Skip to content
My DigiLa
Log out

Privacy Policy

Last update 03.11.2025

1. Introduction

Digila ("the Service") is an early childhood education management and learning platform that assists teachers, parents, and educational institutions. This Privacy Policy explains what personal data we process, for what purposes, and how we protect it.

2. Roles in Data Protection

For most platform functions (account, content, subscriptions), DigiLa OÜ is the data controller. When we process data imported from an educational institution or through Kindiedays (children's data, groups, curricula, grades), DigiLa OÜ generally acts as a data processor on behalf of the respective institution.

3. Data Controller and Contact

DigiLa OÜ
E-mail: digila@digila.eu
Website: www.digila.eu

4. Personal Data We Process

We process the following categories of data:

  • User Account Data: name, email, password (hashed), user role (e.g., teacher, parent, administrator), email verification status.
  • Organization Data: name of the educational institution, location, logo, groups, and user roles.
  • Children's and Learning Data: child's name, group and age group, curriculum node connections, and developmental assessments (access restricted to authorized persons).
  • Usage Data: login status, session information, language preference, viewed learning materials (e.g., recently viewed), security logs.
  • Payment-related Data: subscription status and identifiers; card data is processed by Stripe, we do not store card data.
  • Media: video learning materials are embedded via Vimeo (may process device/IP data for video playback).
  • Kindiedays Import: educational institution data (daycares/nurseries, groups, children, parents associated with a child, curricula, grades).
  • Anonymized Data: summary analysis of developmental assessments using artificial intelligence, which does not contain personally identifiable information.

5. Purposes and Legal Basis for Processing

  • Performance of a contract – creating and managing accounts, providing learning materials, linking curricula, generating reports.
  • Legitimate interest – service development (including analysis of developmental assessments using AI on anonymized data), security (including fraud prevention, access control), improving user experience.
  • Consent – certain optional features (e.g., playing media content or marketing communications, where applicable).
  • Legal obligation – compliance with accounting and consumer protection requirements.

6. Data Sharing and Recipients

We share data only on a need-to-know basis with the following recipients:

  • Stripe – for processing subscriptions and payments (we do not store card data).
  • Vimeo – for embedding and playing video learning materials.
  • Kindiedays – for data synchronization if the institution uses Kindiedays.
  • AI Service Providers – for summarizing developmental assessments, using only anonymized data that does not allow for personal identification.
  • Service Providers – hosting, email and system notification delivery, logging and security management services.
  • Within the Organization – authorized teachers and administrators of an institution see only their institution's data based on role-based access.

We do not sell or rent personal data to third parties. Some service providers may be located outside the European Economic Area; in such cases, we apply appropriate safeguards in accordance with applicable law.

7. Data Retention

  • Account and Service Data: until the account is active or as long as necessary for the performance of the contract; thereafter, we delete or anonymize the data within a reasonable time, unless a longer retention period is required by law.
  • Imported Kindiedays Snapshots: we retain for the minimum time necessary for diagnostics and synchronization purposes.
  • Billing Data: we retain in accordance with applicable accounting requirements.

8. Security

  • Encrypted connection (HTTPS).
  • Secure password hashing.
  • Protection of private files with temporary signed URLs (e.g., 1-hour validity).
  • Role-based access control and internal team permissions management.
  • Email verification requirement for accessing paid resources.

9. Cookies

We use cookies to ensure the service functions as expected:

  • Necessary session cookies – authentication, CSRF protection, language preference.
  • Functional cookies – to improve user experience (e.g., recently viewed learning materials).

We do not use third-party marketing cookies. Embedding videos (Vimeo) may load cookies or similar technologies under the terms of the respective service provider.

10. Children's Privacy

The platform is used by teachers and parents. Children's data is processed for educational purposes and is accessible only to authorized persons. We do not create separate user accounts for children; parents and institutions manage access according to their roles and legal bases.

Additionally, child's data may be used to generate summaries of developmental assessments using artificial intelligence (AI). In such cases, the child's data is anonymized when using the AI service and does not contain information that would allow the child to be personally identified. The purpose is to provide better educational recommendations and analyses while ensuring data privacy.

11. Your Rights

Under the GDPR, you have the right, among others, to:

  • access your personal data;
  • rectify inaccurate or incomplete data;
  • request erasure or restriction of processing;
  • request data portability;
  • object to processing based on legitimate interest;
  • withdraw consent at any time if processing is based on consent;
  • lodge a complaint with the Data Protection Inspectorate.

12. Exercising Your Rights

To exercise your rights, please write to us at digila@digila.eu. For security purposes, we may request additional information to verify your identity. We will generally respond to requests within 30 days.

13. Changes to the Privacy Policy

We may update this Privacy Policy to reflect changes in the service or legislation. We will notify you of significant changes on the platform and/or by email, where appropriate. The date of the last update is shown at the top of the page.

14. Contact

If you have any questions, please contact us:

E-mail: digila@digila.eu
Website: www.digila.eu