Privacy Policy

Praelion Health Ltd is the controller for personal data processed through Heedli, unless we clearly say otherwise in writing. We are registered in England and Wales with company number 17209225, and our registered office is First Floor, Swan Building, 20 Swan Street, Manchester, M4 5JW, United Kingdom.

This notice explains how we collect, use, disclose, retain, and protect personal data when you use the Heedli website, mobile app, waiting list, support channels, shared report pages, research contribution features, AI-assisted features, subscriptions, and related services.

Heedli is designed for families navigating Special Educational Needs and Disabilities, wellbeing, education support, evidence organisation, and self-advocacy. That means the information you choose to add may be sensitive. We treat it as high-risk family information even where it is not technically special category data under UK data protection law.

We do not sell personal data. We do not use individual SEND, child, health, wellbeing, journal, incident, document, or family content for advertising. We use your information to provide Heedli, keep it secure, manage your account and subscription, support you, improve reliability, and comply with law.

AI features are optional. Server-side safeguards remove or replace common direct identifiers before the app sends letter-generation prompts to the AI provider, and the current AI request is configured not to store prompts or outputs for model training.

Research contribution is optional and is designed around aggregate, de-identified statistics rather than raw diary entries, child names, documents, or correspondence. You can withdraw optional AI and research choices in the app where those controls are available.

The exact data we collect depends on the features you use. We aim to collect only what is necessary for the relevant feature, support request, security purpose, or legal obligation.

• Account and identity data: name, email address, authentication identifiers, sign-in provider, account status, consent records, and communication preferences.
• Parent, carer, family, and contact data: information you add about family circumstances, support arrangements, roles, and people involved in care or education.
• Child and young person data: name, age, date of birth where provided, school context, SEND profile, communication style, conditions, suspected conditions, support status, strengths, challenges, triggers, routines, sensory profile, eating and sleep notes, and related profile information.
• Wellbeing and daily-life data: mood check-ins, journal entries, parent notes, young-person notes, daily context, coping tools, achievements, schedule items, reminders, and activity history.
• SEND and evidence data: EHCP journey information, DLA-related entries, school concerns, incident logs, behaviour or support observations, calendar appointments, deadlines, generated letters, templates, report snapshots, and uploaded documents or media.
• AI feature data: selected letter type, redacted child profile fields, incident summaries, additional context you choose to provide, generated outputs, model metadata, token counts, and limited audit summaries.
• Research contribution data: optional aggregate statistics such as age band, condition categories, school type, sensory profile category, incident counts, trigger frequencies, tool effectiveness aggregates, and detected pattern flags.
• Subscription and purchase data: RevenueCat and app-store identifiers, product IDs, subscription status, trial status, purchase and expiry dates, cancellation state, store, and webhook lifecycle events.
• Device, diagnostics, and security data: device type, platform, operating system version, app version, IP-derived approximate location, logs, crash diagnostics, rate-limit events, feature flags, linked-device records, push token records, and security/audit events.
• Website and support data: website requests, theme preferences, emails, support requests, accessibility enquiries, feedback, survey answers, waitlist entries, and other messages you send to us.

UK GDPR gives additional protection to special category data, including health data. In a SEND, disability, neurodivergence, education, and wellbeing context, information you provide may reveal health, disability, mental health, safeguarding, educational support needs, or other sensitive circumstances.

Where we process special category data, we need both an Article 6 lawful basis and an Article 9 condition. Depending on the context, our Article 6 bases may include contract, consent, legitimate interests, legal obligation, or vital interests. Our Article 9 conditions may include explicit consent, legal claims, substantial public interest where applicable, or vital interests in rare urgent safety situations.

You should only add sensitive information about another person if you have appropriate responsibility, authority, consent, or another lawful and fair basis to do so. This is especially important for information about children, young people, other parents, school staff, clinicians, local authority staff, or other third parties.

Heedli includes features that may relate to children and young people, including child profiles and the Young Person Hub. Children’s data deserves particular protection, so we design these features around necessity, transparency, data minimisation, security, and age-appropriate expectations.

Parents, carers, guardians, and authorised adults are responsible for deciding what information to add about a child or young person and for making sure they have the right to provide it. Where a young person uses a linked device or dedicated space, the app is still designed to sit within appropriate family or caring oversight unless a feature clearly states otherwise.

If you believe a child’s personal data has been provided to us without appropriate authority, contact us at privacy@heedli.com. We will review the issue and take appropriate steps, which may include restricting access, deleting data, or asking for evidence of authority.

We use personal data to operate, secure, maintain, support, and improve Heedli. We do not use sensitive family content for unrelated advertising or sell it to data brokers.

• To create accounts, authenticate users, maintain sessions, sync data, and provide user-controlled exports and deletion.
• To let you create profiles, check-ins, incidents, journals, schedules, documents, letters, reports, reminders, and saved content.
• To provide optional AI-assisted drafting and pattern-support features where you have enabled them and the relevant consent gate is satisfied.
• To generate, secure, expire, limit, and revoke shared reports that you choose to create for schools, local authorities, professionals, tribunals, or family support.
• To manage subscriptions, trials, premium access, app-store purchase status, restoration, cancellation state, billing support, accounting, and fraud prevention.
• To send service messages, push notifications, reminders, security alerts, policy updates, support replies, waiting-list communications, and administrative notices.
• To diagnose faults, measure reliability, investigate misuse, apply rate limits, manage feature flags, preserve audit trails, and protect users and the service.
• To create aggregated, de-identified, or anonymised insights where possible, including optional research contribution and population benchmark features.
• To comply with legal obligations, enforce our terms, respond to lawful requests, protect rights, and handle complaints, safeguarding concerns, or disputes.

We rely on contract where processing is necessary to provide Heedli and the features you request. This includes accounts, profile storage, sync, reports, exports, support tools, and subscription access.

We rely on consent for optional choices such as AI features, research contribution, certain marketing communications, and some non-essential cookies or similar technologies. You can withdraw consent, but withdrawal does not make earlier lawful processing invalid.

We rely on legitimate interests to run, secure, improve, and understand Heedli, prevent misuse, support users, maintain audit logs, and develop the product in a proportionate way. We balance those interests against the rights and expectations of families and children.

We rely on legal obligation where we must keep accounting, tax, consumer, regulatory, corporate, or compliance records, and on vital interests in rare situations where processing is necessary to protect someone’s life or immediate safety.

Heedli may provide optional AI-assisted drafting, summarisation, or pattern-support features. For example, the app can help draft UK SEND letters using selected profile information, incident summaries, and context you choose to provide.

The AI letter-generation flow is server-side. The OpenAI API key is not stored in the mobile app. Before a letter prompt is sent to the AI provider, our server-side redaction layer replaces common direct identifiers such as child names, parent or carer names, school names, email addresses, phone numbers, and postcodes where detected. The current AI request uses OpenAI gpt-4o-mini and is configured with store: false.

AI outputs can be incomplete, inaccurate, or inappropriate for your circumstances. We keep limited audit information about AI interactions, such as feature type, template type, child age, counts of conditions or incidents, token usage, model used, and a shortened output preview, so we can operate, secure, and support the feature.

You should avoid entering unnecessary sensitive information into AI features. You must review and edit all AI-generated text before relying on it, sending it, or sharing it with a school, local authority, tribunal, clinician, professional, or other recipient.

Research contribution is optional. It is designed to help produce aggregate population-level insights and benchmarks without collecting raw diary entries, child names, uploaded documents, direct correspondence, or full free-text histories for research use.

Where enabled, the app may submit aggregate contribution data such as age band, condition categories, sensory profile category, school type, incident counts, trigger frequencies, time and day patterns, context correlations, tool effectiveness aggregates, and detected pattern flags. The feature applies minimum data thresholds before contribution so the data is less likely to identify a family by a single event.

Even aggregate or de-identified information can sometimes carry re-identification risk when combined with other data. We manage that risk through minimisation, access controls, security policies, and by avoiding unnecessary direct identifiers. You can turn research contribution off in the app where the control is available.

Heedli lets you create professional reports or shareable report links. You control whether to create and send a report, who receives the link, and any available access settings such as expiry, view limits, and PIN protection.

A shared report may contain sensitive child, family, SEND, wellbeing, incident, school, support, and evidence information. Anyone with a valid link and required PIN, if enabled, may be able to view the report until it expires, reaches its view limit, or is revoked. You should share report links carefully and only with people who need the information.

We may record report metadata such as report type, included sections, expiry date, view count, access status, and security events to provide and protect the sharing feature.

If you link a young person’s device, we process linking codes, linked-device records, family identifiers, device names, active status, and young-person hub data such as schedule items, mood check-ins, tool usage, notes, and achievements.

Linked-device features are designed so parents or carers and linked young-person devices can access the relevant family or profile data according to the app’s access controls. You are responsible for managing linked devices and removing access if a device is lost, shared with the wrong person, or no longer appropriate.

Heedli stores some information locally on your device so the app can work quickly and preserve your progress. Sensitive local stores use encrypted storage where implemented, and authentication tokens use platform secure storage such as iOS Keychain or Android Keystore.

Local device security still matters. If someone can access your unlocked device, device backups, screenshots, exported files, shared reports, or operating-system account, they may be able to access information you store or export from Heedli.

We use selected providers to deliver Heedli. Where they process personal data for us, we use appropriate contractual and security safeguards. Providers may change as the product develops, but the main categories are set out below.

• Cloud backend, database, authentication, storage, and edge-function providers, including Supabase.
• AI service providers for optional AI-assisted features, currently OpenAI for server-side letter generation.
• Subscription and purchase infrastructure, including RevenueCat, Apple App Store, and Google Play where applicable.
• App delivery, notifications, and platform services, including Expo and mobile operating-system providers where applicable.
• Error monitoring, diagnostics, security, hosting, deployment, email, customer support, and analytics providers used to run and maintain the service.
• Professional advisers, accountants, insurers, auditors, legal representatives, regulators, authorities, courts, emergency services, or safeguarding bodies where necessary and lawful.
• People or organisations you ask us or the app to share with, such as schools, local authorities, SEND professionals, family members, representatives, or support services.
• A buyer, investor, funder, acquirer, or successor organisation if we restructure, merge, sell, transfer, or finance all or part of our business, subject to appropriate confidentiality and data protection safeguards.

Some providers may process personal data outside the United Kingdom. Where that happens, we use safeguards required by data protection law, such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or another lawful transfer mechanism.

We take particular care with sensitive family and child-related information when choosing providers and configuring data flows, but no international transfer mechanism removes all operational risk. We review providers proportionately to the nature of the processing involved.

We keep personal data only for as long as needed for the purposes described in this notice, including providing Heedli, keeping records, resolving disputes, complying with law, enforcing terms, protecting rights and safety, and maintaining security.

Account and app content is generally kept while your account is active. If you delete content or delete your account, we will delete or anonymise relevant active records where reasonably possible, subject to legal, security, backup, dispute, safeguarding, fraud-prevention, accounting, and audit requirements.

Consent records, subscription records, transaction metadata, support records, security logs, deletion records, and legal correspondence may be kept for longer where necessary. Backups may retain deleted information for a limited period until overwritten or securely isolated from ordinary use.

The app includes data export and deletion features where available. Exported files may contain sensitive information, so you should store and share them carefully.

Account deletion is designed to remove your account and user-owned storage objects, with related database records deleted through the backend where technically and legally possible. Some limited records may be retained where we have a lawful reason, such as fraud prevention, legal claims, accounting, security, or compliance.

If you need help correcting, exporting, or deleting information, contact privacy@heedli.com. We may need to verify your identity and, where the request concerns another person or a child, your authority to act.

We use technical and organisational measures designed to protect personal data, including access controls, row-level database security, least-privilege server keys, encrypted transport where appropriate, secure token storage, monitoring, rate limits, audit trails, safe logging practices, and operational controls.

No digital service can be perfectly secure. You can help by using strong passwords, keeping devices locked and updated, managing linked devices carefully, avoiding unnecessary uploads, protecting exported files and shared links, and telling us promptly if you suspect unauthorised access.

Our website and app may use cookies, local storage, SDKs, push tokens, pixels, or similar technologies to remember preferences, keep sessions working, support security, measure reliability, prevent misuse, and improve the service.

Where consent is required for non-essential cookies or similar technologies, we will ask for it. You can usually control cookies through your browser or device settings, although disabling some technologies may affect how the service works.

We may send service messages that are necessary for your account or the service, such as security notices, policy updates, support replies, subscription notices, and important product updates. These are not optional marketing messages.

We only send optional marketing where we have a lawful basis to do so, such as consent or soft opt-in rules where applicable. You can unsubscribe from marketing messages using the instructions in the message or by contacting privacy@heedli.com.

Heedli is not monitored as an emergency or safeguarding service. We do not guarantee that we will review app content, reports, journals, or messages in real time.

In rare cases, if information comes to our attention that indicates an immediate risk of serious harm, abuse, exploitation, or another urgent safeguarding concern, we may process or disclose information where necessary and lawful to protect vital interests, comply with law, or support safeguarding action.

If anyone may be at immediate risk, contact emergency services, NHS 111 or 999 as appropriate, your GP, crisis support, social care, a school safeguarding lead, or another appropriate professional service. Do not rely on Heedli to request emergency help.

Under UK data protection law, you may have rights to access your personal data, correct it, erase it, restrict processing, object to processing, receive portable data, withdraw consent, and challenge certain solely automated decisions with legal or similarly significant effects. These rights are not absolute and depend on the circumstances and lawful basis involved.

To exercise a right, contact us at privacy@heedli.com. We may need to verify your identity and your authority to act, especially where a request concerns a child, young person, family member, professional, or another third party.

You also have the right to complain to the UK Information Commissioner’s Office at ico.org.uk. We would appreciate the chance to respond first, but you do not have to contact us before raising a complaint with the ICO.

We may update this policy as Heedli, our providers, our data flows, or legal requirements change. The latest version will be published on this page.

Where a change is material, we will take reasonable steps to bring it to your attention. The app may ask you to accept updated policy versions before continuing where we need a clear record of consent or agreement.