Privacy Policy

Life in the UK is an independent online service helping users prepare for the Life in the United Kingdom citizenship test. We are the data controller responsible for your personal data.

If you have any questions about this policy or wish to exercise your rights, contact us at privacy@lifein.uk.com.

Account data: email address, hashed password, preferred language, and display name you provide during registration.

Learning data: practice answers, mock exam scores, study progress, bookmarks, review history, and the exam date and daily time preferences you enter.

Payment data: billing records (plan type, amount, transaction ID). We do not store your card details — these are handled directly by Stripe.

Technical data: IP address, browser type, device type, pages visited, and referring URL, collected through server logs and, with your consent, analytics.

Communications: messages you send us via email or support forms.

We process your data under the lawful bases set out in Article 6 of the UK GDPR:

Contract: to deliver the learning service you signed up for, including saving your progress and processing your subscription.

Legitimate interests: to secure our platform, prevent fraud, and improve our product. We balance these interests against your rights.

Consent: for optional analytics cookies and marketing emails. You can withdraw consent at any time.

Legal obligation: where we must retain records for tax, accounting, or regulatory purposes.

Provide, personalise, and improve our learning service.

Process payments and manage subscriptions.

Send transactional emails (account confirmation, payment receipts, password resets).

With your consent, send study reminders or product updates.

Diagnose technical issues and prevent misuse.

Comply with our legal obligations.

Stripe (Stripe Payments Europe, Ltd): payment processing.

Vercel Inc.: website hosting and delivery.

Google Analytics (Google Ireland Ltd): aggregated usage analytics, only with your cookie consent.

Resend: transactional and optional marketing email delivery.

We never sell your personal data. We share data with these processors only under contracts that require them to protect it.

Some of our processors (e.g. Stripe, Vercel) may process data outside the UK. Where this happens, we rely on safeguards approved under UK data protection law, such as the UK International Data Transfer Agreement or the European Commission's Standard Contractual Clauses together with the UK Addendum.

Account and learning data: retained while your account is active. If you close your account we delete or anonymise your data within 30 days, except where we must keep it to comply with law.

Payment records: retained for 6 years after the last transaction, in line with HMRC requirements.

Analytics data: retained for up to 14 months.

Support messages: retained for up to 2 years.

Under UK GDPR you have the right to:

Access a copy of the personal data we hold about you.

Rectify inaccurate or incomplete data.

Erase your data ("right to be forgotten") where no overriding legal basis applies.

Restrict or object to processing in certain circumstances.

Data portability: receive your data in a machine-readable format.

Withdraw consent at any time where we rely on consent.

Not be subject to solely automated decisions that produce legal effects. We do not use such automated decision-making.

To exercise any right, email privacy@lifein.uk.com. We respond within one month.

We use strictly necessary cookies for authentication, session management, and security. These do not require consent.

We use analytics cookies (Google Analytics) only if you give consent via the cookie banner. You can change your preferences at any time from the footer.

We do not use advertising cookies.

We protect your data with industry-standard measures: passwords are hashed with bcrypt, sessions are secured with httpOnly cookies, and data travels over HTTPS. No system is perfectly secure; we will notify you without undue delay if a personal data breach is likely to result in a high risk to your rights.

Our service is intended for users aged 18 and over. We do not knowingly collect data from children under 13. If you believe a child has provided us with data, contact us and we will delete it.

If you believe we have mishandled your personal data, please contact us first so we can try to resolve the issue. You also have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority, at ico.org.uk or 0303 123 1113.

We may update this Privacy Policy from time to time. Material changes will be communicated by email or a prominent notice on the site. The "Last updated" date at the top shows when this version took effect.

For any questions, requests, or concerns about this Privacy Policy, email us at privacy@lifein.uk.com.