LookedAfter Privacy Policy
1. About us
LookedAfter Pty Ltd (ABN 14 621 539 580) (we, our or us) facilitates the enrolment and booking of children into childcare services, the management of bookings and attendances, invoicing to parents, management of Child Care Subsidy payments, and information reporting to management. In order to facilitate these services between childcare providers (Service Providers) and parents / guardians, we utilise our childcare booking and session management platform (LookedAfter Platform).
For anyone (including parents and guardians) to use or access the LookedAfter Platform, we need to know a bit about you. We know that the personal information you give to us about yourself may be sensitive, and we take the protection of this information very seriously.
This Privacy Policy (Policy) outlines how we will comply with our privacy obligations under Australian law. The Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) are the primary Australian law which governs the handling of personal information about individuals.
This Policy describes what kind of personal information we might obtain from you and how we handle your personal information. It also sets out the rights you have to manage and access your personal information and what you can do if you are concerned with how we handle your personal information.
2. What Personal Information do we collect?
2.1 What is Personal Information?
The Australian Privacy Act 1988 (Cth) (Privacy Act) defines “personal information” as information or an opinion about an identified individual, or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
Any time we use the term “personal information” in this policy, we are referring to this legal definition of the term.
In general terms, personal information is information or an opinion about someone who can reasonably be identified. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.
2.2 What kinds of personal information are collected?
We need to collect different types of information about you in the course of carrying out our business operations and activities, including making the LookedAfter Platform and our website (<https://www.lookedafter.com/> (Website)) available to our customers and users.
The main way we collect personal information about you is when you give it to us. However, we may also collect personal information about you indirectly from publicly available sources or from third parties.
Information obtained from you directly:
The type of personal information we collect about you depends on the nature of our relationship with you, and what you choose to share with us. We try to minimise the collection of information to only what is reasonably necessary for us to perform one or more of our functions or activities.
We may collect some or all of the following information from you directly:
personal identifiers such as your and your child’s full name, date of birth, identified gender;
contact details such as email address; phone number, emergency contact details;
information relating to child custody rights or arrangements;
your Medicare number;
your Centrelink customer reference number and other details as required by Services Australia to enable Child Care Subsidy (CCS) payment;
Internet Protocol (IP) addresses, internet clickstream and cookies data; and
your credit card or payment details (as we facilitate the card transactions / payments you make to Service Providers).
Sensitive information
Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection. We only collect sensitive information where you have provided your consent, or where we are required or authorised to do so under law.
The sensitive information we may collect about you includes:
you or your child’s medical conditions or medical requirements; and / or
you or your child’s cultural background (including language spoken in the household), religious belief, indigenous status.
We will only use and disclose your sensitive information for the primary purpose for which it was provided, for example, to better inform Service Providers on how to provide care services to your child.
Other, indirect information we may collect about you:
The types of indirect personal information we may collect about you include:
information that you provide third parties and reasonably expect that information to be provided to us;
details of your use of the LookedAfter Platform; and
details of your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour (including through cookies or tracking technologies).
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to feedback surveys or aggregated information about how the LookedAfter Platform or our Website is used.
2.3 How do we collect your Personal Information?
Sensitive information
Direct Collection
We collect your personal information directly from you when you:
interact with your Service Provider over the phone through verbal and written (SMS) communication;
interact with your Service Provider in person;
interact with the LookedAfter Platform e.g. when you provide information upon enrolment, make a booking, or when you update your enrolment / personal information;
interact with us online via our Website, forms, email communication or messaging and social media platforms;
interact with our third-party providers (including any Service Providers, third-party payment processor or third parties that provide marketing or data analytics information or insights to us);
participate in our surveys or questionnaires; or
subscribe to our mailing list.
Indirect Collection
We may collect your personal information indirectly through third parties where you would reasonably expect us to do so. For example, we may obtain your personal information from Service Providers or government agencies for the purpose of determining CCS payment amounts if you have consented to this activity.
We may also use publicly available sources to obtain your information, including commercially available personal, identity, geographic and demographic information.
Unsolicited information
From time to time, we may receive personal information that is additional to information that we have solicited or information that we have not taken active steps to collect. This is known as ‘unsolicited personal information’ and can include:
misdirected correspondence received by us;
information about another individual shared with us in the course of providing our services;
promotional material containing personal information sent to us by an individual promoting the individual’s business or services; or
court documents for proceedings to which we are a party or may have an interest.
If we receive unsolicited personal information and we decide that we are not permitted to collect it in accordance with the APPs, we will take reasonable steps to destroy or de-identify the information as soon as practicable, unless it is unlawful or unreasonable to do so.
Anonymity and pseudonymity
Where practical and possible (and in accordance with relevant laws), we will allow you to interact with us anonymously or by using a pseudonym. However, we note that your use of the Application and most of its functionality will require your personal information.
3. Why do we collect it?
3.1 Why we collect your personal information
We collect, use, hold and disclose your personal information so that we can provide you our best services and so we can let you know what we can offer you. In particular, we may use your personal information to:
enable you to access and use the LookedAfter Platform and our Website;
facilitate the provision of services to you by the Service Provider, including account maintenance, invoicing, enabling CCS payments from Services Australia to Service Providers, sending payment reminders;
communicate with you;
maintain internal records for administrative purposes;
develop, operate and improve our service and organisational processes;
process and respond to any complaint or general enquiry made by you;
troubleshoot any issues with the provision of services and improve them;
collect your feedback or suggestions, including about our products, services, website or organisational processes; and
enabling our other activities and functions.
We will only use personal information for a purpose other than for which it was collected or a related purpose if you have consented to such different use or where we may otherwise be reasonably expected to do so.
3.2 Advertising and marketing materials
If you are a parent or guardian who uses the Platform, we won’t send you any direct marketing communications, opportunities, or events or any messages or advertisements about these communications.
For any other users, from time to time, we may send you direct marketing communications, opportunities, or events that we consider may be of interest to you if you have requested or consented to receive such communications. We may send you messages or advertisements about these communications via the LookedAfter Platform, our Website, your email, SMS, phone or mail, in compliance with applicable marketing laws (including the Spam Act 2003 (Cth)).
You can choose to not receive these communications from us at any time and you may opt out by following the opt-out instructions that can be found in any of these communications or you can contact us at optout@lookedafter.com.
If you choose to opt out, please note that you will still receive communications from us which are necessary for facilitating your use of the LookedAfter Platform or Website or for making a booking with a Service Provider.
4. What do we do with your personal information?
4.1 Who do we share your personal information with?
We may share personal information with:
Service Providers using the LookedAfter Platform;
our employees, contractors and/or related entities;
legal authorities if required by law;
other third-party service providers to assist with providing our services (e.g. government agencies, Amazon Web Services, and other IT service providers, (e.g. data storage, web-hosting and server providers), maintenance or problem-solving providers, professional advisors and payment systems operators); and
third parties to collect and process data, such as Google Analytics (which may include parties located, or that store data, outside of Australia).
We will not sell your personal information to other people, and always aim to use your information to provide you with a suitable service.
Disclosure of personal information outside Australia
Currently, we do not directly disclose your personal information to overseas recipients.
However, to the extent that your personal information is disclosed to third parties based overseas, we will take reasonable steps to ensure that the third party does not breach the APPs, unless:
you have given us your consent to disclose personal information to that third party without ensuring their compliance with the APPs; or
we believe that:
the overseas recipient is subject to a law or binding scheme that is, overall, substantially similar to the APPs; and
we can enforce the law or binding scheme; or
the disclosure is required or authorised by an Australian law or court/tribunal order.
You acknowledge that overseas third parties may not be regulated by the Privacy Act and the APPs. If any third party engages in any act or practice that contravenes the APPs, it would not be accountable under the Privacy Act and you will not be able to seek redress under the Privacy Act.
4.2 How do we store and protect your personal information?
We are committed to ensuring that the personal information we collect is secure.
Your personal information is stored and encrypted with our cloud services providers (including Amazon Web Services (see https://aws.amazon.com/security/ for further information)), hosted on a virtual private cloud network in Australia. The LookedAfter Platform does not store any personal information overseas.
In general, we take the security of all personal information seriously, and appropriate measures and use reasonable care to safeguard personal information held or stored at our premises or site from unauthorised access, misuse, interference, modification and disclosure. Our security measures include:
restricting access to personal information on ‘need to know’ basis i.e. only personnel who need that information to effectively provide services will gain access;
monitoring and logging access to LookedAfter servers;
having technological measures in place to ensure security;
using secure work environments; and
periodically reviewing and improving security measures.
We cannot guarantee the security of any information that is transmitted to or by us over the internet, and we note that the transmission and exchange of information is carried out at your own risk. But we do take the security of your information seriously and will take measures to safeguard against unauthorised disclosures of information within our control.
4.3 How long do we hold your personal information?
We will only keep personal information for as long as it is needed for any purpose for which it was collected. In most cases, this means we only retain your Personal Information for the duration of your relationship with us unless we are required to retain the information under Australian law or by order of an Australian court, tribunal or other government agency.
Where information is no longer needed or required by law to be kept by us, we will de-identify or destroy the information in a secure manner.
5. Accessing or correcting your information
You may access and correct your personal information directly within the LookedAfter Platform. You may contact the Service Provider to provide you with support to access and amend your information.
Where an update to your personal information is made, you may request us to take reasonable steps to distribute the corrected information to other recipients who had access to the initial data.
6. Privacy and data breach obligations
Please contact us immediately if you become aware of or suspect any breach of security relating to personal information. If reasonable grounds establish there has been a data breach relating to personal information, we will comply with our obligations and responsibilities under relevant privacy laws (including the notifiable data breaches regime in Australia), including any obligation to notify you of the data breach and take effective remedial action to protect your personal information.
7. Cookies
When an individual visits or uses our Website, personal information and user data may be collected automatically through cookies. A cookie is a small text file that is stored on your device when you visit websites. It represents information to the website that assists with providing you a better browsing experience. Cookies provide information in relation to your browsing behaviour, but generally will not identify you.
You can remove or block cookies by updating your browser settings if you feel uncomfortable about them. However, please note that removing or blocking the cookies can affect your browsing experience and the Website’s functionality.
8. Social networking services
We use social networking services such as Facebook, Twitter and LinkedIn to communicate with the public about our services. When you communicate with us using these social networking services, we may collect your personal information, but we only use it to help us to communicate with you.
The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies – you can access the privacy policies for these companies on their websites.
9. Links to other websites
The LookedAfter Platform and our Website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third-party provider or website, and we are not responsible for the privacy policies or the content of any third-party provider or website. We are not responsible for any practices on linked websites that might breach your privacy.
10. Your choice
Ultimately, it is up to you whether you want to share your personal information with us or not. In order for us to effectively facilitate the relationship between you, the Service Provider, and government agencies, and allow you with access to and use of our platform, we will need certain information, and you will not be able to access or use all Services without providing that information.
11. Who can you complain to?
If you wish to contact us about a privacy matter or are concerned about the way we have handled your personal information, you can lodge a written request or complaint with us using the contact details below:
Post:
Privacy Officer
LookedAfter Pty Ltd
30-32 Hull Street
Richmond VIC 3121
Email: privacy@lookedafter.com
In the case of lodging a complaint, you will be asked to provide proof of your identity and full details of your request in writing before we can process your complaint. Please allow up to 30 (thirty) days for us to respond to your complaint.
To the extent we are unable to satisfactorily resolve your complaint, you have the right to contact the Office of Australian Information Commissioner (at www.oaic.gov.au/) to lodge a complaint.
12. Updates to the Privacy Policy
We reserve the right to periodically change or update this Policy from time to time. Updated versions of this Policy will be posted on our Website. Please ensure that you review our Website regularly to be advised of updates.
If at any point we decide to use personal information in a manner materially different from that stated at the time it was collected, we will notify individuals by email or via a prominent notice on our website, and where necessary we will seek the prior consent of individuals.
This Policy was last updated on: 16 January 2023