Toddle at a glance
From curriculum maps to lesson plans
From curriculum maps to lesson plans
All your assessment needs in one place
Your assessment cycle in one place
Make learning visible
Build customised progress reports
Build customized report cards
Keep your entire community in sync
Track and report student well-being
Attendance, timetable, calendar
Be accreditation-ready at all times
Save time & elevate practices with your personal teaching assistant
Integrate with your favourite tools
Secure your school’s data
Last Updated: May 27, 2025
It is our mission to help teachers deliver meaningful learning experiences. To achieve this, we build easy to use tools that help make things simple for teachers and empower them to focus on the important things. It is hence critical that we create a safe and secure environment where teachers, children, and parents freely share content and ideas. Creating such a safe and secure environment is central to the success of our endeavours.
This Privacy Policy governs the use of data collected by our websites toddleapp.com, web.toddleapp.com, web.toddleapp.cn, and our apps - Toddle Family, Toddle Educator and Toddle Student (hereafter, collectively referred to as “the Service”, “Toddle”, or, “the Toddle Service”).
By using Toddle, you are agreeing to this Privacy Policy. If you do not agree, please refrain from using Toddle. You can contact us anytime with queries about this Privacy Policy at privacy@toddleapp.com.
“Profile”
This includes personally identifiable information that we collect when you create an account. This may include First Name, Last Name, Email, and Phone Number of the user.
“Class Journal”
This includes all the content added to the class journal.
“Academic Plans”
This includes the Programme of Inquiry, Unit Plans, Learning Experiences, Assessments, Schedule, Reflections created by the teachers using the planning elements on Toddle. The external resources added by the teacher are not included in this.
“Messages”
This includes the messages sent via Toddle - both from parents to teachers and vice- versa.
“Student Portfolio”
This includes all the content added to a specific student’s portfolio.
“Student Data”
Any data collected by Toddle that can be linked back to an individual student. This contains name, age, Email ID, name of parents, school name, and the assessment data.
“Toddle Resource Bank”
A collection of all the Academic Plans created by teachers. By default, the Academic Plans are private to the school.
“Insights”
Toddle analyses the data collected from the teachers and students and converts them into actionable points to support teachers in teaching and learning. This set of actionable data-points is collectively referred to as Insights.
“Large Language Models (LLMs) ”
Refers to advanced artificial intelligence models designed to process and analyze natural language data on a vast scale. These models possess significant computational power and have been trained on extensive datasets to understand and generate human-like language patterns, responses, and context.
“Data Controller/Data Fiduciary ”
The Data Controller/Data Fiduciary is the entity that decides why and how information is used in Toddle. In most cases, this will be a School.
“Data Subject/Data Principal ”
The Data Subject/Data Principal is the individual (teacher, student, parent) to whom the personal data belongs. These individuals have rights over their data, such as seeing it, correcting it, or deleting it.
“Data Processor ”
Toddle as a Data Processor stores and manages information according to the instructions given by the Data Controller/Data Fiduciary.
Toddle is one stop solution for educators that seamlessly integrates curriculum planning, portfolios, evidence collection, progress reports and communication. Toddle has a web end as well as a mobile end. The Toddle platform has 4 different types of users - Teachers, Students, Parents, and School Administrators. Below is a brief summary of what each type of user can use the platform for:
Teachers: Teachers use Toddle for planning (Unit Plans, Lesson Plans etc), for collecting evidence of learning, for continuous reflection, for assessment evaluation and for contributing to student portfolios.
Students: Students use Toddle to document their learning journeys, set their personalised goals, receive and self-evaluate assessments, and add work to their portfolios.
Parents: Parents are linked to individual students and can see their portfolios. Parents also get access to school calendar, school news, and school policies through the Toddle Family app. The app can also be used for communicating with teachers.
Administrators: Administrators can edit and approve all the academic plans, add, delete and edit the rights of other users from their organisation. They can also see insights for better program implementation.
Toddle is certified under ISO/IEC 27701, an international standard for privacy information management. This certification builds on our ISO/IEC 27001 certification and reflects our commitment to implementing structured and effective privacy and data protection practices.
Toddle participates in the iKeepSafe Safe Harbor program. If you have any questions or need to file a complaint related to our privacy policy and practices, please do not hesitate to contact the iKeepSafe Safe Harbor program at COPPAprivacy@ikeepsafe.org.
Toddle partners with and is certified by iKeepSafe for compliance with FERPA.
FERPA is the “Family Education Rights and Privacy Act”. It governs the terms to protect personally identifiable information (PII) of students. Data collected by Toddle may include personally identifiable information from “education records” (Education Records in FERPA refers to documents, digital or otherwise, that may contain information related to a student and maintained by an educational agency).
Under this Privacy Policy, you designate Toddle as a "School Official" (School Official in FERPA refers to an agency that provides a service to schools for use and maintenance of FERPA records, is under the direct control of the school and uses PII only for authorised purposes). Toddle agrees to comply with FERPA. You can find more details on Toddle and FERPA here.
Toddle partners with and is certified by iKeepSafe for compliance with COPPA.
As a third party operator Toddle relies on School Consent for all underage children under COPPA. Toddle operates as a School Official under the FERPA regulations and complies with these regulations as it relates to children under the age of 13. If you are a school or teacher and you would like to obtain direct parental consent from the parent, Toddle has provided a consent form which can be downloaded here. We do not encourage children to share their work publicly. We continuously review and update our practices to ensure compliance with COPPA requirements. You can find more details on Toddle and COPPA here.
Toddle collects minimal information from you and only uses it for the purposes explicitly called out in the Privacy Policy. The data collected is stored securely using industry standards. All the details with regards to the nature of the data collected and the reason for collecting it can be found in the Privacy Policy. Toddle executes a Data Processing Agreement with all the schools in the EU/ EEA and Switzerland Regions. You can find more details on Toddle and GDPR here.
As a service provider, Toddle is dedicated to complying with the California Consumer Privacy Act (CCPA). We provide California residents with clear rights regarding their personal data. These include the right to access, delete, and manage their personal information, with a guarantee of non-discriminatory service when exercising these rights. Learn more about Toddle’s compliance with the CCPA here.
We are committed to complying with the Digital Personal Data Protection Act, 2023 (DPDPA), a comprehensive legislation that governs the collection, use, storage, and disclosure of personal data in India.
To ensure compliance with DPDPA, we have implemented robust data security practices and procedures. We only collect minimal data necessary for our services and store it securely using industry-standard measures. Our Privacy Policy outlines what data we collect and how we use it. Additionally, we have established transparent data governance processes to ensure responsible data handling. Learn more about Toddle and DPDPA here.
Toddle is committed to maintaining the highest standards of privacy protection and complying with the Australian Privacy Principles (APPs) set out in the Privacy Act 1988. We only gather and handle personal information when necessary for delivering our services, subject to your explicit consent. Your data is securely stored using industry-standard methods and we are open about how we collect, use, and disclose it as outlined in our Privacy Policy. More details about our conformity with the APPs can be found here.
At Toddle, we are dedicated to ensuring that your personal data is handled with the utmost care and in accordance with the Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL). Our approach to data protection is guided by the principles and rights outlined in PDPL, ensuring transparency, security, and respect for your personal information. Learn more about Toddle and KSA PDPL here.
Toddle upholds the highest standards of data protection as outlined in Hong Kong’s PDPO. We collect only the minimal personal information required to deliver our services, and we secure all collected data using best-in-class encryption and storage practices. Details regarding the types of data collected, purposes for collection, and associated retention periods are transparently outlined in our Privacy Policy.
Toddle also respects individuals’ rights under the PDPO, including the right to request access to or correction of personal data. If you have any questions or wish to exercise your rights, please contact us at privacy@toddleapp.com. Learn more about our commitment to PDPO compliance here.
Toddle is committed to protecting the privacy of students, educators, and families. For schools based in the United Arab Emirates, Toddle ensures full compliance with the UAE Personal Data Protection Law (PDPL), Federal Decree-Law No. 45 of 2021.
Toddle acts as a data processor and processes personal data solely on behalf of schools, which serve as data controllers under the PDPL. You can find detailed information on how Toddle meets the obligations outlined in the law, with a focus on security, accountability, and transparency here.
Data received from schools and platform users
Toddle collects only the information necessary to provide and support our educational services. This includes data related to teachers, students, parents, and school administrators, as shared by the school. De-identified or pseudonymised user information is also acceptable and encouraged where feasible, as it helps reduce privacy risks.
The school determines what data is shared with Toddle and how it is used. We do not access, use, or share this data for any purpose other than to deliver our services, comply with legal obligations, or act on the school’s documented instructions. If you have questions about how your information is used within the Toddle platform, please contact your school directly.
Data collected through Toddle’s website and forms
When you visit the Toddle website (toddleapp.com), we may collect personal information such as your name, email address, role, and school name if you choose to sign up for a demo, download a resource, or submit a form.
We also collect technical information, including IP addresses, browser types, and pages visited, through the use of cookies and analytics tools. This data helps us understand website usage and improve the overall user experience. Where required by law, we seek your consent before placing cookies. For more information, please refer to our Cookie Policy.
Below is a list of data that we collect from our different users and and how we refer to it:
“Profile”: This includes personally identifiable information that we collect when you create an account. This may include First Name, Last Name, EMail and Phone Number of the user.
“Class Journal”: This includes all the content added to the class journal.
“Academic Plans”: This includes the Programme of Inquiry, Unit Plans, Learning Experiences, Schedule, Reflections created by the teachers using all the planning elements as specified in the customisable templates. The external resources added by the teacher are not included in this.
“Messages”: This includes the messages sent via Toddle - both from parents to teachers and vice- versa.
“Student Portfolio”: This includes all the content added to a specific student’s portfolio - photos, videos, notes, comments etc.
“Student Data”: Any data collected by us that can be linked back to an individual student. This contains name, age, Email ID, name of parents and the school name.
“Log Data”: We collect log data such as your IP address, browser type, device type, operating system, and your mobile carrier. Additionally we also use cookies to keep you logged into your system to improve your user experience.
Mobile Applications
When using our mobile application, Toddle may access features such as the camera, music, album/gallery and accelerometer on your device to provide the desired services. For example, when you use the portfolio, scan QR code, or add student functions to shoot in real-time; When you use profile settings and upload portfolio photos/videos; or when you use portfolio recording to capture voice input through the microphone. If you do not turn on permissions, you will not be able to use the specific functions related to those permissions, but this will not affect your use of other services provided by the Toddle App.
We use the collected data only to provide services to you as described in this Privacy Policy and as authorised by your school. This applies to data collected through the Toddle platform as well as information shared when you visit our website or fill out a form.
Below are some of the ways we use the data:
A. Data Collected from Platform Users
| Purpose | Legal Basis for Processing |
|---|---|
| To provide access to Toddle’s platform and its core functionalities, including lesson planning, assessments, content sharing, messaging, and classroom collaboration. | Processing is necessary for the performance of a contract between Toddle and the subscribing school or educational institution. |
| To create and manage user accounts, classroom rosters, and other platform configurations based on school-provided instructions. | Processing is undertaken as a data processor, acting on the documented instructions of the school, which serves as the data controller. |
| To provide technical and user support to authorised users, including educators, school administrators, students, and family members. | Processing is necessary to support Toddle’s legitimate interest in ensuring the effective and uninterrupted operation of its services. |
| To send operational communications related to the use of the platform (e.g., assignment updates, password reset instructions, notifications). | Processing is necessary for the performance of Toddle’s contractual obligations to the school, or in Toddle’s legitimate interest in facilitating the use of the platform. |
| To implement measures that ensure the security, integrity, and availability of the platform, including fraud detection, abuse prevention, and system monitoring. | Processing is necessary for Toddle’s legitimate interest in safeguarding its platform, services, and user community. |
| To enable single sign-on or third-party account authentication (e.g., Google, Microsoft, Clever) where requested by the school or user. | Processing is necessary for the performance of contractual obligations and to support secure user access to the platform. |
| To engage authorised third-party service providers (e.g., hosting, analytics, support platforms) that assist in delivering the platform’s features and performance. | Processing is necessary for Toddle’s legitimate interest in maintaining reliable service delivery, subject to appropriate contractual safeguards. |
| To analyse pseudonymised or de-identified usage data to assess feature adoption and improve platform functionality. | Processing is carried out for Toddle’s legitimate interest in enhancing and developing its services in a privacy-respecting manner. |
| To detect, investigate, or report conduct that may violate applicable laws, platform terms, or school policies. | Processing is necessary for Toddle’s legitimate interest in preventing misuse and ensuring compliance with legal and contractual obligations. |
B. Data Collected from Website Visitors and Form Submissions
| Purpose | Legal Basis for Processing |
|---|---|
| To operate, manage, and improve the Toddle website, including performance optimisation, basic analytics, and security monitoring. | Processing is necessary for Toddle’s legitimate interest in ensuring a secure, functional, and user-friendly online presence. |
| To respond to direct requests initiated by individuals, such as demo requests, trial registrations, content downloads, and contact form submissions. | Processing is based on the individual’s consent provided at the time of submission. |
| To send marketing and informational communications, including newsletters and updates about products or services, in accordance with user preferences. | Processing is based on the individual’s consent, or on Toddle’s legitimate interest in promoting its services, where permitted by applicable law. |
| To analyse website usage, including through cookies or similar technologies, to understand visitor interactions and improve site functionality. | Processing is based on Toddle’s legitimate interest in optimising its website. Where required by law, non-essential cookies are deployed only with the user’s consent. |
| To evaluate job applications submitted via the website or third-party recruitment channels. | Processing is necessary for Toddle’s legitimate interest in reviewing and managing prospective employment candidates. |
| To comply with applicable legal obligations, enforce platform terms, or respond to valid requests from courts, regulatory authorities, or law enforcement agencies. | Processing is required to meet legal and regulatory obligations or is carried out for Toddle’s legitimate interest in upholding compliance and protecting its legal rights. |
Toddle processes personal data in different contexts, depending on how individuals interact with our services.
Use of Toddle by schools
When schools use Toddle, they are the primary entities responsible for deciding why and how personal data is processed. The legal term for this role may vary depending on the jurisdiction. For example, it may be called a Data Controller under the GDPR in the European Union, a Data Fiduciary under India’s DPDPA, an Organization under Canada’s PIPEDA, or an APP Entity under Australia’s Privacy Act 1988. Regardless of the terminology, the responsibilities are similar.
Responsibilities of Schools include:
Toddle does not collect these consents directly. As a service provider and data processor, Toddle relies on schools to ensure that all required consents have been obtained in line with applicable data protection laws and regulations.
Schools can download a sample of the Parental Consent form from here
Direct interactions with Toddle
When individuals submit personal information directly to Toddle, such as by visiting our website, registering for a webinar, subscribing to a newsletter, or completing a form, Toddle determines the purpose for which the data is collected. In these cases, we may request explicit consent or rely on other lawful bases such as legitimate interest or the performance of a contract, depending on the nature of the interaction.
You may withdraw your consent at any time by contacting privacy@toddleapp.com. For more details, please refer to our Cookie Policy.
If you believe personal data has been shared with Toddle without the appropriate consent or legal basis, please contact us immediately.
Depending on the country or region you are located in, you may have certain rights under applicable data protection laws. While the exact scope of these rights can vary, they commonly include the right to:
To exercise any of these rights, you can contact us at privacy@toddleapp.com. We will respond in accordance with the applicable data protection law in your region.
If you are a parent or legal guardian seeking to exercise data rights on behalf of your child, or if you are a student, teacher, school staff member, or parent whose personal data has been shared with Toddle by a school, please note that any requests related to access, correction, deletion, or withdrawal of consent must be directed to the school. Since the school acts as the data controller, Toddle cannot act on such requests directly, but we will support the school in responding to and fulfilling these requests as required under applicable law.
Toddle will retain your information for 7 years or as long as necessary to fulfill the purposes outlined in its Privacy Policy. Data that Toddle processes on behalf of its customers will be retained under Toddle’s Terms of Service, Toddle’s Data Processing Agreement, as mandated by law, and any other relevant agreements. Before deleting your data, Toddle will send out 3 reminders to you.
We use a few third-party services in order to operate and improve Toddle. All these services are contractually prohibited from using that information for any other purpose other than to provide the Toddle service. You can find a list of our third party service providers here.
In case of the sale, merger, bankruptcy, sale of assets or reorganisation of our company, we may disclose or transfer your data. We will notify you of the same and the terms of this Privacy Policy will apply to your data when transferred to the new entity.
Toddle will not disclose personal data in response to law enforcement or legal demands unless legally required and, where feasible, the school will be notified unless prohibited by law.
In order to improve your experience with Toddle, we collect and use aggregate data about usage patterns of how you use Toddle - for example, how you interact with various features on a page, the buttons that you click, the time that you spend on a page, etc. This is done to streamline existing user experience and to provide you a better experience of using Toddle.
This section explains how we collect, use, disclose, and protect your information when using Toddle AI’s services. Please read this section carefully to understand how we handle your data. Kindly note that this section is only applicable if your school has subscribed to using Toddle AI. By accessing or using Toddle AI's services, you agree to the practices described in this section:
1.1. Pseudonymized Data: Toddle AI uses pseudonymized data collected from schools as context for prompts to LLMs. This data does not contain personally identifiable information (PII) of any individual and is scrubbed of any identifiable details that could be used to trace back to specific individuals. Toddle shares data about progress reports, unit plans, learning experiences and interactions of teachers with Toddle AI.
1.2. LLMs Responses: The responses from LLMs are generated based on patterns learned from the pseudonymized data and do not contain any specific information about individual users, or any other identifiable parties.
Toddle AI takes the security of the data seriously. We implement industry-standard measures to protect the confidentiality and integrity of the data we collect and process. Access to the LLMs and the pseudonymized data is restricted to authorized personnel only and we follow the principle of least privilege.
The pseudonymized data collected from schools may be retained for as long as necessary to maintain the effectiveness of the LLMs and the quality of the services.
Toddle AI does not share any personally identifiable information (PII) with the LLMs or any third parties. The LLMs operate solely on pseudonymized and non-identifiable data.
Toddle AI complies with applicable data protection laws and regulations. We are committed to maintaining the privacy and security of the data we handle.
Toddle AI may update this policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will provide prominent notice of any material changes to this policy on our website or through other means.
If you have any questions, concerns, or requests regarding this policy or Toddle AI's use of LLMs, please contact us at privacy@toddleapp.com
We use Cookies and other similar services (such as Local Storage) to keep you logged in to Toddle, customize your Toddle experience, understand how you use Toddle, and promote Toddle to relevant teachers and schools. On the Toddle Website (toddleapp.com), we also use the Facebook pixel to understand how visitors, including those who may be directed from our apps, use our website. Information collected through the Facebook pixel may be shared with Facebook. We do not use these technologies on our website (web.toddleapp.com) and our apps for advertising or marketing purposes, and we do not knowingly collect personal information from children under 13 without verifiable parental consent.
You can remove or disable cookies via your browser settings, in which case your experience with Toddle will not be optimal.
Parents are encouraged to work directly with teachers and school to make any changes in your data. If however, you need to get in touch with us, you can write to privacy@toddleapp.com and we will work with the school and do our best to make the required changes.
Teachers, administrators and parents can directly edit their information in their Toddle profiles. Schools also have a right to use any other similar service and can place a request to get all of their data. We will do our best to comply to such requests. Once the pending request is processed, the data retention and deletion policies will be followed.
You have the right to “forget ability”, i.e., we will remove all your information from our systems if you so wish. If you would like to delete your Toddle account or any content submitted to Toddle, please send an email to privacy@toddleapp.com. We will notify you with email before deleting your account from our database. After receiving your request, we may still retain information for up to 365 days to provide customer support and prevent accidental deletion.
For users in the USA, please note that to comply with FERPA, we may need to retain certain student education records once a valid request to inspect those records has been made and we may retain your data to comply to the FERPA requirements.
Toddle is committed to maintaining the security and confidentiality of your data and adheres to leading industry standards, including ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27701, and SOC 2 Type II.
Our security measures include:
Despite these measures, in the event of a security breach, we will notify affected account holders within the amount of time required by the local law or by Toddle’s internal data breach policy, whichever is more stringent, so that you can take steps to keep your data safe.
We may from time to time make changes to this Privacy Policy to account for changes to our practices or applicable law. If we make changes to this Privacy Policy that we believe will materially affect your rights, we will notify you by email at least 30 days in advance about these changes. If you continue to use our service after you receive notice of changes to this Privacy Policy, we will assume that you have accepted these changes.
For previous versions of the Privacy Policy, please reach out to us at privacy@toddleapp.com
Our Data Protection Officer is Anshul Chauhan. If you have any questions about this Privacy Policy, please feel free to write to us at: privacy@toddleapp.com and we will reach out to you as soon as possible.
