Data collection

We only collect data to help us ensure the system is running efficiently, make improvements where needed or to help with product development. If you want your data removed you can email and we can do this on your behalf. All requests will be processed within 24 hours to 48hours maximum (excluding UK public holidays, in which case it is done the next working day). We will be carrying out monthly data audits and training and process reviews once a quarter.

The only personally identifiable information we collect for the app to operate is

Your age


Contact number

This data is retained for the duration your account is in ZootomVR. If you wish to have a downloaded copy of your data please email If you wish to either have your account deleted or amend any errors please email to

We don’t collect

Home address, health or another type of personally or non-personally identifiable information. If any parent would like to request a summary of the data stored on their child they can view this in their login or they can email the Data Controller at

Data Breach

If any of your personal information is shared by mistake with someone who is not you then we must ensure we let you know that this has happened within 72 hours of us knowing about it.

If we get hacked on mass that impacts high number of users, we will report to all users (those affected and those not) within the required 72hours of the breach and of it coming to the attention of the Data Controller (i.e. Director of the business). We will then keep you updated on a regular basis through our website and social channels on updates to the fix. We will also inform the supervisory authority.

Data Retention

Keeping your information

We will only retain your account for as long as you decide to keep it. Once your account is opted to be deleted, it will be instantly removed from our database.

Data Retention

The ZootomVR website is hosted under Hostinger and for more information about the commitments to GDPR and data governance please visit General Data Protection Regulation (GDPR).