How we handle your information and the rights you have over it.
School Run [registered legal entity name and address - add before launch] ("we") is the data controller for the information described here. Questions, or to exercise your rights, contact us at privacy@schoolrun.ie or via the contact page.
Account details (name, email, phone number, role); your home Eircode and a precise home location we derive from it (used only for matching - other parents only ever see your approximate area); the schools you join; your routes, connections and messages; and basic usage and device information.
To run the service: to match you with compatible parents, enable connections and messaging, and keep the community safe. Our lawful bases are performance of our agreement with you, your consent (which you can withdraw), and our legitimate interest in safety and preventing misuse.
We don't collect personal data about your children, such as their name, age or year group. School Run is used by adults to arrange the school run: by using it you confirm you are 18 or over and the child's parent or guardian (or otherwise responsible for them), acting on their behalf.
Until you and another parent mutually accept a connection, others see only your approximate area and your first name with a surname initial. Once you've both accepted, your verified phone number is shared so you can arrange the run - it's the trusted way to reach each other and isn't optional. You can choose in your privacy settings whether to also share your email and your full name.
So that we can keep children safe, our staff may access account information and the content of messages when it is necessary to investigate a report or a safety concern, to enforce our terms, or to meet a legal obligation (for example, a request from An Garda Síochána). This access is restricted to authorised staff, limited to what is necessary, and recorded in an access log. We do not sell your data or use private messages for advertising.
We use trusted service providers to run School Run and share only the minimum each one needs:
Some providers are based outside the EEA; where that's the case we rely on appropriate safeguards (such as Standard Contractual Clauses). We share with authorities only where the law requires it, and we never sell your personal data.
We keep your account data for as long as your account is active. You can delete your account at any time from Profile & settings → Account; this permanently deletes your routes, connections and messages. Some records needed for safety, fraud prevention or legal reasons - such as abuse reports and moderation access logs - may be kept for a limited period after deletion. Phone-verification codes expire within minutes.
Under GDPR you can access, correct, delete, export or restrict your data, object to certain processing, and withdraw consent. You can delete your account from Profile & settings → Account, and to access or export a copy of your data just contact us. You also have the right to complain to the Data Protection Commission (dataprotection.ie).
We use only strictly necessary cookies - to keep you logged in and to protect forms against cross-site request forgery. We don't use advertising cookies. For basic analytics we use Umami, which is cookieless and collects only anonymous, aggregated usage (such as page views) - no personal data and no tracking across other sites, so no cookie banner is needed.
We protect your information with appropriate technical and organisational measures. If we change this policy we'll update this page and, for significant changes, let you know.