Privacy Policy
Last updated: June 6, 2026
This Privacy Policy explains how Accelerate Business Performance(trading as "AeroKoda", "we", "us", "our") collects, uses, shares and protects personal information when you visit our websites, create an account, or use the AeroKoda platform (the "Services"). We act as the data controller for personal information processed in connection with the Services.
1. Personal information we collect
- Account data: name, email, password (hashed), role (teacher / school admin / parent / student), school or organisation, year/grade level where relevant.
- Profile and learning data: projects, code, prompts, AI interactions, lesson progress, quiz/assessment results, badges, teacher feedback.
- Support data: messages, attachments and contact details you provide when contacting us.
- Usage and device data: IP address, browser type and version, operating system, device identifiers, pages viewed, referring URLs, timestamps and other telemetry needed to operate and secure the Services.
- Cookies and similar technologies: see our Cookies Policy for details.
Payment information (card details, billing address, tax information) is collected and processed by our reseller Paddle, not by us. We receive only limited transaction metadata such as order ID, plan, country and last four digits where applicable.
2. How we use personal information
- Create and manage accounts, authenticate users, and provide the Services.
- Deliver learning features, assessments, AI assistance and progress dashboards.
- Provide customer support and respond to enquiries.
- Send service-related communications (security alerts, billing, updates).
- Improve, debug, secure and develop the Services, including aggregated analytics.
- Prevent, detect and investigate fraud, abuse, and policy or security violations.
- Comply with legal obligations and enforce our Terms.
- With consent, send marketing emails about features, resources and offers — you can unsubscribe at any time.
3. Legal bases (UK/EEA users)
Where the UK GDPR or EU GDPR applies, we rely on the following legal bases: performance of a contract (providing the Services you have signed up for); legitimate interests (operating, securing and improving the Services and our business); consent (for non-essential cookies and marketing); and compliance with legal obligations.
4. Children's privacy
AeroKoda is used by K–12 students. Where students are below the age of digital consent in their jurisdiction, accounts are provisioned through schools or parents, who provide the necessary authorisation. Student accounts use classroom-mode safeguards: no public profile, no direct messaging with strangers, restricted personal data fields, and teacher-visible AI interactions. We do not knowingly sell or share student personal information for advertising or profiling.
5. How we share personal information
We share personal information only with the following categories of recipients:
- Service providers and subprocessors — hosting, database, email, analytics, customer support and AI infrastructure providers that operate the Services on our behalf under written contracts.
- Merchant of Record (Paddle) — for the sale of paid plans, subscription management, payments, tax compliance, invoicing and related customer service.
- Schools and account administrators — where a student or teacher uses the Services through a school account, the school administrator can access the relevant account and learning data.
- Professional advisers — legal, accounting, insurance and audit providers under appropriate confidentiality obligations.
- Authorities — where required by law, regulation, legal process or to protect the rights, safety or property of users or the public.
- Successors — in the event of a merger, acquisition, financing or sale of assets, subject to standard confidentiality protections.
We do not sell your personal information.
6. International transfers
We may transfer personal information outside your country, including to Australia, the United States and the European Economic Area, where our infrastructure providers operate. Where required, we put appropriate safeguards in place such as Standard Contractual Clauses or rely on adequacy decisions.
7. Data retention
We retain personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes and enforce our agreements. When personal information is no longer required, we delete or anonymise it. Schools and individual account holders may request earlier deletion or export, subject to legal limits.
8. Security
We apply appropriate technical and organisational measures to protect personal information, including encryption in transit, encryption at rest for sensitive data, role-based access controls, audit logging, secure development practices and regular review of our subprocessors. No system is perfectly secure, but we work continuously to reduce risk.
9. Your rights
Depending on your jurisdiction, you may have the right to access, correct, delete, restrict or object to the processing of your personal information; to data portability; to withdraw consent; and to lodge a complaint with your local supervisory authority. We will respond to verified requests within the timeframe required by applicable law (typically within one month under GDPR).
To exercise your rights, contact us via the contact page.
10. Cookies
We use cookies and similar technologies for essential functionality, preferences, analytics and (where consented) marketing. See our Cookies Policy for full details and to manage your preferences.
11. Changes to this Policy
We may update this Privacy Policy from time to time. The "Last updated" date above reflects the current version. Material changes will be notified through the Services or by email.
12. Contact
For privacy questions or requests, contact Accelerate Business Performance via the contact page.