How HOOPOOH handles personal data — the data we collect, why we collect it, who we share it with, and the rights you have over it.
Last updated: Jun 15, 2026
This Privacy Policy explains how HOOPOOH Future Technologies UG (haftungsbeschränkt) (“HOOPOOH”, “we”, “us”) handles personal data.
HOOPOOH provides an AI-powered communication and management platform (“hoopooh” or the “Platform”) used by schools to connect with families.
Data we process on behalf of schools (as processor). When a school uses the Platform, it decides what information to upload about students, families and staff. For that information the school is the controller and HOOPOOH is the processor, acting on the school’s instructions. This Privacy Policy does not govern that processing — the school’s own privacy notice does. If you are a parent or guardian with questions about how your student’s data is used, please contact your school in the first instance.
Data we process for our own purposes (as controller). This Policy covers the data we determine the purposes and means for: running accounts, providing support, securing and improving the Platform, our website, and our marketing. The rest of this Policy describes this processing.
Account and Platform users (admins, staff, guardians). Name, email, phone, role, organisation, login and usage information. We use this to create and administer accounts, authenticate users, provide and maintain the Platform, and communicate about the service. Legal basis: performance of a contract / our legitimate interest in operating the service (Art. 6(1)(b) and (f) GDPR).
Support. Information you provide when you contact us by email or WhatsApp, and our records of that correspondence. We use it to respond to and resolve your request. Legal basis: legitimate interest / contract (Art. 6(1)(f), (b)).
Security and fraud prevention. Log data, device and access information. We use it to keep the Platform secure and detect misuse. Legal basis: legitimate interest / legal obligation (Art. 6(1)(f), (c)).
Analytics and product improvement. Aggregated and de-identified usage data. We use it to understand and improve the Platform. Where this involves cookies or similar technologies that are not strictly necessary, we rely on your consent. Legal basis: legitimate interest and/or consent (Art. 6(1)(f), (a)).
Marketing. Where you are a prospective or existing customer, we may send you service-related and marketing communications. You can opt out at any time. Legal basis: consent and/or legitimate interest (Art. 6(1)(a), (f)).
Website. When you visit hoopooh.com we process basic technical data (e.g. IP address, browser type) to serve the site securely, and cookies as described in Section 8.
Some Platform features use artificial intelligence to help users draft, summarise, organise or translate content. Where we use third-party AI providers, they act as our sub-processors and are bound by contractual confidentiality and security obligations. We do not use personal data entrusted to us to train publicly available AI models in a way that would expose that data, except as permitted in our agreements with schools.
We share personal data with:
We aim to keep personal data within the European Economic Area (EEA). Where a provider processes data outside the EEA (for example the WhatsApp/Meta messaging channel involves transfers to the United States), we put in place an appropriate safeguard under the GDPR, such as an adequacy decision or the EU Standard Contractual Clauses with any necessary supplementary measures.
We keep personal data only as long as necessary for the purposes described, then delete or anonymise it. As a guide: account data for the duration of the contract plus up to 6 months afterwards; support correspondence for up to 2 years; and records we must keep for statutory (e.g. accounting/tax) reasons for the legally required period (in Germany, generally up to ten years). Data we process on behalf of schools is retained and deleted as set out in the data processing policies.
Our website and Platform use cookies and similar technologies. Strictly necessary cookies are used to operate the service. For analytics or other non-essential cookies we ask for your consent via our cookie banner, which you can change at any time.
Under the GDPR you have the right to access your personal data; to rectification; to erasure; to restriction of processing; to data portability; and to object to processing based on legitimate interests. Where processing is based on consent, you may withdraw it at any time without affecting prior processing. To exercise these rights in relation to data we control, contact amir@hoopooh.com. If your request concerns data your school controls (such as a student’s information), please contact your school.
You also have the right to lodge a complaint with a supervisory authority. Our lead authority is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit).
The Platform is used by schools and by adult users (administrators, staff and family members). Students do not have hoopooh accounts and do not use the Platform directly. Information about students — who may be minors — is uploaded and controlled by their school, which is responsible for obtaining any necessary parental or guardian consents.
We use appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest, access controls and monitoring. No system is completely secure, but we work to protect your data and to respond promptly to any incident.
We may update this Policy from time to time. We will post the updated version with a new “Last updated” date and, where changes are significant, notify you by email or within the Platform.
Questions about this Policy or your personal data:
Or write to HOOPOOH Future Technologies UG (haftungsbeschränkt), Nordhauser Str. 14, 10589 Berlin, Germany.