12 months.
  • Parents and guardians may withdraw consent at any time by contacting hello@lingoodle.com. Withdrawal of consent will result in the child's removal from the programme and the deletion of the child's personal data, subject to any legal retention obligations.

Parents and guardians have the right to review the personal data collected about their child, to request deletion of that data, and to refuse further collection. To exercise any of these rights, please contact hello@lingoodle.com.

6. How We Use Personal Data

We use personal data for the following purposes:

  • Delivering and administering the Mandarin immersion programme
  • Scheduling sessions and managing attendance
  • Assessing and reporting on learning progress
  • Processing payments and managing enterprise accounts
  • Communicating with parents, guardians, and enterprise clients about programme matters
  • Generating anonymised, aggregated programme performance data for enterprise reporting (Neural Capital Impact Summaries)
  • Maintaining the security and integrity of our systems
  • Complying with legal and regulatory requirements

7. Sub-processors and Third Parties

Lingoodle engages the following sub-processors to deliver its services. Each sub-processor is bound by a Data Processing Agreement (DPA) that requires compliance with GDPR.

Sub-processor Purpose Data Processed
Moodle (Moodle Pty Ltd) Learning management system Child first name, date of birth, progress records, learning materials, assessment data, home address (only where printed workbooks are requested)
Zoom Video session delivery Tutor and participant first names, session metadata. Sessions are not recorded.
Stripe Payment processing Enterprise billing data, payment card details (handled directly by Stripe in PCI-DSS compliant infrastructure)

Lingoodle does not sell personal data to any third party. We do not share personal data with third parties for their own marketing purposes. Personal data is only disclosed to sub-processors as described above, or where required by law.

8. Data Residency

Lingoodle's sub-processors each offer EU data residency options, and we use these wherever available under the terms of their respective Data Processing Agreements.

In the event that any sub-processor requires a transfer of personal data outside the EU, Lingoodle will ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, and will notify affected data subjects in advance of any such transfer.

9. Data Retention

Lingoodle retains personal data for the duration of the programme in which the individual is enrolled, plus 12 months. After this retention period, personal data is securely deleted or anonymised.

Specific retention periods are as follows:

  • Child participant data: retained for the duration of the programme plus 12 months, then deleted.
  • Parent and guardian data: retained for the duration of the programme plus 12 months, then deleted.
  • Enterprise client data: retained for the duration of the commercial relationship plus 12 months, or longer where required by tax or financial reporting obligations.
  • Session recordings: retained for the duration of the programme plus 12 months, then deleted. Recordings may be deleted earlier at the request of a parent or guardian.
  • Parental consent records: retained for the duration of the programme plus 12 months, or longer where required to demonstrate compliance with applicable law.
  • Payment data: handled by Stripe in accordance with Stripe's own retention policies and PCI-DSS requirements.

10. Data Security

Lingoodle implements appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These measures include:

  • Tutor background verification before any session is delivered
  • Reliance on sub-processors (Moodle, Zoom, Stripe) that each maintain their own industry-standard encryption and access controls
  • Incident response procedures and breach notification protocols

To report a security concern, please contact hello@lingoodle.com.

11. Your Rights

Under the GDPR, you have the following rights in relation to your personal data (and, where applicable, the personal data of your child):

  • Right of access: you may request a copy of the personal data we hold about you or your child.
  • Right to rectification: you may request that we correct any inaccurate or incomplete personal data.
  • Right to erasure: you may request that we delete your personal data or your child's personal data, subject to any legal retention obligations.
  • Right to data portability: you may request a copy of your personal data in a structured, commonly used, machine-readable format.
  • Right to restriction of processing: you may request that we restrict the processing of your personal data in certain circumstances.
  • Right to object: you may object to the processing of your personal data where processing is based on legitimate interest.

To exercise any of these rights, please contact us at hello@lingoodle.com. We will respond to all requests within 30 days.

12. Cookies and Tracking

The Lingoodle website uses only essential cookies required for the operation of the site. We do not use advertising cookies, analytics tracking pixels, or third-party behavioural tracking tools.

13. Supervisory Authority

If you are not satisfied with our response to a data protection concern, you have the right to lodge a complaint with the Irish Data Protection Commission:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28
Ireland
Website: www.dataprotection.ie

14. Changes to This Policy

Lingoodle may update this Privacy Policy from time to time. Where changes are material, we will notify enterprise clients and, where applicable, parents and guardians by email. The updated policy will be published on this page with a revised "Last updated" date.

15. Contact

If you have any questions about this Privacy Policy or about how Lingoodle processes personal data, please contact us:

Data Controller
Lingoodle
Email: hello@lingoodle.com

Security
Email: hello@lingoodle.com