Skip to content
Coverin is in private testing. Apply to join →

Privacy Policy

Version 1.0 · Effective 17 May 2026 · Last updated 17 May 2026

In short

  • Who we are. Coverin Ltd. A UK company that runs a platform connecting supply teachers with teaching agencies.
  • What we collect. Enough to match you to cover work: your profile, qualifications, approximate home location, job history, and messages on the platform.
  • What we don't collect. No DBS data, no health data, no ethnicity, no religion, no children's data. Your card details go straight to Stripe. We never see them.
  • Who we share with. A small, named list of service providers (Supabase, Stripe, Brevo, Google, Cloudflare). All under written contracts.
  • Your control. Download everything we hold about you with one click. Delete your account at any time.
  • Questions. Email privacy@coverin.app.

1. Who we are

This privacy policy explains how Coverin Ltd ("Coverin", "we", "us", "our") collects, uses, shares, and protects personal data when you use coverin.app, the Coverin mobile app, and related services (together, the Service).

We are the data controller for the personal data described in this policy, except where this policy specifies that an agency using Coverin is the controller for particular data (see Section 4).

Company name
Coverin Ltd
Company number
17158234 (registered in England & Wales)
Registered office
66 Westbourne Road, West Bromwich, B70 8JX, United Kingdom
ICO registration
ZC129355
Data protection contact
Abdullah Rafi. privacy@coverin.app

We are not legally required to appoint a Data Protection Officer under Article 37 of the UK GDPR. Abdullah Rafi acts as our data protection point of contact for all privacy queries, subject access requests, and complaints.

2. How to reach us about your data

For any question about this policy, or to exercise any of the rights described in Section 9:

  • Email: privacy@coverin.app
  • Post: Data Protection Contact, Coverin Ltd, 66 Westbourne Road, West Bromwich, B70 8JX

We aim to acknowledge every enquiry within 5 working days and to provide a substantive response within one calendar month.

3. What personal data we collect and why

The personal data we collect depends on who you are and how you use the Service. We group users into five categories below.

3.1 Teachers

When you register as a supply teacher and complete your profile, we collect:

  • Identity data: email address, full name, first name, surname.
  • Credentials: a hashed password (never stored in plaintext) and, optionally, a backup/recovery email.
  • Profile data: date of birth, phone number, gender if you choose to share it (optional), profile bio (optional), photo avatar (optional), emergency contact details (optional).
  • Professional data: subjects taught, key stages, qualification tier (qualified teacher / HLTA / teaching assistant), experience level, availability preferences.
  • Home address: address line 1, address line 2 (optional), town or city, county, postcode. We share your home address with each agency you join so they can pay you for jobs you accept and meet their HMRC payroll and PAYE record-keeping obligations. We do not use your address for any other purpose, and an agency you have not joined cannot see it.
  • Location data: approximate home coordinates (latitude and longitude derived from the postcode you enter), travel radius in miles. We use this to show you nearby jobs; we do not track your live location.
  • Platform activity: jobs you've accepted, confirmed, completed, or cancelled; ratings agencies have given you after jobs; any strikes recorded against you; messages you send; favourite schools; availability templates.
  • Technical data: device push-notification token (for job alerts), device fingerprint (for multi-factor authentication trusted-device recognition), IP address, audit-log entries of security-relevant actions such as login and password change.

3.2 Agency staff

When you register as an agency staff member, we collect:

  • Identity and credentials: email, full name, hashed password, optional phone and avatar.
  • Role and permissions: your role within the agency (owner, superadmin, or admin) and status (pending, active).
  • Multi-factor authentication data: TOTP secret (hashed), trusted-device fingerprints (hashed with HMAC‑SHA256), backup codes (hashed). We never store biometric templates; Apple's Face ID / Touch ID and Android's BiometricPrompt return a yes/no to the app. The actual biometric data stays on your device and is never sent to us.
  • Platform activity: jobs you've posted, ratings you've given, strikes you've issued, messages you've sent.
  • Technical data: as for teachers.

3.3 Agencies (as organisations)

For each agency organisation on Coverin, we hold: agency name, contact email, phone, website, physical address, subscription status, billing records, join codes, schools added, staff roster, and job templates. Personal data within this set (e.g. an agency owner's email on a subscription record) is covered by Section 3.2.

3.4 Invitees

An agency may invite you to join Coverin by entering your email address, either as a proposed staff member or a proposed teacher. In that case, we receive your email (and, for bulk teacher uploads, any additional details the agency provides such as your name and qualification tier) before you have chosen to use the Service.

This is data we obtain indirectly (from an agency rather than from you directly), so under Article 14 of the UK GDPR we'll include a copy of this policy with every invitation email. You can decline an invitation at any time by ignoring the email, and you can ask us to delete your record by emailing privacy@coverin.app. Unredeemed invitations expire automatically (see Section 7).

3.5 School portal users

School office staff (such as the headteacher, business manager, or office administrator) can create a Coverin account to submit cover requests for their school, see the booking history for their school, and rate teachers who covered there. A school either signs up directly and then requests to join an agency using that agency's join code, or is invited by an agency by email; in both cases the agency approves the connection. When you register as a school portal user we collect:

  • Identity and credentials: email, full name, hashed password.
  • Profile data: phone (optional), job title at the school (optional).
  • Platform activity: the cover requests you submit, the booking history for the school you are linked to, the ratings you give to teachers who covered at your school, and your favourites list of teachers you would like the agency to send back.
  • Technical data: as for teachers.

A school portal user is linked to a specific school inside a specific agency (the school the agency has invited you to manage). You cannot see another school's roster, requests, or teachers, and other agencies cannot see anything about your school's portal usage. Schools never see the agency's wider teacher roster, only teachers who have completed at least one job at the linked school.

4. How we use your data (purposes and lawful bases)

UK GDPR requires us to have a "lawful basis" for every purpose we use your data for. The table below sets out each purpose and the basis we rely on. "Art. 6" refers to Article 6 of the UK GDPR.

Purpose Lawful basis
Creating and operating your account, matching teachers to jobs, processing job acceptances and completions, delivering messages between agencies and teachers, processing agency subscription payments, and providing each agency you join with the information it needs to pay you (including your home address) so it can meet its HMRC payroll and PAYE record-keeping obligations. Contract. Art. 6(1)(b). We can't run the Service without this processing.
Running the school portal: creating school user accounts after an agency invites them, routing cover requests from the school to the agency, recording the school's view of past bookings and the ratings they give to teachers who covered there, and maintaining the school's favourites list of teachers they want the agency to send back. Contract. Art. 6(1)(b) (for the agreement between Coverin and the school portal user, who accepts these Terms on sign-up) and legitimate interests. Art. 6(1)(f) (administering the booking workflow between the school and the agency that invited them).
Platform security, fraud prevention, multi-factor authentication, rate limiting, audit logging, incident response, network and information-system security. Legitimate interests. Art. 6(1)(f). Our legitimate interest is protecting you, the agencies that use us, and the Service itself from abuse and fraud.
Keeping billing records, VAT records, and records of payments received from agencies, as required by HMRC and the Companies Act. Legal obligation. Art. 6(1)(c).
Responding to lawful requests from law enforcement, safeguarding authorities, or courts. Legal obligation. Art. 6(1)(c); recognised legitimate interest. Art. 6(1)(ea).
Sending transactional emails (account confirmation, password reset, job confirmation, invoice receipts). Contract. Art. 6(1)(b). These emails are necessary to deliver the Service you signed up for.
Sending in-app and push notifications about jobs, messages, and account activity. Contract. Art. 6(1)(b). You can disable notifications in your device settings.
Showing you a map of jobs, and calculating distance between you and a school. Contract. Art. 6(1)(b). Location-based matching is a core part of the Service.
Improving the Service (bug reports, crash diagnostics, error monitoring). Legitimate interests. Art. 6(1)(f). Our legitimate interest is providing a reliable Service; we only collect crash stack traces, device type, OS version and app version. See Section 5.

Agencies as separate controllers

When an agency uses Coverin to manage its own teacher roster, post jobs, rate teachers, and keep records of their work history, the agency is the data controller for that activity and Coverin is its data processor under a Data Processing Agreement. Agencies must have their own lawful basis for their processing. We process this data strictly on the agency's instructions.

Each agency cannot see any other agency's teacher roster, ratings, strikes, or job history. We partition this data deliberately.

Special category data

We do not collect special category personal data under Article 9 of the UK GDPR. That means no data about your health, ethnicity, religion, trade-union membership, political opinions, sex life, or sexual orientation. We also do not collect DBS (Disclosure and Barring Service) certificate data or any other criminal-record information under Article 10. DBS checks are performed by agencies and schools outside Coverin.

Gender, which we collect only if you choose to provide it, is not treated as special category data under UK GDPR (it's included for diversity reporting that agencies may need, and is never used for job matching).

5. Who we share your data with

We share personal data only with the service providers listed below (our "sub-processors"), each under a written contract that meets the requirements of Article 28 of the UK GDPR. We do not sell personal data. We do not share personal data for advertising or cross-site tracking.

Provider What for Where
Supabase
Supabase Inc.		 Database, authentication, file storage, realtime messaging, edge compute. The vast majority of your data lives here. European Union, Ireland (eu‑west‑1). UK adequacy applies.
Stripe
Stripe Payments UK, Ltd. / Stripe, Inc.		 Agency subscription payments. Stripe receives your name, email, agency name, and payment details, and runs the recurring billing for the agency's chosen Coverin plan. Card numbers go directly to Stripe and never touch our servers. United Kingdom and United States. Transfers to the US are covered by the UK Extension to the EU-US Data Privacy Framework.
Brevo
Sendinblue SAS		 Transactional email delivery. Brevo receives your email address and the content of emails we send (e.g. job confirmations, password resets, invoice links). Coverin does not send marketing emails. European Union (France). UK adequacy applies.
Microsoft 365
Microsoft Corporation / Microsoft Ireland Operations Ltd.		 Hosting our business mailboxes on the coverin.app domain (e.g. privacy@, support@, safeguarding@, compliance@). If you email us directly, Microsoft processes your email address and the content of your message to deliver it to the relevant Coverin inbox. Microsoft does not send outbound transactional or marketing email on our behalf. That goes via Brevo. United Kingdom (Microsoft UK data residency). UK adequacy applies.
Google Firebase Cloud Messaging
Google LLC		 Push notifications to your mobile device. Firebase receives your device's opaque push token and the content of push notifications we send. United States. Covered by the UK Extension to the EU-US Data Privacy Framework.
Google Firebase Crashlytics
Google LLC		 Automated crash reporting. When the app crashes on your device, Crashlytics sends the crash stack trace, device type, OS version, locale, and app version to Google so we can diagnose and fix bugs. Crashlytics does not have access to your name, email, or other account data. Only enabled on release builds. United States. Covered by the UK Extension to the EU-US Data Privacy Framework.
Google Maps Platform
Google LLC		 Converting postcodes to coordinates (geocoding), rendering the map, drawing markers. Google receives the coordinates we want to render and the viewport you are looking at. Google's Maps JavaScript SDK may set cookies on the web app when the map is loaded (see Section 10). United States. Covered by the UK Extension to the EU-US Data Privacy Framework.
Cloudflare
Cloudflare, Inc.		 Hosting our marketing website, DNS, SSL/TLS termination, DDoS protection. Cloudflare processes HTTP request metadata (IP, user-agent, URL, timestamps) to route traffic and protect against attack. Global edge network, with data processed at the edge server closest to you. UK-based corporate presence; transfers covered by appropriate safeguards where needed.

If we engage a new sub-processor, we'll update this table. Material changes affecting how your data is handled will be notified by email to users with a registered account at least 30 days before they take effect.

Other recipients

  • Agencies on Coverin: when a teacher joins an agency's roster, applies to one of its jobs, or is rated by its staff, the relevant agency can see that teacher's profile and activity for that agency, including the teacher's home address (used by the agency for payroll and HMRC record-keeping). This is core to the Service. Agencies you have not joined cannot see any of this.
  • Law enforcement, safeguarding authorities, regulators, courts: only when legally required or when disclosure is necessary to protect a person from serious harm.
  • Professional advisers: our accountants, lawyers, and insurers, only to the extent needed to run the business and under their own professional confidentiality duties.
  • Buyers or successors: if Coverin is ever sold, merged, or reorganised, personal data may be transferred to the new operator under equivalent protections. We'll notify you in advance if we can.

6. Transfers outside the United Kingdom

Some of our sub-processors are located outside the UK. For each country or group of countries to which we transfer personal data, we rely on a lawful transfer mechanism under Article 46 of the UK GDPR:

  • United Kingdom (Microsoft 365. UK data residency tenant). No cross-border transfer occurs. Data stays within UK Microsoft datacentres.
  • European Economic Area (Supabase in Ireland, Brevo in France). Covered by UK adequacy regulations. No additional safeguard is required.
  • United States (Stripe, Google LLC for Firebase and Maps). Each of these recipients is self-certified under the UK Extension to the EU-US Data Privacy Framework, which the UK Government has recognised as providing adequate protection for personal data transfers. You can check their certification at dataprivacyframework.gov.
  • Any other country: we rely on the UK International Data Transfer Agreement (IDTA), or the UK Addendum to the EU Standard Contractual Clauses, together with a Transfer Risk Assessment that we keep under review.

You can request a copy of any transfer safeguard by emailing privacy@coverin.app.

7. How long we keep your data

We keep personal data only for as long as we need it for the purposes we collected it for, plus any period required by law.

Data Retention
Account data and profile For the life of your account. Anonymised on account closure (see below).
Jobs, ratings, strikes, job history Kept for the life of the agency's account for audit and dispute purposes; the teacher's identity on historical jobs is anonymised if the teacher closes their account.
Messages and conversation history 3 years from the last message in the conversation.
Audit logs (security-relevant events) 2 years from the event.
Billing records, invoices, payment events 7 years, as required by HMRC and the Companies Act 2006.
In-app notifications 90 days from creation.
Push-notification tokens Until you sign out, change device, or delete your account.
Unredeemed invitations (staff or teacher) Expire after the invitation's stated expiry (typically 7 days) and are deleted shortly afterwards.
GDPR export files you generate 30 days from generation, then automatically deleted.
Encrypted database backups Rolling 7-30 day window at our hosting provider. Deleted data may remain in backups until the backup window rolls over.

What "anonymisation" means

When you close your account, we immediately anonymise the personal data you stored with us. This means:

  • Your email becomes a placeholder (such as deleted-<random>@coverin.invalid).
  • Your name becomes "Deleted User".
  • Your date of birth, phone, address, photo, and base location are removed.
  • Your profile picture and any files you uploaded are deleted from storage.
  • Your authentication account with our provider (Supabase Auth) is deleted.
  • On historical jobs you accepted, your user ID is removed so nobody can identify the teacher who did the job.
  • In conversations you were part of, the other participant's messages remain (we can't delete their side of the conversation), but your messages are disassociated from you.

Once data is anonymised, we can no longer link it to you. Under UK GDPR, properly anonymised data is no longer personal data and may be retained indefinitely for statistical or business-record purposes.

Data we must keep in identifiable form for legal reasons (billing records, accounting records, records of legal claims) is retained for 6 years from account closure in line with the Limitation Act 1980 and HMRC record-keeping rules.

8. Automated matching and profiling

Coverin uses an automated process to decide which teachers to notify about a new cover job. When an agency posts a job, our system checks each teacher on that agency's roster against the job's requirements and notifies the teachers who match.

The criteria we use are:

  • Qualification tier (qualified teacher / HLTA / teaching assistant) vs. what the job requires.
  • Distance between your home base and the school, calculated from the coordinates you set. This affects whether and when you receive a push notification (the closest teachers are notified first, and you can set a travel-radius preference to limit push alerts). It does not limit which of that agency's jobs you can see or accept.
  • Your average rating (if you have one) vs. the agency's minimum-rating filter.
  • Your strike count with that agency.
  • Whether the agency has marked you as blocked for that school or agency-wide.
  • Whether you are currently active on the agency's roster.

This automated step does not make a final decision about whether you get a job. It decides whether you are notified. You still choose whether to accept the job, and the agency still selects among the teachers who accept.

Under the UK GDPR (Articles 22A-22D, as amended by the Data Use and Access Act 2025), you have the right to ask for information about how our matching process works, to object to this kind of profiling (Article 21), and to request a human review of any notification outcome that you believe was incorrect. Contact privacy@coverin.app.

9. Your rights

Under the UK GDPR you have the following rights in respect of your personal data:

  • Right of access (Art. 15): obtain a copy of the personal data we hold about you. Self-service: in the app, go to Settings → Account → Download my data to generate a machine-readable JSON export.
  • Right of rectification (Art. 16): correct inaccurate data. Self-service: edit your profile directly in the app. For fields you can't self-edit (such as your email address), contact us.
  • Right of erasure (Art. 17): ask us to delete your personal data. Self-service: in the app, Settings → Account → Delete account. We'll anonymise your personal data immediately. Some records may be retained for legal reasons. See Section 7.
  • Right to restrict processing (Art. 18): ask us to pause certain processing of your data while a disputed point is resolved. Contact us to exercise this right.
  • Right to data portability (Art. 20): receive your data in a structured, machine-readable format. The in-app download (Art. 15) satisfies this in JSON format.
  • Right to object (Art. 21): object to processing based on our legitimate interests, including objecting to profiling (see Section 8). Contact us to exercise this right.
  • Right to withdraw consent (Art. 7(3)): where we rely on your consent, you can withdraw it at any time by updating your preferences in the app or contacting us. Withdrawing consent doesn't affect the lawfulness of any processing we did before you withdrew it.
  • Right to lodge a complaint: see Section 12.
  • Rights in relation to automated decision-making (Art. 22A-22D): see Section 8.

How we respond

  • We will respond within one calendar month of receiving your request. For complex or multiple requests, we may extend the deadline by up to two further months; we'll tell you within the first month if we need to.
  • There is no fee for a standard request.
  • We may ask for reasonable verification of your identity if we can't confirm it from the logged-in session you're using.
  • We may refuse or charge a reasonable fee only if a request is manifestly unfounded or excessive. The burden is on us to show that, and we will explain our reasoning.

10. Cookies and similar technologies

We use cookies and similar browser-storage technologies (such as localStorage) sparingly. They fall into four categories:

Category Examples Consent required?
Strictly necessary Your sign-in session (stored by our authentication provider in localStorage), CSRF tokens, and preferences needed to deliver the Service you asked for. No. Exempt under regulation 6(4) of PECR.
Functional Remembered UI preferences (theme, filter selections). No for first-party preferences; yes if a future preference depends on a third-party service.
Third-party (Google Maps) The Google Maps JavaScript SDK may set cookies (NID, 1P_JAR, etc.) when the map loads on the web app. Yes. The map is only loaded after you consent.
Analytics and advertising None. We don't use Google Analytics, Facebook pixels, or any cross-site advertising tracker. -

When you first visit our website, we ask for your consent to non-essential cookies through a banner. You can change your choices at any time by clicking the link (available here and in the footer) or by clearing your browser's site data.

On the mobile app, we store a push-notification token and a hashed device fingerprint (for multi-factor authentication trusted-device recognition). These are essential for delivering the Service. The biometric sensors on your device (Face ID / Touch ID / Android BiometricPrompt) never send biometric data to us. They only tell our app "yes" or "no".

11. Children's data

Coverin is designed for adults. The Service is built and marketed for supply teachers (18 and over), agency staff, and the people who contact agencies through us. We do not target it at, or market it to, anyone under 18.

We do not run an automated age-gate at registration. Instead, the professional context of the Service is the primary control: qualification tiers (qualified teacher / HLTA / teaching assistant), and the DBS checks and right-to-work verification that agencies and schools carry out outside Coverin, all assume adult professionals. If we discover we have collected personal data from someone under 18, we will delete it promptly. If you believe we hold personal data about someone under 18, please email privacy@coverin.app.

Coverin does not collect, store, or process the personal data of the pupils at the schools our users teach in. Pupil data belongs to the school and is not part of our Service.

12. How to raise a concern or complain

If you have a concern about how we've handled your personal data, please contact us first at privacy@coverin.app. We will acknowledge your complaint within 30 days of receipt and aim to provide a full response within 3 months.

If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

  • Online: ico.org.uk/make-a-complaint
  • Helpline: 0303 123 1113
  • Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

13. Security

We take technical and organisational measures that are appropriate to the risk, including:

  • TLS/HTTPS in transit on every connection.
  • Encryption at rest for the database and file storage.
  • Row-level security on every database table, so users only see what they're authorised to see.
  • Multi-factor authentication available for agency staff; trusted-device fingerprints hashed with HMAC‑SHA256.
  • Rate limiting on authentication and other sensitive endpoints.
  • Screenshot / screen-recording protection on screens that display secrets (MFA setup, password reset) on Android.
  • A written incident-response process, including UK GDPR 72-hour breach notification to the ICO where required.
  • Regular review of sub-processor security posture and DPAs.

14. Changes to this policy

We may update this policy from time to time. When we make a material change, we will:

  • Update the version number and "Last updated" date at the top.
  • Notify active users by email at least 30 days before the change takes effect.
  • Require re-acceptance where the change materially expands how we use your data.

Minor edits (typos, clarifications, link fixes) may be made without notification.

15. Governing law

This policy and the relationship between you and Coverin in respect of your personal data is governed by the laws of England and Wales. The UK's Information Commissioner's Office is the supervisory authority for any data-protection complaint.