Kidix AU Privacy Policy

1. COMMITMENT TO PRIVACY

We recognize that information relating to children and their health is uniquely sensitive. Kidix operates under the principle of "Privacy by Design," ensuring that data protection is integrated into every aspect of our technology.

2. SENSITIVE HEALTH INFORMATION & MEDICAL DISCLAIMER

2.1 Data Processor Role:

Kidix AU provides digital templates for Medication Records (Reg 92), Allergy Logs, and Incident Reports (Reg 87). When Users enter data into these forms, Kidix acts strictly as a Secure Data Processor and Container.

2.2 NO PROFESSIONAL HEALTH ADVICE:

• Templates are provided for administrative record-keeping and regulatory compliance only.
• The Approved Provider and Educators remain solely responsible for the physical administration of medication and adherence to a child's official Medical Management Plan.
• Kidix AU assumes no liability for errors in medication administration, delayed medical treatment, or reliance on digital records for clinical decision-making.

3. COLLECTION OF INFORMATION

3.1 Children's Information (Sensitive Data):

We collect personal and sensitive information about children solely for educational and regulatory purposes, including:

• Identifiers: Legal name, date of birth, and gender.
• Health Data: Immunisation status, medical conditions, anaphylaxis/asthma plans, and medication requirements.
• Pedagogical Data: Observations, learning stories, milestones, and multimedia (photos/videos) depicting the child's development.
• Media: Photos and video recordings captured during learning experiences. These serve as critical "analysis materials" for our DeepSight Engine to generate pedagogical insights, verify developmental milestones, and provide visual evidence of progress.

3.2 Parent & Educator Information:

• Contact Details: Name, email address, phone number, and relationship to the child.
• Professional Details: Educator roles, certifications, and workplace (Centre) affiliation.

4. CHILD SAFETY & PRIVACY PROTECTION

4.1 Australian Child Safe Standards:

Our data handling protocols are aligned with the National Principles for Child Safe Organisations. We ensure that:

• Data Minimisation: We only collect information necessary for the delivery of ECEC services.
• Image Security: Multimedia files are stored in encrypted environments and are only accessible to authorized educators and linked family members.
• No Commercial Profiling: We strictly prohibit the use of children's data, likenesses, or developmental trajectories for commercial marketing or third-party profiling.

5. DEEPSIGHT AI & DATA PROCESSING

5.1 AI Analysis Protocol:

Our DeepSight Engine assists educators in analyzing observations.

• No Training on Your Data: Under our enterprise-grade service agreement, your pedagogical data, children's photos, and educator notes are NEVER used by Kidix or any other third party to train public foundational AI models.
• Transient Processing: Data processed by the AI is handled via encrypted channels and is not stored by the AI provider beyond the duration of the analysis request.

6. DATA SOVEREIGNTY (GROWTH LENS)

Parent-captured "Growth Lens" moments remain under the sole sovereignty of the family.

• These records are Private and invisible to the Education Centre by default.
• Data is only shared with the Centre if the Parent User explicitly toggles the "Share with Educator" setting.
• Once shared, the record becomes part of the Centre's official pedagogical archive and is subject to the Centre's data retention policies.

7. DATA STORAGE, SECURITY & LOCATION

7.1 Australian Jurisdiction:

All user data, including backups, is stored on encrypted servers within the Google Cloud Australia Region (Sydney/Melbourne). This ensures that sensitive data remains within Australian legal jurisdiction.

7.2 Security Measures:

We employ industry-standard security protocols, including AES-256 encryption for data at rest and TLS/SSL encryption for data in transit.

7.3 Multi-Tenant Isolation:

Data is logically isolated between different Education Centres to prevent cross-institutional data leaks.

8. DATA SHARING & DISCLOSURE

8.1 Pedagogical Tagging:

When an educator tags a child in a group observation, that record may become visible to the parents of all tagged children. Educators are responsible for obtaining appropriate Media Consent from families before tagging children in group settings.

8.2 Legal Requirements:

We may disclose information if required to do so by law, such as a request from ECEC regulatory authorities (e.g., ACECQA) or in emergency situations involving safeguarding or child protection.

9. YOUR RIGHTS & DATA RETENTION

9.1 Access and Correction:

You have the right to access and request the correction of personal information held by us.

9.2 Retention Obligations:

Under Regulation 183, certain ECEC records (such as Incident Reports) must be kept until the child is 25 years old.

• Kidix provides the tools for storage, but the Approved Provider (Centre) is responsible for exporting and retaining these records according to statutory timelines if they choose to close their Kidix account.

9.3 Deletion:

Upon account closure, and subject to legal retention requirements, data will be purged from our active databases within 60 days.

10. CONTACT US

For questions regarding this policy, or to report a privacy concern, please contact our Compliance Officer: