Your personal data – what is it? 

Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).

Who are we? 

iSpace Wellbeing Ltd. (the company) is the data controller.  This means it decides how your personal data is processed and for what purposes.


78 Mill Lane, London, England, NW6 1JZ

Company number: 10329880

ICO Number: ZA236172

What is our Lawful bases for processing data?

(a) Consent: the individual has given clear consent for us to process their personal data for a specific purpose.

(b) Contract: the processing is necessary for a contract we have with the individual, or because they have asked us to take specific steps before entering into a contract.

(c) Legal obligation: the processing is necessary for us to comply with the law.

(d) Curriculum: the processing is necessary for specific use of the Compass journal wellbeing tool, as part of the #iWonder curriculum

How do we process your personal data?

iSpace Wellbeing Ltd. complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes: –

iSpace Wellbeing uses school and staff email addresses to:

  • provide school staff with login details to the iSpace Wellbeing site for access to educational materials
  • provide school staff with update information
  • communicate with school staff
  • provide customers with orders and update on order related information

iSpace Wellbeing uses pupils school email addresses to:

  • provide access to the Compass journal wellbeing tool as part of the #iWonder curriculum. Teachers will provide iSpace Wellbeing with the pupil’s school email address to create the Compass journal account, and the pupil will create their own private password.
  • iSpace Wellbeing will not have access to pupil passwords and pupil information is stored securely in our system and only accessed on request. Pupils have the right to be forgotten and for their account to be deleted. Email to do so.
  • Pupils are responsible for printing Compass journal data when a pupil leaves their school and teachers and/ or pupils are responsible for notifying iSpace Wellbeing so that pupils iSpace Wellbeing account can be deleted when they leave and/ or when their school email account has expired.

iSpace Wellbeing may use information relating to your school to:

  • promote your school as a member of iSpace wellbeing Ltd
  • maintain our own accounts and records
  • enable us to provide feedback on the benefits of the product to the general public
  • operate the iSpace Wellbeing website and deliver the services that individuals have requested
  • inform individuals of news, events, activities or services that are available
  • share your contact details with other iSpace member schools so that we can create a community and support CPD
  • contact individuals via surveys to conduct research about their opinions of current services or of potential new services that may be offered


Sharing your personal data with any third parties.

Where provided by the school or school staff the iSpace Wellbeing Ltd website stores and shares staff e-mail addresses and school addresses with:

Sharing of these details may be in the form of email, phone, text and post.

We will only share your data with third parties outside of the above named with your approval.

Where provided by the individual the iSpace Wellbeing Ltd website stores and shares e-mail addresses, home addresses and work addresses of parents and healthcare professionals with:

  1. Zoho (invoice creator) Privacy policy can be found at:
  2. XERO online accounting Privacy policy can be found at:
  3. Mailchimp marketing software Privacy and security policy can be found at

Sharing of these details may be in the form of email, phone, text and post.

We will only share your details with third parties outside of the above named with your approval.

 iSpace Wellbeing Ltd shares information about member schools and their school pupils when information has been shared with the company by you (the school) for the purpose of providing feedback on the benefits of the product to the general public. This information will be shared on social media platforms such as:

  1. Facebook – Terms and privacy can be found at:
  2. LinkedIn – Terms and privacy can be found at:
  3. Instagram – Terms and privacy can be found at:

You must ensure that any personal data that you (the school) share with the company is in accordance with GDPR regulations and your own Data Protection Policies.

Who within the company can see your data:

  1. The company directors
  2. The company accountant
  3. IT technicians

Sensitive data.


Where any pupil information is to be shared for professional development parental consent will be requested in writing and where the pupil is aged 13 and above their consent will be required in writing.

Pupils and parents will not be identified by name where their sensitive data is being shared.

iSpace Wellbeing will request and provide a consent form in the event of the above.

How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary following the termination of your membership. Usually for a period of 7 years, in case of any safeguarding purposes.

Further processing If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.


By utilising our services, you are confirming that you have read this Data Privacy Notice and that you are consenting to iSpace Wellbeing Ltd holding and processing your personal data as outlined in this privacy notice.

Individual Rights

Individuals have various rights under Data Protection Law to access and understand personal data about them held by the company, and in some cases ask for it to be erased or amended or have it transferred to others, or for the company to stop processing it – but subject to certain exemptions and limitations.

Any individual wishing to access or amend their personal data or wishing it to be transferred to another person or organisation, or who has some other objection to how their personal data is used, should put their request in writing to the company’s Privacy Officer, Paula Talman at

The company will endeavour to respond to any such written requests as soon as is reasonably practicable and in any event within statutory time-limits (which is one month in the case of requests for access to information).

The company will be better able to respond quickly to smaller, targeted requests for information. If the request for information is manifestly excessive or similar to previous requests, the company may ask you to reconsider, or require a proportionate fee (but only where Data Protection Law allows it).

Please note you can withdraw your consent to all or any one of the above purposes at any time by contacting Paula Talman at  Please note that all processing of your personal data will cease once you have withdrawn consent, but this will not affect any personal data that has already been processed prior to this point. You can also unsubscribe from the iSpace Wellbeing newsletter or marketing emails by clicking the unsubscribe link at the bottom of the newsletter or email, or by contacting and asking to be removed from the email list.


The company will update this Privacy Notice from time to time. Any substantial changes that affect your rights will be provided to you directly as far as is reasonably practicable.


Any comments or queries on this policy should be directed to Paula Talman at

If an individual believes that the company has not complied with this policy or acted otherwise than in accordance with Data Protection Law, they should notify Paula Talman at   You can also make a referral to or lodge a complaint with the Information Commissioner’s Office (ICO), although the ICO recommends that steps are taken to resolve the matter with the company before involving the regulator.