Innovation Technologies ABN 31 619 561 205, trading as Your Childs Day (YCD) is committed to maintaining the privacy and security of Your personal information and complying with the obligations under the Privacy Act 1988 (Cth) and the applicable Australian Privacy Principles. This policy can be viewed on our website yourchildsday.com.
By accessing our Website and using our Services, You consent to the terms of this Policy.
In relation to this policy, the use of the terms “You” or “Your” refers to all users of our website and our products and services.
YCD collects Your personal information
YCD is a provider of various software solutions provided to businesses and individuals on an ongoing basis.
The Service involves the storage of data about a company or individual. That data can include personal information. “Personal information” is information about an identifiable individual, and may include but is not limited to information such as the individual’s name, email address, phone number, age, child care attendance related information, child activity records, bank account details, and accounts and financial information.
What personal information we collect and hold
We will only collect personal information from You if it is reasonably necessary to provide services to You. Personal information we may collect, and hold includes:
1. Information and content You provide us
By accessing our Service, or by providing Personal Data directly to us, we may collect personal information necessary to offer and fulfil the services You request. This includes Your name, postal address, telephone number, email address and any other details. This includes for example:
- childcare related information including child attendance information, child contact information and financial information using our YCD and ChildCarePlus services;
- information about transactions as well as information associated with that transaction including Your name, address, contact details, credit card, bank account information, merchant information and information of the participants associated when You make a direct debit using our software;
- family details and booking related information including Your name, the names of other members in Your family when using YCD;
- content You provide us including child goals, stories, observations, and content contained therein, as well details of family members You post about or share it with when using YCD.
If You are a client using our services we may collect the information necessary in administering our services including Your bank account details for direct debit payments, Your staff and employer details as well as child lists for management software.
Where children use our services, we may also collect the above information in respect of the parents/guardians and their children.
We may also collect information that is necessary for a service to be provided, when You fill in a form on our website or when You ask to be included in an email list.
2. Information we collect from others
We may collect information from third parties, such as from merchants and other users of the services including Your name, contact details, transaction details, outstanding payments and customer records. We may also collect information and communications about You that other people provide when they use our services.
Our clients may use our services in their workplace or business. This means we may collect personal information that the client may send to us either manually or automatically through our services. In most situations we collect personal information about an individual from the client where the parent/guardian has a child enrolled in the childcare centre.
3. Information we collect from use of our online services
We may collect a variety of information from Your interaction with the website and our online services including Your IP Address; the date, time and duration of Your visit; the number of pages You have downloaded; and the type of browser You use.
Sensitive Information
Some personal information we collect is considered Sensitive Information under the Privacy Act. Sensitive information that we collect includes a person’s state of health or medical history. We use this data in integration with the services that we offer, including the ability to disclose this to others so that they are aware of any health requirements that You may have. Where we collect such data from You we will only do so if it is considered reasonably necessary for us to collect such data for us to perform our functions or activities and You consent, or collection is required by law or another exception under the relevant laws applies.
How we collect Your personal information
We will generally collect personal information directly from You when You:
- register to use the Service (either through us or a client);
- use the Service;
- post to the YCD forums, Blogs or Social Media platforms;
- contact the YCD support team; and
- visit our website.
We may also be required to collect personal information about You from a third party. These parties may include merchants, our clients, Your representatives, brokers or other publicly available sources. We also collect Your information from our analytics providers. We may also collect your information from our clients.
Through Your use of the Service, YCD may also collect information from You about someone else. If You provide YCD with personal information about someone else, You must ensure that You are authorised to disclose that information to YCD and that, without YCD taking any further steps required by applicable data protection or privacy laws, YCD may collect, use and disclose such information for the purposes described in this Policy.
This means that You must take reasonable steps to ensure the individual concerned is aware of and/or consents to the various matters detailed in this Policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information and YCD’s identity. Where requested to do so by YCD, You must also assist YCD with any requests by the individual to access or update the personal information You have collected from them and entered into the Service.
Eg. If you are uploading photos of children into YCD, please ensure you only upload photos where the parents of all children in the photo have given permission for the upload.
The purpose for which YCD collects, holds, and uses Your personal information
YCD collects Your personal information so that we can provide You with the Service and any related services You may request. In doing so, YCD may use the personal information we have collected from You for purposes related to the Services including to:
- verify Your identity;
- to provide our clients’ services to organisations and individuals;
- providing payroll services and child care management services;
- billing and account management;
- administer the Service;
- notify You of new or changed services offered in relation to the Service;
- carry out marketing or training relating to the Service;
- assist with the resolution of technical support issues or other issues relating to the Service;
- assist in the understanding of client needs to create software development priorities;
- assist in the internal testing of products and services;
- gathering and aggregating information for statistical and research purposes;
- maintaining Your account and Your details;
- providing You with access to restricted areas of the website;
- taking measures to detect fraud;
- perform our internal administration and operations (including, without limitation, distributing payments to our clients, accounting, reporting, risk management, record-keeping, archiving, systems development and testing and staff training);
- comply with laws and regulations in applicable jurisdictions; and
- communicate with You.
By using the Service, You consent to Your personal information being collected, held and used in this way and for any other use You authorise. YCD will only use Your personal information for the purposes described in this Policy or with Your express permission.
It is Your responsibility to keep Your password to the Service/s safe. You should notify us as soon as possible if You become aware of any misuse of Your password, and immediately change Your password within the Service.
We agree to not use or disclose Your personal information for a secondary purpose unless You consent to us doing so, or under the circumstances involved we believe You would reasonably expect us to use or disclose the information for a secondary purpose and that that secondary purpose is related to the primary purpose of collection.
YCD can aggregate Your non-personally identifiable data
By using the Service, You agree that YCD can access, aggregate and use non-personally identifiable data YCD has collected from You. This data will in no way identify You or any other individual.YCD may use this aggregated non-personally identifiable data to:
- assist us to better understand how our customers are using the Service,
- provide our customers with further information regarding the uses and benefits of the Service,
- enhance business productivity, including by creating useful business insights from that aggregated data, and
- otherwise to improve the Service.
Anonymity and Pseudonymity
We will generally need to know who You are in order to provide You with our products and services. Where it is reasonable and practicable we may allow You to transact with us anonymously or by using a pseudonym, such as where You make a general enquiry.
However, this is not possible if we are required or authorised by law or other instrument to deal with people who have been appropriately identified, or where it is impracticable for us to deal with individuals who have not identified themselves or who would prefer to use a pseudonym.
Storage and security Your personal information
YCD is committed to protecting the security of Your personal information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure. Your personal information is stored within secure systems that are protected in controlled facilities. Our employees and authorised agents are obliged to respect confidentiality of any personal information held by us.
The Internet is not in itself a secure environment and we cannot give an absolute assurance that Your information will be secure at all times. Transmission of personal information over the Internet is at Your own risk and You should only enter, or instruct the entering of, personal information to the Service within a secure environment.
We’ll only keep Your personal information for as long as we require it for the purposes of providing You with the Service. However, we may also be required to keep some of Your personal information for specified periods of time, for example under certain laws relating to businesses and financial reporting legislation.
Where information is no longer needed for any purpose, we ensure that it is effectively and securely destroyed or de-identified.
Disclosure of Your Personal Information
We may disclose Your personal information to third parties for the purposes contained in this Privacy Policy, including without limitation to:
- our related companies/entities, in which case we require our related companies/entities to honour this Privacy Policy. In the event we are involved in a merger, acquisition or sale of assets we may disclose personal information collected by us to such entities that we propose to merge with or be acquired by, and will assume the rights and obligations regarding Your personal information as described in this Privacy Policy;
- service providers, whom we use to provide You with services that we offer including those that verify Your identity, assist in processing transactions, information technology service providers, mailing houses and market research organisations, and organisations that provide us with professional advice such as lawyers, accountants and business advisers, and business partners;
- third parties where we reasonably believe there has been an infringement of Your rights or those of a third party and disclosure of Your information may remedy or assist in the remedy of the infringement;
- other parties to transactions when You use our services, such as other users, merchants and their service providers. We may share information with the other participants in Your transactions to facilitate the transaction and to help resolve disputes and detect and prevent fraud. If You make payments through our services to a merchant, we will provide details of transactions, payment details and call note history as well as reporting to the merchant;
- the client in respect of whose product or service the information was collected and other organisations that are contracted to our client to provide services in relation to the information collected;
- our clients where they are contracted to provide You with our products or services in relation to the information collected; and
- third parties where we believe in good faith we are required to do so by law, or an exception applies under the Privacy Act or with Your consent.
Notwithstanding the above, we may disclose aggregate information and other information that does not personally identify You to such third parties as we may see fit.
Cross-border disclosure
In some cases we may be required to share some of Your information with organisations outside Australia. When we share Your information with organisations overseas we ensure appropriate data handling and security measures are in place.
If we can’t collect Your personal information
If You do not provide us with the personal information we have requested, we may not be able to provide You with our services.
Notifiable Data Breach
In the event that there is a data breach and we are required to comply with the notification of eligible data breaches provisions in Part IIIC of the Privacy Act 1988 (Cth) or any other subsequent sections or legislation which supersede this Part IIIC, we will take all reasonable steps to contain the suspected or known breach where possible and follow the following process set out in this clause.
We will take immediate steps to limit any further access or distribution where possible. If we have reasonable grounds to suspect that the data breach is likely to result in serious harm to any individuals involved, then we will take all reasonable steps to ensure an assessment is completed within 30 days of the breach or sooner if possible. We will follow the guide published by the Office of the Australian Information Commissioner (if any) in making this assessment.
If we reasonably determine that the data breach is not likely to result in serious harm to any individuals involved or any remedial action we take is successful in making serious harm no longer likely, then no notification or statement will be made.
Where, following an assessment and undertaking remedial action (if any), we still have reasonable grounds to believe serious harm is likely, as soon as practicable, we will provide a statement to each of the individuals whose data was breached or who are at risk. The statement will contain details of the breach and recommendations of the steps each individual should take. We will also provide a copy of the statement to the Office of the Australian Information Commissioner.
We will then review the incident and take action to prevent future breaches.
You may request access to Your personal information
You may request access to the information we hold about You, or request that we update or correct any personal information we hold about You, by setting out Your request in writing and sending it to us at [email protected].
YCD will process Your request as soon as reasonably practicable, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet Your request, we will let You know why.
Correction of personal information
If You require access in order to correct Your personal information, You will need to establish why the correction is necessary. We will then take reasonable steps to correct Your information within a reasonable period of time, so that it is accurate, up-to-date, complete, relevant and not misleading. We may also correct Your personal information if we determine that it is inaccurate, out of date, incomplete, irrelevant or misleading.
In certain circumstances we may refuse to update or correct the information held, if we do, we will provide You with a reason why.
Children
We understand the importance of taking extra precautions to protect the privacy and safety of children using our services. Children under the age of 15, or equivalent minimum age in the relevant jurisdiction, are not permitted to use our services, unless their parent or guardian provides verifiable consent.
If we learn that we have collected the personal information of a child under 15, or equivalent minimum age depending on jurisdiction, outside the above circumstances we will take steps to delete the information as soon as possible.
If at any time a parent needs to access, correct, or delete data associated with their child, they may contact us through our Privacy Officer.
YCD uses cookies
In providing the Service, YCD utilises “cookies”. A cookie is a small text file that is stored on Your computer for record-keeping purposes. A cookie does not identify You personally or contain any other information about You but it does identify Your computer.
You can opt-out of any email communications
From time to time we may also use Your personal information to let You know about other products and services from us that You might be interested in, but we will not if You tell us not to.
YCD sends billing information, product information, marketing announcements, service updates and service notifications to You via email. Our emails will contain clear and obvious instructions describing how You can choose to be removed from any mailing list not essential to the Service. YCD will remove You at Your request.
YCD has a privacy complaints process
If You wish to complain about how we have handled Your personal information, please provide our Privacy Officer with full details of Your complaint and any supporting documentation:
- by email at [email protected]
Our Privacy Officer will endeavour to:
- provide an initial response to Your query or complaint within 10 business days, and
- investigate and attempt to resolve Your query or complaint within 30 business days or such longer period as is necessary and notified to You by our Privacy Officer.
If You are still not satisfied, You can contact the Australian Information Commission:
Office of the Australian Information Commission
Office Address: Level 3, 175 Pitt Street, Sydney NSW 2000
Postal Address: GPO Box 5218, Sydney NSW 2001
Phone: 1300 363 992
Email: [email protected]
www.oaic.gov.au
This policy may be updated from time to time
YCD reserves the right to change this Policy at any time, and any amended Policy is effective upon posting to this Website. Your continued use of the Service will be deemed acceptance of any amended Policy. From time to time we will review our Privacy Policy to keep pace with changes in our Service and any Data Protection Laws. This document is our most recently updated Privacy Policy.
Last updated: August 2023