How we handle
your personal data.

A plain-English overview. Each row links to the relevant section for full detail.

Pocket Debate Inc. ("Pocket Debate", "we", "us", "our") is the data controller responsible for the personal data processed through the Pocket Debate platform. We provide an online oracy platform for competitive debating with AI-powered verdicts and feedback, primarily operating in closed school and institution networks.

Pocket Debate collects the minimum personal data necessary to deliver its educational debate platform. Data is collected directly from users, from schools that administer accounts, and automatically through use of the service.

Personal data is processed only for the purposes described below. We do not sell personal data to third parties and do not use it for advertising or behavioural profiling unrelated to the educational platform.

Every processing activity described in this Policy relies on at least one lawful basis under Article 6 UK/EU GDPR.

Contract (Art. 6(1)(b))

Processing necessary to perform our agreement with the user or school, including account management and platform delivery.

Legitimate interests (Art. 6(1)(f))

Platform security, fraud prevention, aggregated analytics for product improvement, and direct communications with institutional contacts. A Legitimate Interests Assessment is maintained internally.

Legal obligation (Art. 6(1)(c))

Compliance with applicable law, regulatory requirements, and lawful requests from public authorities.

Consent (Art. 6(1)(a))

Where we rely on consent (for optional platform features), this is obtained separately and may be withdrawn at any time without detriment to core service access.

Pocket Debate does not sell or rent personal data. We share data with two sub-processors only, each subject to a written data processing agreement. No personal data is used by any sub-processor to train or improve AI models.

The majority of Pocket Debate's processing takes place within the European Union. AWS infrastructure is configured to EU regions (eu-west-3, Paris, and eu-central-1, Frankfurt). Anthropic Claude, accessed via AWS Bedrock with an EU inference profile, processes data entirely within those EU regions. No personal data is transmitted to the United States in connection with these services.

The sole international transfer is audio data sent to Groq Inc. for speech-to-text transcription. The account below is intended to assist institutional data protection officers and procurement teams in their assessments.

The Groq Transfer.

Pocket Debate retains personal data for the minimum period necessary to fulfil the purpose for which it was collected, and to comply with applicable legal, regulatory, or contractual obligations. Schools may negotiate shorter retention periods in their Data Processing Agreement.

Every individual whose personal data is processed by Pocket Debate has the rights described below under UK GDPR and EU GDPR. To exercise any right, submit a request to contact@pocketdebate.com. We acknowledge within five working days and respond substantively within 30 calendar days.

Pocket Debate's Arbiter AI system transcribes spoken debate audio, evaluates argument structure, delivery, and rebuttals, and generates written feedback and a numerical score. These outputs are used for learning, coaching, and competitive ranking within an educational debate context.

Arbiter AI outputs do not produce legal, financial, disciplinary, or otherwise significant real-world effects without human involvement. Where a score contributes to a tournament outcome, the relevant teacher, school administrator, or tournament adjudicator retains the ability to review, query, and override the AI output before any final result is communicated. Human oversight is structurally embedded in the platform design — not offered as an optional add-on — in compliance with Article 22 UK/EU GDPR.

Nature of output

Formative feedback and indicative score for educational use. Not determinative.

Human oversight

Teachers, school staff, and tournament adjudicators can review, query, and override AI outputs before any result is finalised.

Significant effects

None without human involvement. AI outputs do not determine formal qualifications, disciplinary outcomes, or access rights.

Right to human review

Available on request via the school administrator or contact@pocketdebate.com.

AI training

No personal data processed through Pocket Debate is used to train any AI model.

Pocket Debate does not set cookies, web beacons, pixel tags, device fingerprinting, or any other persistent tracking technology on a user's device. No cookie banner is presented on the platform because no such technologies are deployed.

Session management is handled through authentication mechanisms that do not rely on placing cookies on the user's device. No third-party advertising or cross-site tracking technologies are embedded in the platform.

Pocket Debate offers authentication via Microsoft Single Sign-On (SSO), the recommended and default login method for institutional deployments. It allows schools to manage access through their existing Microsoft Entra ID (formerly Azure Active Directory) infrastructure without requiring students or staff to create separate Pocket Debate passwords.

When a user authenticates via Microsoft SSO, Pocket Debate receives only the user's name, school email address, and a Microsoft account identifier. No passwords, full directory information, or data beyond what is necessary to authenticate the user's account is received. This information is used solely for account creation and authentication — not for marketing, profiling, or any other purpose. School administrators control SSO access via their Microsoft Entra ID tenant; revoking a user's Microsoft account access automatically prevents Pocket Debate login. School administrators should review Microsoft's Privacy Statement for information on how Microsoft processes account data.

SSO provider

Microsoft (Entra ID / Azure Active Directory).

Data received

Name, school email address, Microsoft account identifier. No passwords or directory data.

Purpose

Account creation and authentication only.

Alternative login

Email and password login is available where SSO is not configured, subject to school administrator approval.

Pocket Debate is restricted to users aged 14 and above. This minimum age reflects the requirements of the EU AI Act and applicable data protection law governing the use of AI-powered services with younger children. Schools deploying Pocket Debate are required to confirm that all student users meet this age threshold prior to account creation.

Pocket Debate is committed to the privacy and security of student personal data. The following principles govern all processing of student data through the platform and apply in addition to the general provisions of this Policy.

Pocket Debate applies technical and organisational security measures appropriate to the risk and nature of the data processed. Detailed security documentation is available to institutional partners on request.

Pocket Debate maintains a documented security incident response procedure. Schools and institutional partners are asked to report any suspected security incidents involving Pocket Debate data to contact@pocketdebate.com immediately.

In the event that Pocket Debate Inc. is involved in a merger, acquisition, financing, reorganisation, sale of assets, or transfer of the business or part thereof, personal data held by Pocket Debate may be transferred to a successor entity as part of that transaction. Any successor entity would be required, as a condition of the transfer, to honour the commitments made in this Privacy Policy.

Where such a transaction would result in a material change to how personal data is processed — including any change to the identity of the data controller, the purposes of processing, or the applicable retention periods — Pocket Debate will notify affected schools and users at least 30 days before the change takes effect. Schools will retain the right to request deletion of their data prior to any such transfer.

This Privacy Policy is reviewed twice annually, in January and July of each year, and updated as required to reflect changes in the platform, processing activities, applicable law, or regulatory guidance. The version number and date on the cover identify the current version.

Material changes — those that substantively alter how we process personal data or affect the rights of data subjects — will be communicated to institutional partners and, where appropriate, to individual users at least 30 days before they take effect. Non-material clarifications such as improved wording, corrected links, or updated sub-processor contact details may take effect immediately upon publication.

Where a school or institutional partner objects to a material change, they should contact us at contact@pocketdebate.com before the change takes effect.

For any question, concern, or request relating to this Privacy Policy or the processing of your personal data, please contact us at contact@pocketdebate.com. We aim to acknowledge all privacy-related correspondence within five working days. For student and parental requests, please contact your school's data protection lead in the first instance — they will liaise with us on your behalf.

Supervisory Authorities.

If you are not satisfied with our response, or believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the relevant supervisory authority.