Privacy Policy

Last updated:

1. Introduction

In-Tune ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software-as-a-service (SaaS) platform for music tutoring management (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, postal address, and other contact details
  • Business Information: Business name, registration details, payment information, and billing address
  • Student Information: Student names, ages, contact details, lesson history, and progress records
  • Content: Messages, lesson notes, homework assignments, and other content you create or upload
  • Payment Information: Credit card details processed securely through our payment providers (we do not store full card details)

2.2 Automatically Collected Information

  • Usage Data: How you interact with our Service, features used, and time spent
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Cookies and Tracking: We use cookies and similar technologies to enhance your experience

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process payments and manage subscriptions
  • Send administrative information, updates, and support communications
  • Respond to your inquiries and provide customer support
  • Monitor and analyse usage patterns to improve functionality
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our terms

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party providers who assist in operating our Service (e.g., payment processors, cloud hosting, email services)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
  • With Your Consent: When you explicitly authorise us to share information

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • PCI DSS compliance for payment processing
  • SSL/TLS encryption for all communications

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfil the purposes outlined in this policy, unless a longer retention period is required or permitted by law. When you request account deletion, we delete or anonymise data in line with the scope of your request, except where we must retain limited records for legal, tax, accounting, fraud prevention, or security purposes.

Deletion scope: standard user deletion removes or anonymises user-linked account data. If the requester is the sole owner of a business account, we process the request as full business closure, including business-wide data removal and subscription cancellation.

7. Your Rights

Under UK GDPR and data protection laws, you have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request deletion of your data (with scope based on account role and ownership, as described in Section 6)
  • Restrict processing of your data
  • Data portability (receive your data in a structured format)
  • Object to processing of your data
  • Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the details provided in Section 9.

8. Children's Privacy

Our Service is designed for tutoring organisations and is not intended for direct use by children under 13. However, we may process information about students (including children) on behalf of our customers (tutoring organisations). In such cases, the tutoring organisation is responsible for obtaining necessary consents and ensuring compliance with applicable laws regarding children's data.

9. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. You are advised to review this policy periodically for any changes.