GDPR Compliance

Note: We are not affiliated with, the website ( is developed to help users understand and access the original in a better way. We are curating the GDPR Compliance policy of the official website here.

We confirm that we have sought legal advice, performed several audits and followed technical recommendations, this website is completely GDPR compliant. In order to remain so, the website and service will continually monitor changes in legislation and make amendments, should we need to, in light of these.

View Official Privacy Policy Page here and Terms and Condition Page here. Download GDPR Compliance FAQs here.

The Personal Data that website Hold

Typically schools, tutors and families provide us with the following information:

School Subscriptions

  • School’s name and address – for the purpose of invoicing and giving the account a name.
  • Teachers’ names and email addresses – so that they have an account each and so that we can contact them.
  • Pupils’ names, year groups and maths classes – so that teachers can create and administer pupil accounts.

Family & Tutor Subscriptions

  • Address – for billing purposes.
  • Parents’/Tutors’ names and email addresses – so that they have an account each and so that we can contact them.
  • Children’s names – so that parents/tutors can create and administer child accounts.

For more anonymity, rock names can be displayed in place of real names and you could even shorten names to initials or substitute them for codes. To us, real names aren’t critical but you’ll probably find it easier to manage accounts the more identifiable your users are to you.

You can choose to save additional information on each child but this is entirely optional and is not required to use Times Tables Rock Stars. This information could include a child’s date of birth (so that we can say “happy birthday” to them) or gender, ethnicity, SEN / Gifted, and Talented / FSM / Pupil Premium status, whether or not they’re Looked After, or details of any languages spoken at home (so that we can provide you with better impact reporting options).

Some Important Statement from Website

  1. You have the “right to be forgotten”: You can permanently delete your data at any time.
  2. Our data is stored on secure servers in Germany.
  3. Data is encrypted in transit and at rest and our team uses secure passwords and keys to keep your data safe.
  4. We may have a need in the future to share your data but it would be in extremely limited scenarios and strictly in accordance with our Privacy Notice.
  5. We promise never to sell your data.
  6. We do not store your card details. (All credit and debit card payments are handled by Stripe.)
  7. You can opt out of receiving our emails.