Privacy Policy
1. Purpose
- 1.1
This Privacy Policy (Policy) applies to Nido Education Limited ACN 650 967 703 (Company) and its controlled entities (together, the Group, we, us or our) and explains how we manage personal information.
- 1.2
The Group is committed to the protection of personal information in accordance with the privacy law in the provision of its child care services through the child care centres it operates and manages, including the Australian Privacy Principles in the Privacy Act 1988 (Cth) (the Act). This Policy outlines the types of personal information that we usually collect, the purposes for which we collect it, to whom we disclose it, how we hold and keep it secure and your rights in relation to your personal information, including how to complain and how we deal with complaints.
- 1.3
When dealing with the Group you may be:
- (a)
a current or former parent of a child enrolled at one of our centres, or applying to enrol your child;
- (b)
a participant in any promotion run by us, or who has provided information in connection with an inquiry about us or our business, or in connection with a marketing initiative we conduct;
- (c)
a supplier, volunteer or other person required to undertake accreditation or achieve any clearance or approval in order to deal with us or be involved in any way with our business; or
- (d)
an applicant for employment, either directly or through our recruitment services provider,
noting that where relevant, a reference to our child care centres includes a reference to externally owned child care centres managed by us.
- (a)
- 1.4
This Policy does not apply to the personal information of our employees.
- 1.5
We may change this Policy from time to time, by publishing an updated policy on our website at https://nido.edu.au/privacy-policy/.
2. Kinds of personal information we collect and hold
- 2.1
In this Policy, the following terms are used:
- (a)
Personal information is any information or an opinion, that is recorded in any form about an identified individual or an individual who is reasonably identifiable, whether true or not. It does not include information which is de-identified.
The types of personal information we collect about you depends on the dealings you have with us, and may include:
- (i)
your name, address, date of birth and contact details;
- (ii)
information relating to children enrolled in our centres and their families, including information about education and financial information, for example information relating to funding support from the government;
- (iii)
enrolment history and details of attendance, services used and any information relating to attendance at our centres or use of our services; and
- (iv)
information collected by us when you apply to enrol your child at our centres.
- (i)
- (b)
If you are applying to work for us, we may also collect your:
- (i)
details of past employment;
- (ii)
qualifications;
- (iii)
academic records;
- (iv)
references;
- (v)
residency status;
- (vi)
proof of identity;
- (vii)
medical information; and
- (viii)
criminal history record.
- (i)
- (c)
If you enrol (or contact us to enquire about enrolling) your child at one of our child care centres, we may collect and use the following personal information about you and your child:
- (i) name, date of birth, gender, address (postal and email) and telephone and facsimile numbers;
- (ii) financial information (including bank account details, credit card numbers, and debit card numbers);
- (iii)
government identifiers (including Centrelink or Medicare reference numbers);
- (iv)
information relating to custody arrangements and parenting orders;
- (v)
photographs, videos, and children’s work samples;
- (vi)
information relating to your occupation;
- (vii)
information relating to your occupation;
- (viii)
opinions expressed in relation to any of our services;
- (ix)
other such information (including proof of identity) that is relevant for us to provide our services to you in the manner that you have requested, or to comply with applicable laws; and
- (x)
other information necessary for our functions and activities, including sensitive information described in this Policy.
- (d)
We also collect personal information from a range of individuals in the context of our services and activities, including representatives of our suppliers, families of children enrolled, business partners, contractors, landowners, vendors, purchasers, shareholders, and others. We may also collect a range of information in the context of these interactions, such as names, genders, job titles, identification information, email addresses, home addresses and other contact details, details of business and other interests, third party references, communications (including notes from meetings and telephone call recordings), and feedback or survey responses provided to us.
- (e)
Sensitive information means personal information or an opinion about an individual’s:
- (i)
racial or ethnic origin;
- (ii)
political opinions or membership of a political association;
- (iii)
religious or philosophical beliefs or affiliations;
- (iv)
membership of a professional or trade association or trade union;
- (v)
sexual orientation or practices;
- (vi)
criminal record; or
- (vii)
health, genetics or biometric information or templates.
- (i)
- (f)
Health information is a type of sensitive information that is personal information and that is also information or an opinion about the physical, mental or psychological health of an identified individual, an individual’s disability or an individual’s expressed wishes for the future provision of their healthcare or a health service provided to an individual. We may require this information in order for us to be best placed to look after children enrolled in our centre. For example, health information could include:
- (i)
notes of symptoms or diagnosis;
- (ii)
information about a health service which an individual has had or will be receiving;
- (iii)
specialist reports and test results; and
- (iv)
prescription information.
- (i)
- (a)
3. How your personal information is collected
- 3.1
In most cases we will collect personal information directly from you when you interact with us. For example, from our discussions with you, when you complete a form, your emails and your interactions with our website.
- 3.2
If circumstances require, we may collect personal information about you from third parties with whom we interact in order to provide our services or from publicly-available sources including social media.
- 3.3
If you apply for a job or contract position with us, we may also collect personal information about you from third parties and publicly available sources, including:
- (a)
recruiters;
- (b)
government departments to verify your entitlement to work in Australia;
- (c)
police agencies to obtain your criminal history record;
- (d)
academic institutions;
- (e)
consulting medical practitioner;
- (f)
superannuation fund provider;
- (g)
your current or previous employers; or
- (h)
your referees.
- (a)
- 3.4
We receive personal information that you provide to us about third parties on the understanding that we have the relevant individual’s consent for us to collect and handle their personal information in accordance with this Policy.
- 3.5
We will obtain your consent to collect sensitive information, such as information about your health unless we are required or permitted by law to collect it without your consent.
4. You may choose not to provide personal information
-
If you choose not to provide personal information we request, we may not be able to provide you with child care services, process your application or allow you to participate in training, recruitment programmes, marketing initiatives or information campaigns.
5. How personal information is held
- 5.1
Your personal information may be recorded in our computer systems, databases and/ or paper records. We may utilise our agents and third-party suppliers for data storage services.
- 5.2
We take reasonable steps to hold any personal information you provide to us securely and to protect your personal information from misuse, interference, and loss as well as unauthorised access, modification or disclosure.
We use service providers and secure online payment facilities to allow you to pay us by credit card. We take steps to ensure your details cannot be accessed through the internet after your payment has been processed.
- 5.3
However, the Group cannot and does not guarantee that personal information we hold will be protected against unauthorised access or misuse, and you agree that the Group will not be liable for any such unauthorised access or misuse.
- 5.4
Generally, we will take reasonable steps to destroy or permanently de-identify your personal information when it is no longer required by us. However, we may retain your personal information where we are required or permitted by law to do so, such as for insurance, legal or corporate governance purposes and for the prevention of fraud. Your personal information may also be retained in our back-up records.
6. Collection of information through our websites
- 6.1
The Group operates the websites https://nidoeducation.edu.au and https://nido.edu.au/. There are a number of ways in which we collect information through our websites, involving:
- (a)
Analytics: We use Google Analytics (hosted by a third party) to collect data about your interaction with our websites. The sole purpose of collecting your data in this way is to improve your experience when using our sites. The types of data we collect with these tools include: your device’s IP address, device screen size, device type, operating system and browser information, geographic location, referring domain and out link if applicable, search terms and pages visited and date and time when website pages were accessed. More information about Google Analytics is available at the website: www.google.com/policies/privacy/partners/.
- (b)
Browsing information: Whilst we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit, search engine referrals and the internet protocol address assigned to your computer.
- (c)
Cookies: When you visit our website, we may also use ‘cookies’ or other similar tracking technologies that help us track your website usage and remember your preferences. Cookies are small files that store information locally on your computer, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our website may not work as intended if you do so.
- (d)
Email lists, registrations, and feedback: We will collect information that you provide to us when signing up to mailing lists and registering for our events, or when submitting feedback on your experience with our websites.
- (e)
Feedback: To collect voluntary feedback on your experience with our websites.
- (a)
7. Anonymity
-
There are limited circumstances where you may be able to deal with us anonymously or by using a pseudonym. Examples include where you are seeking only general information about our products or services or are looking only for indicative pricing. In most other cases it will not be practicable for us to deal with you anonymously, for example we require accurate personal information in order to commence or complete an enrolment application.
8. Purposes for collecting, holding, using and disclosing personal information
- 8.1
We generally collect, use and disclose personal information for the following purposes:
- (a)
administering and managing our business;
- (b)
supplying our services;
- (c)
offering or promoting our services;
- (d)
obtaining feedback;
- (e)
to help us manage, develop and enhance our services, including our websites and applications;
- (f)
assessing your eligibility for funding support or other benefits;
- (g)
assessing your suitability to work with us; or
- (h)
complying with our legal obligations, resolve any disputes and enforce our agreements and rights with third parties.
- (a)
9. Who we may disclose your personal information to and why
- 9.1
We, or our authorised agent, may disclose your personal information to:
- (a)
any person authorised by you;
- (b)
a mail house, records management company or technology services provider (for example, for the purposes of printing and/or delivery of mail and email, or secure storage and management of our records);
- (c)
service providers engaged by the Company or a company member of the Group from time to time in connection with the provision of our services or the health and care of children enrolled at the child care centres we manage (including, but not limited to, health service providers, insurers, service providers that host our website servers or manage our Information Technology infrastructure and our human resources information);
- (d)
an organisation that provides you with banking facilities (for the purpose of arranging direct debit or other payment transactions or confirming payments made by you to us);
- (e)
anyone to whom part or all of our assets or business are transferred or sold;
- (f)
our professional advisers, including lawyers, accountants and auditors;
- (g)
government agencies, regulatory bodies and law enforcement agencies, or other similar entities;
- (h)
persons employed by or who have an interest in externally owned child care centres managed by us; and
- (i)
any company who conducts surveys on our behalf for the purpose of improving or providing our services.
- (a)
10. Disclosure to overseas recipients
-
In some instances, the suppliers and service providers to whom we disclose your personal information may be located overseas (including financial and marketing service providers located in India).
11. Accessing and seeking correction of your personal information
- 11.1
Our aim is to always have accurate, complete, up-to-date and relevant personal information.
- 11.2
When you receive enrolment or re-enrolment notices, general correspondence, or if we otherwise communicate with you, please check that the information we hold about you is correct.
- 11.3
You may request access to personal information that we hold about you at any time and request us to correct any errors in that information. This request must be in writing and delivered to the Group’s Privacy Officer. We will need to verify your identity before responding to your request. Subject to any applicable exceptions or requirements, we will provide you with access to personal information you request within a reasonable time and usually within 28 days. If we decide to refuse your request, we will tell you why in writing and how to complain.
- 11.4
If we are satisfied that any personal information, we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will amend our records accordingly. If we do amend your personal information, you may request us to advise any other third parties whom we have disclosed your information to.
12. How to make a complaint
- 12.1
If you wish to make a complaint about how we have handled your personal information you should make that complaint in writing to the Group’s Privacy Officer using the details set out in this Policy. If you require any assistance, you may contact us.
- 12.2
If we receive a complaint from you about how we have handled your personal information, we will determine if any action should be taken to resolve the complaint.
If we decide that a complaint should be investigated further, the complaint will usually be handled by a more senior employee of the Company. - 12.3
We will endeavour to respond to your complaint within a reasonable period of time and not more than 30 days of receiving your complaint, to acknowledge your compliant and inform you of the next steps we will take in dealing with your complaint. If you are not satisfied with our response you may ask for a review by a more senior officer of the Company, or you may make a complaint to the Office of the Australian Information Commissioner (OAIC) via the OAIC website at www.oaic.gov.au.
13. How to contact us
-
-
If you have a question or comment regarding this Policy or wish to make a complaint or exercise your rights, please contact the Group’s Privacy Officer on the following details:
-
-
Email: ir@nido.edu.au
Telephone: (02) 9712 7444
Mail: 1 Park Avenue, Drummoyne NSW 2047