1. Introduction
LomloeHub ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring transparency about how we collect, use, and protect your personal data. This Privacy Policy explains our practices regarding personal information collected from teachers, educational administrators, students, families, and other users of our platform.
We comply with all applicable data protection laws, including the General Data Protection Regulation (GDPR), Spanish data protection legislation (LSSI-CE, LOMLOE), and Catalan privacy regulations enforced by the Autoritat Catalana de Protecció de Dades (AAPD).
3. What Personal Data We Collect
3.1 Information You Provide Directly
- Account information: Name, email address, phone number, school/institution name
- Profile data: Job title, subject area, grade level, educational qualifications
- Content you create: Lesson plans, calendar entries, educational materials, assessments
- Communication: Messages, feedback, support requests, survey responses
- Payment information: Billing address, subscription details (processed securely via third parties)
3.2 Information Collected Automatically
- Device information: Device type, operating system, browser type
- Usage data: Pages visited, features used, time spent, search queries
- Technical data: IP address, log files, cookies, session identifiers
- Location data: General geographic location (country/region level only)
3.3 Information from Third Parties
- Educational institution records (with proper authorization)
- OAuth providers (Manus authentication system)
- Analytics services (Google Analytics, performance monitoring)
- Payment processors (for subscription management)
4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
| Processing Purpose | Legal Basis |
|---|
| Account creation and authentication | Contract performance |
| Service delivery | Contract performance |
| Analytics and service improvement | Legitimate interest |
| Marketing communications | Consent (opt-in) |
| Legal compliance | Legal obligation |
| Security and fraud prevention | Legitimate interest |
5. How We Use Your Data
We use your personal data for the following purposes:
- Providing and improving LomloeHub services
- Authenticating your identity and managing your account
- Delivering personalized educational content and recommendations
- Analyzing usage patterns to enhance platform functionality
- Communicating important updates, security alerts, and service changes
- Responding to your inquiries and providing customer support
- Conducting research on educational effectiveness and LOMLOE compliance
- Complying with legal obligations and protecting our rights
- Preventing fraud, abuse, and unauthorized access
6. Data Sharing & Third Parties
We do not sell your personal data. We may share data with:
- Service providers: Cloud hosting, analytics, payment processing (under data processing agreements)
- Educational institutions: Only with explicit authorization from authorized administrators
- Legal authorities: When required by law or to protect rights and safety
- Business partners: Only with your explicit consent for specific purposes
All third parties are contractually obligated to protect your data with the same level of security we maintain.
7. Student & Minor Data Protection
LomloeHub takes special care to protect the privacy of students and minors:
- Age-appropriate processing: We minimize data collection for users under 16 years old
- Parental consent: For users under 14, parental/guardian consent is required
- Educational purpose only: Student data is used exclusively for educational delivery
- No marketing: Students do not receive marketing communications
- Enhanced security: Student data receives additional security protections
- Data retention: Student data is deleted upon request or end of enrollment
8. Data Security
We implement comprehensive security measures to protect your data:
- Encryption: SSL/TLS encryption for data in transit; AES-256 for data at rest
- Access controls: Role-based access and authentication requirements
- Regular audits: Security assessments and penetration testing
- Incident response: Documented procedures for data breach notification
- Employee training: Regular data protection and security training
- Compliance: ISO 27001 standards and GDPR compliance measures
While we implement strong security measures, no system is completely secure. We encourage you to use strong passwords and enable two-factor authentication.
9. Your Privacy Rights
Under GDPR and Spanish data protection laws, you have the following rights:
- Right of access: Request a copy of your personal data
- Right to rectification: Correct inaccurate or incomplete data
- Right to erasure: Request deletion of your data ("right to be forgotten")
- Right to restrict processing: Limit how your data is used
- Right to data portability: Receive your data in a portable format
- Right to object: Opt-out of certain processing activities
- Right to withdraw consent: Revoke consent for optional processing
- Right to lodge a complaint: File a complaint with data protection authorities
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
10. Data Retention
We retain your data only as long as necessary:
- Active accounts: Data retained while account is active
- Account deletion: Data deleted within 30 days of account closure
- Educational records: Retained per institutional policies and legal requirements
- Analytics data: Aggregated data retained for 13 months
- Legal obligations: Data retained as required by law (e.g., tax records for 6 years)
11. International Data Transfers
LomloeHub primarily operates within the EU/EEA. If data is transferred outside this region, we ensure appropriate safeguards including Standard Contractual Clauses (SCCs) and adequacy decisions. Users have the right to request information about specific transfer mechanisms.
12. Contact & Complaints
For privacy inquiries or to exercise your rights:
You also have the right to lodge a complaint with your local data protection authority:
- Catalonia: Autoritat Catalana de Protecció de Dades (AAPD)
- Spain: Agencia Española de Protección de Datos (AEPD)
- EU: Your national data protection authority
13. Policy Updates
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or prominent notice on our platform. Your continued use of LomloeHub constitutes acceptance of the updated policy.
© 2026 LomloeHub. All rights reserved. This Privacy Policy is provided in English and Catalan. In case of discrepancy, the Catalan version shall prevail.