TutorLab

Legal

Privacy Policy

Last updated: 24 April 2026

The short version

TutorLab is a UK-based software service built for private tutors. We collect only what we need to run your account, process your payments, and generate the lesson plans, parent reports and invoices you ask us to.

We will never sell your data, your students' data, or your parents' contact details to anyone. We don't run ads. We don't share data across tutor accounts.

If you want us to delete your data, email support@tutorlab.uk and we will do so within 30 days.

Who we are

TutorLab is operated from the United Kingdom. For the purposes of UK GDPR and the Data Protection Act 2018, TutorLab is the data controller for personal data you provide when using our service. You can contact us at support@tutorlab.uk.

What data we collect

Account data. Your name, email address, country, and an encrypted password hash. We never store passwords in plain text.

Billing data. Subscription status and plan. Card details are handled by Stripe and never touch our servers — we only receive a token and the last four digits of your card for display.

Student and session data. Information you add about your students (name, year group, exam board), your session notes, and any lesson plans, parent reports, homework or invoices you generate. This data belongs to you. You can export or delete it at any time.

Usage data. Basic logs — page requests, IP address, browser — used to keep the service running and catch abuse. We do not build advertising profiles.

Cookies. We use a small number of essential cookies to keep you signed in. We do not use third-party advertising cookies.

How we use your data

We use your data only to: run your account and keep you signed in, generate the lesson plans, reports and invoices you ask for, process subscription payments, send service emails (receipts, password resets, outages), and improve the product based on aggregate usage patterns.

We will not use your session notes or student data to train third-party AI models. Generations are processed via our AI providers (see below) and are not retained for training by them under our agreements.

Who we share data with

We share data only with the processors we rely on to run TutorLab:

  • Supabase — hosts our database and authentication. EU-region hosting.
  • Stripe — processes subscription payments. Card details are handled directly by Stripe.
  • AI providers (OpenAI, Anthropic, or similar) — process the text you submit when generating lesson plans, reports, homework or exam questions. Inputs are not retained for training under our enterprise terms.
  • Email provider — sends transactional emails (receipts, password resets).

We will never share your data with advertisers, data brokers, or other tutors.

Where your data is stored

Primary data is hosted in UK or EU regions. Some processors (for example AI providers) may process data in the US. Where this happens we rely on Standard Contractual Clauses or equivalent safeguards under UK GDPR.

How long we keep it

We keep account and session data for as long as your account is active. If you close your account we delete personal data within 30 days, except where we need to retain it for legal reasons (for example billing records, which we keep for 6 years as required by UK tax law).

Your rights

Under UK GDPR you have the right to:

  • Access the data we hold about you.
  • Correct inaccurate data.
  • Delete your data (the “right to be forgotten”).
  • Export your data in a portable format.
  • Object to specific processing.
  • Complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights email support@tutorlab.uk. We will respond within 30 days.

A note on student data

Students whose information you add to TutorLab are typically minors. You should only add the minimum information you need to tutor them, and you should have the parent or guardian's permission to do so. TutorLab is a tool for tutors — we do not have a direct relationship with the students whose names appear in your account, and we rely on you to use the service responsibly under your own legal basis for processing.

Changes to this policy

If we make meaningful changes to how we handle data we will email registered account holders in advance. The “Last updated” date at the top of this page always reflects the most recent revision.

Contact

Questions about privacy or data requests: support@tutorlab.uk.

← Back to TutorLab