Privacy Policy

Moments Early Learning (‘we’, ‘us’, ‘our’) is committed to protecting the privacy of everyone who visits our website and interact with our services. This Privacy Policy explains how we collect, use, disclose, and store your personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable education and care legislation.

 

By using our website and services, you acknowledge the practices described in this Privacy Policy.

 

1. About Us

Moments Early Learning is an Australian early childhood education and care provider. Our website and digital services are operated from Australia.

If you have any privacy-related questions or concerns, please contact our Privacy Officer using the details at the end of this Policy.

 

2. What Personal Information We Collect

 

We may collect and hold the following types of personal information:

 

2.1 Information you provide directly
  • Full name, gender, date of birth, and contact details (address, email, phone number) of parents, guardians, and authorised contacts
  • Child’s full name, date of birth, gender, and information relevant to their enrolment or, care, and educational program
  • Emergency contact details
  • Custody and court order information relevant to the child’s care and access arrangements
  • Health and, medical, allergy, and dietary information about your child (where relevant to enrolment or care), including immunisation status and details of the child’s medical practitioner
  • Cultural and language background, including Aboriginal and Torres Strait Islander status, and languages spoken at home
  • Centrelink Customer Reference Numbers (CRN) and related information for Child Care Subsidy administration
  • Authorisations (including persons authorised to collect the child, consent for medical treatment, excursion permissions, and administration of medication)
  • Payment and billing information, including bank account details and credit card information
  • Communications you send us via contact forms, email, or phone
  • Observations, photographs, and documentation of children’s participation in the educational program, including samples of children’s work

 

2.2 Information collected automatically

 

  • IP address and general location data
  • Browser type, device type, and operating system
  • Pages visited on our website and time spent on each page
  • Referring URL and search terms used to find our website
  • Cookie identifiers (see Section 7)

 

3. How We Collect Personal Information

We collect personal information in the following ways:

  • Directly from you when you complete an enrolment or enquiry form
  • When you contact us by phone, email, or through our website contact form
  • When you subscribe to our newsletters or marketing communications
  • Automatically through cookies and similar tracking technologies on our website
  • From third parties such as government agencies (e.g., Services Australia) where permitted by law
  • From other professionals or agencies involved in the child’s care or welfare (e.g., allied health professionals, child protection agencies), where permitted or required by law

 

4. Why We Collect and Use Personal Information

We collect and use personal information for the following purposes:

  • To process enrolments, manage waitlists, and deliver early learning services
  • To communicate with you about your child’s care and development
  • To administer billing, subsidies (including the Child Care Subsidy), and payments
  • To comply with our legal and regulatory obligations under the Education and Care Services National Law
  • To respond to your enquiries and provide customer support
  • To send you information about our services, promotions, and updates (where you have consented)
  • To improve our website, services, and the overall parent and carer experience
  • To ensure the safety and wellbeing of children in our care
  • To document and support children’s learning and development

 

5. Sensitive Information

We may collect sensitive information such as health orand medical details, immunisation records, allergy and dietary information about children in our care., and cultural background. We will only collect sensitive information where it is reasonably necessary for providing our services, and with your consent (or where otherwise permitted by law). This information is handled with the utmost care and is only disclosed where required for the care and safety of children or as required by law.

 

6. Disclosure of Personal Information

We may disclose your personal information to:

  • Our staff and educators who require it to deliver early learning services
  • Third-party service providers who assist us in operating our business (e.g., software providers, payment processors), who are required to keep information confidential
  • Government agencies and regulators, including the Australian Children’s Education & Care Quality Authority (ACECQA), the Department of Education, and Services Australia, where required by law
  • Medical professionals and emergency services in the event of a health or safety emergency
  • Our professional advisers, such as accountants, lawyers, and insurers, on a confidential basis
  • The relevant state or territory regulatory authority, as required
  • Child protection agencies, police, or other authorities where required by law

 

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

 

7. Overseas Disclosure

We may store information using cloud-based services or software providers whose servers may be located overseas. Where this occurs, we take reasonable steps to ensure those third parties comply with the APPs or a substantially similar privacy framework. By using our services, you consent to potential overseas disclosure in these limited circumstances.

 

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience. Cookies are small text files stored on your device that allow us to:

  • Remember your preferences and settings
  • Understand how visitors use our website
  • Deliver relevant content and advertising

 

You can manage or disable cookies through your browser settings; however, some features of our website may not function properly if cookies are disabled. By continuing to use our website, you consent to our use of cookies as described in this Policy.

8A. Photographs and Surveillance

Our centres may use CCTV cameras for safety and security purposes. CCTV footage is stored securely and access is limited to authorised personnel. Signage is displayed at centre entrances where CCTV is in operation.

Educators may photograph or record children for learning documentation or centre communications. We will obtain your consent before publishing any photographs or recordings externally, and you may withdraw consent at any time.

may use third-party digital platforms (such as parent communication apps or learning management systems) to support our services. We take reasonable steps to ensure these providers protect your information in a manner consistent with this Policy.

 

9. Data Security

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, unauthorised access, modification, or disclosure. These measures include:

  • Secure storage of physical records
  • Password-protected systems and access controls
  • Encryption of sensitive data where appropriate
  • Regular review of our security practices
  • Staff training on privacy obligations, data handling, and confidentiality requirements
  • Restricting access to personal information to authorised personnel who require it to perform their duties

 

No data transmission over the internet is completely secure. While we take all reasonable precautions, we cannot guarantee the absolute security of information transmitted to or from our website.

 

10. Retention of Personal Information

We retain personal information for as long as it is needed to fulfil the purposes for which it was collected, or as required by law. Children’sChildren’s records may beare retained for the periods prescribed under applicable education and care legislation. Once no longer required, personal information is securely destroyed or de-identified.

 

11. Accessing and Correcting Your Information

Under the Privacy Act 1988 (Cth),, you have the right to:

  • Request access to the personal information we hold about you or your child
  • Request that we correct any inaccurate, incomplete, or outdated information

 

To make an access or correction request, please contact our Privacy Officer (see Section 1417). We will respond within 30 days. In some cases, we may be required by law to refuse access, in which case we will explain the reason in writing.

 

12. Opting Out of Marketing

If you have subscribed to our newsletters or marketing communications, you may opt out at any time by clicking the ‘unsubscribe’ link in any email we send, or by contacting us directly. We will process your opt-out request promptly.

 

13. Children’s Privacy

Our website is directed at parents, guardians, and carers. We do not knowingly collect personal information directly from children under the age of 18 through our website. Personal information about children is collected only from their parents or authorised guardians as part of the enrolment process and ongoing service delivery.

 

14. Complaints

If you believe we have handled your personal information in a way that does not comply with the Privacy Act 1988 (Cth)privacy law or this Privacy Policy, you may lodge a complaint with us. Please contact our Privacy Officer in the first instance. We will investigate your complaint and respond within 30 days.

 

If you are unsatisfiednot satisfied with our response, you may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • Post: GPO Box 5218, Sydney NSW 2001

 

15. Data Breach Procedures

Moments Early Learning is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). This section explains what we do if a data breach occurs.

 

15.1 What is an eligible data breach?

An eligible data breach occurs when:

  • There is unauthorised access to, unauthorised disclosure of, or loss of personal information we hold; and
  • The breach is likely to result in serious harm to one or more individuals whose information is involved.

 

Serious harm may include physical, psychological, emotional, financial, or reputational harm.

 

15.2 How we detect and assess a breach

We have internal procedures to detect, report, and assess potential data breaches. When we become aware of a suspected breach, we will:

  • Act immediately to contain the breach and limit any further exposure of personal information
  • Assess whether the breach is likely to result in serious harm to affected individuals
  • Document the breach, its circumstances, and the steps taken in response
  • Escalate the matter to our Privacy Officer within 24 hours of detection

 

We aim to complete our assessment within 30 days of becoming aware of the potential breach, consistent with our obligations under the NDB scheme.

 

15.3 Notifying affected individuals

If we determine that an eligible data breach has occurred, we will notify affected individuals as soon as practicable. Our notification will include:

  • The identity and contact details of Moments Early Learning
  • A description of the data breach and the kinds of personal information involved
  • A summary of the steps we have taken in response
  • Recommendations about the steps affected individuals should take to reduce their risk of harm

 

Where it is not reasonably practicable to notify affected individuals directly, we will publish a notice on our website and take other reasonable steps to bring the notice to the attention of affected individuals.

 

15.4 Notifying the OAIC

Where we determine that an eligible data breach has occurred, we will notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable by submitting a statement via the OAIC’s online notification form. We will provide the OAIC with all information required under the NDB scheme, including the nature of the breach, the information involved, and the steps taken in response.

 

15.5 Containment and remediation

Following a data breach, we will take steps to prevent further breaches of a similar nature. These steps may include:

  • Resetting affected passwords or access credentials
  • Reviewing and strengthening access controls and security systems
  • Engaging cybersecurity specialists where appropriate
  • Reviewing staff training on data security and privacy obligations
  • Updating our policies and procedures as necessary

 

15.6 Record keeping

We maintain an internal register of all data breaches (including those that do not meet the threshold for notification). This register records the date and nature of the breach, the information involved, the assessment outcome, the steps taken, and whether notification was provided. Our Privacy Officer is responsible for maintaining this register.

 

15.7 Reporting a suspected breach

If you believe your personal information held by us has been compromised, please contact our Privacy Officer immediately using the details in Section 16. We take all reports seriously and will investigate promptly.

 

16. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on our website and update the ‘Last Updated’ date. We encourage you to review this Policy periodically. Continued use of our website following changes constitutes your acceptance of the updated Policy.

 

17. Contact Us

For any questions, requests, or complaints regarding this Privacy Policy, or to exercise any of your rights described in this Policy, please contact our Privacy Officer:

 

Moments Early Learning — Privacy Officer

Email: admin@momentsearlylearning.com.au