Policies & Legal

Our policies

All SoloCogs policies in one place. We're committed to transparency - about how we protect students, how we handle data, and how we expect the platform to be used.

Procurement evidence pack For schools
Single-page evidence pack for school / MAT / trust procurement teams. Legal entity, insurance, DPIA, sub-processors, data residency, safeguarding flow, DSL named, retention - everything in one place.
Open the pack →
Safeguarding & Child Protection Policy
Our duty of care to every student, how concerns are identified and handled, and who is responsible.
Read policy →
Safeguarding Disclosure Pathway
Operational pathway: how the platform detects, captures, reviews and escalates a safeguarding concern. SLAs, retention, RLS isolation, and how to set up a school-specific DSL queue.
Read pathway →
Privacy Policy
What personal data we collect, why we collect it, how it is stored, and your rights under UK GDPR.
Read policy →
Data Protection Policy
How we comply with the UK GDPR and the Data Protection Act 2018 across all our systems and processes.
Read policy →
GDPR & Data Residency (school one-pager)
School-friendly summary: where data lives (UK / London), lawful bases, retention periods, sub-processors, breach process and how to request our DPA.
Read policy →
Data Protection Impact Assessment (DPIA)
Public risk-matrix summary covering account data, learning data, accessibility telemetry, SEND register, and analytics. Full signed PDF available on request - typically what schools need to attach to their own information register.
Read policy →
Sub-processors list
The dated, versioned list of every third party that processes data on our behalf - Supabase, Cloudflare, PayPal, Stripe, Google. Includes region, DPA reference, and our 30-day change-notification commitment. The page procurement officers usually want to bookmark.
Read policy →
Security Overview (1-pager)
Print-ready summary for school IT, DPOs, and procurement officers. Covers data residency, encryption, access control, MFA, RLS isolation, backups, breach process, and certification roadmap (Cyber Essentials in progress).
Read policy →
Cookie Policy
What cookies and local storage we use, what they do, and how to manage your preferences.
Read policy →
Terms & Conditions
The terms under which you use SoloCogs - accounts, subscriptions, content, and liability.
Read policy →
Refund & Cancellation Policy
On launch: cancel anytime, 14-day cooling-off, pro-rata refunds on annual plans, plus the situations where we always refund (and the ones where we don't).
Read policy →
Acceptable Use Policy
How the platform may and may not be used - particularly important given our student user base.
Read policy →
Complaints Policy
How to raise a concern or complaint, what to expect in response, and how to escalate if needed.
Read policy →
Online Safety Policy
How we keep students safe online - platform design, content standards, and incident response.
Read policy →
Equality & Inclusion Policy
Our commitment to equitable access and inclusive practice across everything we do.
Read policy →
Whistleblowing Policy
How to raise serious concerns about conduct, safeguarding, or malpractice - without fear of reprisal.
Read policy →
Copyright & Intellectual Property Policy
Who owns the content, how it may be used, and how to report a copyright concern. Includes our notice-and-takedown process.
Read policy →
Note: These policies were last reviewed April 2026. If you have a question about any of them, please contact us.