Privacy policy
Effective: 7 July 2026 · Policy version legal-2026-07-07 · Data controller: Ergodyc Ltd (UK company no. 14123487), trading as (who's) Got the kids.
This policy explains how personal data is processed when you use the Got the kids holiday cover planner (“App”) and when you visit gotthekids.com (“Site”). The service helps UK households plan school-holiday cover and share scoped schedules with family & friends.
1. Who is responsible for your data?
The data controller is Ergodyc Ltd, trading in relation to this product as (who's) Got the kids, with registered office at 104 Lye Green Road, Chesham, Buckinghamshire HP5 3NH, United Kingdom (“we”, “us”).
Data Protection Lead: Managing Director (we have not appointed a separate Data Protection Officer). For data protection enquiries: team@gotthekids.com.
2. What this policy covers
This policy applies to processing in the App and on the Site. Read it together with our Cookie Policy (Site only) and Terms of service. App store providers (Apple, Google, when applicable) process their own data when you download or pay; they operate under their own privacy terms.
3. Children and parents
Got the kids is used by parents and guardians to plan who is responsible for children during school holidays. Parents enter children's first names and schedule details (times, locations, notes). We do not knowingly collect data directly from children through the App or Site.
Parents are responsible for what they share with family & friends via scoped links. Where UK law requires parental authority for information society services, a person with parental responsibility should set up the household account and control sharing.
People who open a share link (for example a grandparent or sitter) may have limited technical data processed (such as IP address and browser type) when they open the link. They see only the schedule slice the parent assigned. They can contact us at team@gotthekids.com to exercise data protection rights in relation to that processing.
We design the service to minimise personal data, avoid behavioural advertising profiles for children, and not require family & friends to create accounts to view their slice of a plan. We align our approach with the ICO Children's Code where it applies to services likely to be accessed by children.
4. What personal data we process
In the App (typical categories)
- Account data — email address and authentication identifiers for the planning parent or household.
- Household data — children's first names, holiday windows, schedule blocks (dates, times, locations, activity notes), and names or labels for family & friends on the plan.
- Share links — unguessable tokens that let each person view only their assigned slice. Opening a link may log limited technical data (see below).
- Confirmations — when a family member or friend confirms a block via their link, we record that confirmation for the household.
- Purchase data (when applicable) — app stores process payments; we receive the minimum needed to confirm entitlements.
- Advertising (if introduced) — if we show optional advertising in the free parent app, we will describe what is shown, where, and how to opt out (for example via a paid tier). Ads will not appear on share links for family & friends. We will not use children's data to build behavioural advertising profiles.
On this website (typical categories)
- Technical and security logs — e.g. IP address, browser type, date/time, pages requested. Processed by our hosting provider to keep the Site secure and available.
- Family beta requests — if you email us to request beta access, we process your email address and message content to respond.
- Cookie consent — your analytics preference and consent timestamp (stored locally in your browser).
- Analytics (if you consent) — aggregated or pseudonymous usage data via tools such as Plausible or Google Analytics, configured to respect your cookie choice.
5. Purposes of processing
- To provide the holiday cover planner, holiday windows, scoped share links, and confirmation features.
- To operate, secure, and improve the App and Site.
- To respond to beta access requests and support enquiries.
- To process purchases and entitlements where applicable.
- To comply with law (e.g. tax or accounting obligations relating to sales).
6. Lawful bases (UK GDPR)
We rely on one or more of the following, depending on the activity:
- Contract — providing the App and features you request.
- Legitimate interests — e.g. securing the Site, preventing abuse, and limited product improvement, balanced against your rights and those of children.
- Consent — where required for non-essential analytics cookies or optional communications.
- Legal obligation — where the law requires us to retain or disclose information.
Special category data: Got the kids is not intended to collect health data or custody orders. If that ever changes, we will identify a lawful basis under Article 9 UK GDPR and update this policy.
6b. Purposes and lawful bases (detail)
- Providing the App — Contract (necessary to deliver the planner, holiday windows, and share links you request).
- Household account and authentication — Contract. You must provide an email and account details to use the hosted planner; without them we cannot provide the service.
- Share-link delivery and confirmations — Contract (delivering the slice the parent assigned) and Legitimate interests (security, abuse prevention, and reliable link operation), balanced against recipients' rights.
- Site security and consent evidence — Legitimate interests (protecting the Site, users, and demonstrating compliance).
- Analytics on the Site — Consent (cookie banner). Without consent we do not load analytics tools.
- Family beta and support email — Legitimate interests (responding to your request) or Pre-contract steps at your request.
- Tax, accounting, and legal compliance — Legal obligation.
6c. Legitimate interests
Where we rely on legitimate interests, our interests include: keeping the App and Site secure; preventing abuse of share links; maintaining reliable delivery of scoped schedules; improving the product based on aggregated feedback; and keeping records needed to demonstrate compliance. We balance these interests against your rights and those of children and link recipients. You may object to processing based on legitimate interests where applicable — contact team@gotthekids.com.
6d. Automated decision-making
We do not use automated decision-making or profiling that produces legal or similarly significant effects about you or your child.
7. Who we share data with
- Family & friends you invite — only the schedule slice you assign via a scoped link (Ergodyc remains the data controller for data hosted on our systems).
- Cloudflare — hosts this marketing website and processes technical logs needed to deliver pages securely.
- Supabase — hosts App data on infrastructure in the UK/EU for authenticated household accounts and share-link delivery.
- Microsoft 365 — processes email sent to or from team@gotthekids.com for support and beta communications.
- Analytics providers (if you consent) — e.g. Plausible or Google Analytics on the Site only.
- App stores — Apple and/or Google for distribution, updates, and payments when the App is listed.
- Professional advisers — lawyers or accountants where required.
- Authorities — if required by law or valid legal process.
We do not sell personal data. We do not use children's data to build behavioural advertising profiles. Share links for family & friends are not paywalled and will not carry third-party advertising if we introduce ads in the parent app.
8. International transfers
Some processors (for example app stores, hosting, or analytics providers) may process limited data outside the UK. Where that happens, we use appropriate safeguards required by UK GDPR (such as the UK International Data Transfer Agreement, standard contractual clauses approved for use in the UK, or adequacy regulations).
9. How long we keep data
Household account data: retained while your account is active. You may request deletion; we delete or anonymise when purposes end unless a longer period is required by law.
Share links: tokens expire according to product settings (typically within 30 days unless rotated). Technical logs for link opens are kept only as long as needed for security and reliability.
Marketing Site logs: retained for a limited period for security, then deleted or aggregated.
Beta and support email: retained as long as needed to respond and improve the service, then deleted unless you become a customer or law requires longer retention.
Legal and finance records: retained as required by tax and company law.
10. Security
We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and scoped share tokens. No method of transmission or storage is completely secure; we work to reduce risk.
11. Your rights
Under UK GDPR you may have rights including: access, rectification, erasure, restriction of processing, objection, and data portability (where applicable). Parents may exercise rights on behalf of younger children.
Where we rely on consent (for example analytics cookies), you may withdraw consent at any time using the cookie preferences control on the Site or by contacting team@gotthekids.com. Withdrawal does not affect the lawfulness of processing before withdrawal.
You may complain to the Information Commissioner's Office (ICO): ico.org.uk.
12. Cookies
See our Cookie Policy for categories, consent controls, and how to update preferences.
13. Changes to this policy
We will update this policy when our practices or the law change. Material changes to the App should be reflected in-app and on this page.
14. Contact
Ergodyc Ltd, 104 Lye Green Road, Chesham, Buckinghamshire HP5 3NH, United Kingdom. Privacy questions: team@gotthekids.com.