Child Development Institute
We comply with the Privacy Act 1988 (Cth) (Privacy Act) and handle personal information that we collect in accordance with the Australian Privacy Principles (APPs). The Privacy Act and the APPs apply to all our child care services operating nationally.
2. What is personal information?
Personal information means information or an opinion about you which identifies you (or from which you can reasonably be identified), or as otherwise defined by applicable privacy law. It does not include information that is de-identified (anonymous data).
3. Dealing with us anonymously
Where it is lawful and practicable to do so, you may deal with us anonymously (e.g. when enquiring about our services generally). However, we usually need your name, contact information and other details to enable us to provide our services to you.
4. Why do we collect personal information?
We will only collect personal information from you when it is reasonably necessary to undertake our business activities and functions, or as otherwise permitted by law. We may collect your personal information for one or more of the following purposes (depending on our relationship with you):
- to provide our services to your children, with their well-being, protection and development in mind
- to contact you with helpful resources to support your child’s journey and milestones
- to administer and manage our services including charging, billing and collecting debts
- to analyse our customer needs with a view to developing new and/or improved services
- for market research and surveys, direct marketing, promotions and/or competitions
- to notify you (either directly or via a third party advertising platform) about special offers and services available from us or our partners
- to ensure the proper function of our website and online software
- fulfilling our mandatory reporting obligations required by applicable law
- if you are applying for a job, to assess your application for a role with us and to take references
- any other purpose that you have consented to
- any related secondary purpose which we believe you would reasonably expect when we collected your personal information or as a result of our ongoing relationship with you
- to respond to and manage inquiries, complaints, feedback and claims, defend our legal interests and investigate and protect against fraud, theft and other illegal activities
We may also use your personal information for other purposes not listed above which will be made clear to you at the time we collect your personal information, or for such purposes as may be required or permitted by law.
5. What personal information do we collect and hold?
The personal information collected depends on the dealings you have with us.
If you enrol (or contact us to enquire about enrolling) your child at one of our centres, we may collect you or your child’s:
- name, date of birth, gender, address (postal and email) and telephone numbers
- government identifiers (for example Centrelink or Medicare reference numbers)
- other information necessary for our functions and activities, including sensitive information described in this policy
- with your consent, image or video
- and details of your:
- financial information (including credit card details)
- details of your nominated emergency contact person
- opinion in relation to any of our services
- other such information (including proof of identity) that is relevant for us to provide our services to you in the manner that you have requested, or to comply with the law
Other persons we interact with
We collect personal information from a range of individuals in the context of its business activities, including representatives of our suppliers, customers, sponsors and business partners; contractors; landowners; vendors; investors and job applicants.
We may collect a range of information in a business context, such as your name, gender, job title, identification, email address, home address and other contact details, details of your business and other interests, experience and/or academic and professional qualifications, third party references, communications with you (including notes from meetings and telephone call recordings), feedback or survey responses that you provide to us, financial and payment information, and information collected from clearance questionnaires and/or interviews.
We use this information for business-related purposes, including negotiating, concluding and performing contracts, managing business relationships, administering real estate leases, recruitment, managing accounts and records, communicating with you and third party contacts, supporting corporate social responsibility activities, security, legal, regulatory and internal investigations and debt administration.
Visitors to our websites
We may collect personal information about you when you use and access our website.
While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the IP address assigned to your computer.
We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.
We only collect sensitive information where it is reasonably necessary for our functions or activities and either you have explicitly consented, or we are required or authorised by law to do so.
In some circumstances we may ask for personal information that is sensitive. This may include information such as your child’s racial or ethnic origin or any cultural or religious requirements (for example, for staff to use in educational programs). We are also required by law to collect and hold details of your child’s medical conditions, immunisation history and additional needs. We collect this information as it is reasonably necessary for ensuring the well being, protection and development of children in our care.
If you apply for a position with us, we may collect your health information, medical history, information about national origin or immigration status, or optional demographic information such as race.
We may collect your credit card details or other financial information where you provide them to us for the purposes of arranging direct debit or payment plans you have requested. Financial or credit card information we collect from you is strictly confidential and held on secure servers.
In certain circumstances we are required, to collect government identifiers such as those used by Centrelink and the Department of Human Services. We will only use or disclose this information in accordance with the law.
6. How is personal information collected?
We will normally only collect personal information directly from you when you provide it to us:
- when you attend our centres, complete an enrolment form or survey
- when you call us, email us or post us your information
- via our website or our social media pages
- if you apply for any job vacancy
- if you make a complaint to us
We may sometimes collect personal information about you from other sources, for example our third-party suppliers and contractors who assist us to operate our business (such as a third party payment gateway or a recruitment agency).
7. Using and disclosing personal information
We will not sell, share or pass your personal information on to any third parties, other than in accordance with this Policy, with your consent or to those who are contracted to us to keep personal information confidential. We may disclose personal information:
to our related bodies corporate, suppliers, consultants, contractors or agents to help us to provide you with the requested services
if we merge with or are acquired by another entity, to that entity as a part of the merger or acquisition
to relevant federal, state and territory authorities for the purpose of investigating a health or safety issue, including a workplace health and safety matter or child protection matter
when conveying information to a responsible person (e.g. a guardian or emergency contact), unless you have requested otherwise
as required by law
8. Do we disclose any information overseas
We may disclose personal information outside of Australia to our third party suppliers such as cloud storage providers or datacentres for software we use. When you provide your personal information to us, you consent to the disclosure of your information outside of Australia. We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the APPs.
9. Marketing and your consent/opting out
We and/or our carefully selected partners may send you direct marketing communications and information about our services. This may take the form of emails, SMS or mail, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (eg an unsubscribe link).
We may occasionally engage other companies to provide marketing or advertising services on our behalf. Those companies will be permitted to obtain only the personal information they need to deliver the service. If we provide those companies with any of your personal information, it is to provide you with a better or more relevant and personalised experience and to improve the quality of those services. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
10. Third party advertising services
We may utilise certain third-party advertising services (e.g. organizations such as FastClick or Google) to display advertising for our advertisers. These third-party services may place a cookie on your computer for the purposes of ad tracking and presentation. We do not share personally identifiable visitor information with these third-party services.
11. Storing personal information
We take all reasonable and appropriate steps (including organisational and technological measures) to protect your personal information from misuse, interference and loss, and unauthorised access, modification or disclosure. Some of the ways this is done include:
requiring our staff to maintain confidentiality
implementing physical and network security measures
providing a secure environment and access control for confidential information
only allowing access to personal information where the individual seeking access has satisfied our identification requirements
Where we store your personal information depends on what interaction you have had with us. These include electronic databases, email databases for marketing communications or secure archiving for paper based forms.
We will only store your personal information for as long as our dealings with you continue, or as otherwise required by law.
12. Data breaches
The Privacy Act requires us to notify affected individuals and the Australian Privacy Commissioner about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:
there is unauthorised access to or disclosure of personal information we hold (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates; and
we are unable to prevent the likely risk of serious harm with remedial action.
If it is not clear whether a suspected data breach meets these criteria, we will investigate and assess the breach to determine whether the breach is an ‘eligible data breach’ that requires us to notify the affected individuals. This is to ensure that you are notified if your personal information is involved in a data breach that is likely to result in serious harm. Even if the criteria are not met, we may decide it appropriate to notify you anyway as part of our commitment to taking privacy seriously.
13. Keeping personal information accurate and up to date
You can access the personal information we hold about you by contacting us using the information below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.
If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
15. Contact us
If you have a question or comment regarding this Policy or wish to make a complaint or exercise your privacy rights, please contact our Privacy Officer on the following details:
Phone: +61 (02) 4243 7899
Post: Privacy Officer
Child Development Institute
PO Box 264
Edgecliff, NSW, 2025