( 01 — The brief )
Replace the app pile.
Every primary school juggles a pile of apps: homework on one, reading records on another, announcements by email, rewards on a wall chart — and every parent pays the tax in logins. The client wanted it all folded into one calm place, free for founding schools. And one red line was drawn before a single line of code: nothing a child sees is ever paid. No upsells in the play zone, ever.
— The client, in every case on these pages, was us. We are a demanding client. This one also has school-age children, which is stricter still.
( 02 — The craft )
Three audiences, one app.
A teacher mid-lesson, a parent at a bus stop, a seven-year-old counting her points — the same product serves all three. Teachers get class dashboards; parents see their own children and only ever their own; and children get a play zone where effort pays out in ooms — points that hatch eggs into collectible loomies, tend a pixel farm, and power times-tables and spelling games drawn from real class homework.
No leaderboards, by design. Children compete with their own personal bests, never with each other. Daily caps keep game rewards gentle, and a PIN-protected kid mode keeps shared family devices sane.
( 03 — The engine )
A ledger, not a number.
TypeScript throughout: Next.js and React, PostgreSQL under Prisma, shipped in Docker behind a proxy with automatic HTTPS, with push notifications to parents’ phones. The detail we’re proudest of is invisible: the ooms system is an append-only ledger. Points are transactions with an amount, a kind and a reason — never a mutable number that could silently drift. A child’s record can always be trusted, and always explained.
( 04 — Foundations )
Children’s data as a design constraint.
Safeguarding shaped the schema before features did. Data minimisation: a pupil is a first name, a last name and a class — no birthdays, no addresses, no medical notes. No child accounts at all — children appear as records under their parents, keeping the product clear of under-13 account rules by construction. Per-pupil photo consent is enforced in the posting flow itself, and photos are only ever served to authenticated members of the school.
There are no hidden channels — school staff can always see family message threads, a safeguarding principle borrowed from how good schools already work. Audit logging is built into the schema, data lives in London for UK residency, and nightly backups run on a fourteen-night rotation.
The strictest reviewer we’ve ever shipped for is a seven-year-old’s parent.
( In brief )
- Audiences
- Teachers, parents, children
- Child accounts
- None, by design
- Data home
- London, UK
- Kid-visible paywalls
- Zero, forever