⚠️ Draft for review — not legal advice.
This is a working draft. It must be reviewed and approved by a qualified data-protection / education-law professional and the responsible Data Protection Officer before it is published or relied upon. Placeholders in [square brackets] need real values.
Policies
Last updated: Draft — under review
Storyjar is a class journal for children aged 3–7. Because it holds children's work, safeguarding and data protection sit at its core. These policies explain how it works and how we protect the people who use it.
In data-protection law the school is the data controller and Storyjar is a data processoracting on the school's instructions. Each policy below reflects that relationship.
Privacy Policy →
How Storyjar handles personal data, and the roles of school, teacher, parent and Storyjar.
Privacy — plain English →
The short, plain-English version for parents and carers.
Cookie Policy →
What cookies Storyjar sets (essential only) and why.
Safeguarding & Child Protection →
How Storyjar is built to keep children safe, and how to raise a concern.
Terms of Service →
The agreement between a school and Storyjar for using the service.
Acceptable Use Policy →
What may and may not be put into Storyjar.
Data Processing Agreement →
The processor terms: how Storyjar handles data on a school's behalf.
Sub-processors →
The third parties Storyjar relies on, and where data is held.
Accessibility Statement →
Storyjar's commitment to being usable by every child and adult.