Privacy & Security Policy
Effective Date: May 27, 2024
At Child Friendly Pro Ltd. (“ChildFriendly”, “we”, “us”), we are committed to protecting the privacy, security, and integrity of the data entrusted to us. This Privacy & Security Policy explains how we collect, use, store, and protect data within our software-as-a-service platform.
Scope and Responsibilities
ChildFriendly provides software-as-a-service (SaaS) to childcare operators and similar organizations. These organizations (our “Customers”) use our platform to collect, manage, and store information related to the children in their care, their families, and their staff. This information, entered and controlled by the Customer, is referred to in this policy as “Customer Data.”
ChildFriendly is the data processor of Customer Data. The Customer (e.g., childcare provider or organization) is the data controller, meaning they determine what information is collected, how it is used, and for what purpose.
This policy applies to:
• Customer Data: Data entered into the ChildFriendly platform by or on behalf of the Customer.
• Administrative User Data: Account and usage data provided by the Customer’s staff or authorized users.
If you are a parent, guardian, or staff member whose information has been entered into ChildFriendly by a childcare provider, please contact that provider directly for any questions about what data has been collected or how it is used.
Security Measures
We take extensive measures to protect Customer Data and Administrative User Data within our systems:
Authentication & Access Controls
All ChildFriendly accounts require strong, complex passwords. Each Customer controls user access roles and permissions within their organization, with the ability to reset or revoke access as needed.
System Monitoring
Our development team continuously monitors our systems for vulnerabilities, unauthorized access attempts, and potential security threats.
Hosting and Infrastructure
All Customer Data is securely stored in Microsoft Azure’s North American cloud infrastructure, primarily in the U.S. West 2 data center (Washington State, USA). Microsoft Azure meets leading compliance standards, including:
• ISO/IEC 27001
• SOC 1 Type II
• SOC 2 Type II
• SOC 3
Data is protected using:
• Encryption at rest and in transit
• Strict access controls
• Secure development lifecycle practices
What We Collect
We collect limited data for two purposes: to provide services to our Customers, and to support platform functionality.
Customer Data (Provided by Our Customers):
This may include:
• Child information (names, birthdates, medical needs, etc.)
• Parent/guardian contact details
• Staff employment details
• Attendance, scheduling, and billing information
ChildFriendly does not determine what Customer Data is collected. That decision is made solely by the Customer.
Administrative User Data (Collected Automatically or via Account Setup)
This includes:
• Names and contact information of authorized users
• Account credentials and roles
• Usage logs and device/browser details
• Communication logs (e.g., support tickets, webinar registrations)
Use of Customer Data
We use Customer Data and Administrative User Data solely for the following purposes:
• Operating, maintaining, and improving the ChildFriendly platform
• Providing customer support
• Enforcing platform policies and ensuring legal compliance
• Sending service-related notifications and system updates
• Analyzing anonymized data to enhance system features
We do not sell or use Customer Data.
Third-Party Services
We may share limited Customer Data or Administrative User Data with trusted third-party providers that help us deliver core services. These providers include, but are not limited to:
• Microsoft Azure – cloud hosting
• Stripe & Rotessa – payment processing (PCI Level 1 compliant)
• QuickBooks – optional accounting integration
• Google Analytics & Sentry – performance and usage monitoring
• FreshDesk – customer support management
We share only what is strictly necessary and require all third-party vendors to adhere to strong privacy and security standards.
Data Privacy Rights & Account Management
If you are a parent or staff member whose data was entered by a childcare provider:
ChildFriendly is not the collector of this information and cannot modify or delete it on your behalf. Please contact your childcare provider directly to request any changes or deletions, as they have full control over the Customer Data they collect and store.
If you are a childcare provider or organization using ChildFriendly:
As the account owner, you have full control to manage, update, and delete Customer Data within your account at any time by logging into the platform.
If you wish to permanently delete your entire account and all associated applicable data, you may contact us at terms@childfriendlypro.com.
Marketing Preferences
• Email: Click “unsubscribe” in marketing emails
• SMS: Reply “STOP” or contact us
• Cookies/Tracking: Adjust browser settings to manage tracking
Please note: Essential service communications (e.g., password resets, billing notices) cannot be opted out of.
Events & Webinars
When you register for a ChildFriendly event or webinar, we collect only the information necessary to manage your participation. This data is stored securely and never shared without your explicit consent.
Legal Disclosures
We may disclose data in the following cases:
• As required by law, subpoena, or court order
• To investigate or prevent fraud, abuse, or threats to safety
• As part of a business transaction such as a merger or asset sale
Contact Us
For questions, concerns, or other privacy/ security related requests, contact us at privacy@childfriendlypro.com
At Child Friendly Pro Ltd. (“ChildFriendly”, “we”, “us”), we are committed to protecting the privacy, security, and integrity of the data entrusted to us. This Privacy & Security Policy explains how we collect, use, store, and protect data within our software-as-a-service platform.
Scope and Responsibilities
ChildFriendly provides software-as-a-service (SaaS) to childcare operators and similar organizations. These organizations (our “Customers”) use our platform to collect, manage, and store information related to the children in their care, their families, and their staff. This information, entered and controlled by the Customer, is referred to in this policy as “Customer Data.”
ChildFriendly is the data processor of Customer Data. The Customer (e.g., childcare provider or organization) is the data controller, meaning they determine what information is collected, how it is used, and for what purpose.
This policy applies to:
• Customer Data: Data entered into the ChildFriendly platform by or on behalf of the Customer.
• Administrative User Data: Account and usage data provided by the Customer’s staff or authorized users.
If you are a parent, guardian, or staff member whose information has been entered into ChildFriendly by a childcare provider, please contact that provider directly for any questions about what data has been collected or how it is used.
Security Measures
We take extensive measures to protect Customer Data and Administrative User Data within our systems:
Authentication & Access Controls
All ChildFriendly accounts require strong, complex passwords. Each Customer controls user access roles and permissions within their organization, with the ability to reset or revoke access as needed.
System Monitoring
Our development team continuously monitors our systems for vulnerabilities, unauthorized access attempts, and potential security threats.
Hosting and Infrastructure
All Customer Data is securely stored in Microsoft Azure’s North American cloud infrastructure, primarily in the U.S. West 2 data center (Washington State, USA). Microsoft Azure meets leading compliance standards, including:
• ISO/IEC 27001
• SOC 1 Type II
• SOC 2 Type II
• SOC 3
Data is protected using:
• Encryption at rest and in transit
• Strict access controls
• Secure development lifecycle practices
What We Collect
We collect limited data for two purposes: to provide services to our Customers, and to support platform functionality.
Customer Data (Provided by Our Customers):
This may include:
• Child information (names, birthdates, medical needs, etc.)
• Parent/guardian contact details
• Staff employment details
• Attendance, scheduling, and billing information
ChildFriendly does not determine what Customer Data is collected. That decision is made solely by the Customer.
Administrative User Data (Collected Automatically or via Account Setup)
This includes:
• Names and contact information of authorized users
• Account credentials and roles
• Usage logs and device/browser details
• Communication logs (e.g., support tickets, webinar registrations)
Use of Customer Data
We use Customer Data and Administrative User Data solely for the following purposes:
• Operating, maintaining, and improving the ChildFriendly platform
• Providing customer support
• Enforcing platform policies and ensuring legal compliance
• Sending service-related notifications and system updates
• Analyzing anonymized data to enhance system features
We do not sell or use Customer Data.
Third-Party Services
We may share limited Customer Data or Administrative User Data with trusted third-party providers that help us deliver core services. These providers include, but are not limited to:
• Microsoft Azure – cloud hosting
• Stripe & Rotessa – payment processing (PCI Level 1 compliant)
• QuickBooks – optional accounting integration
• Google Analytics & Sentry – performance and usage monitoring
• FreshDesk – customer support management
We share only what is strictly necessary and require all third-party vendors to adhere to strong privacy and security standards.
Data Privacy Rights & Account Management
If you are a parent or staff member whose data was entered by a childcare provider:
ChildFriendly is not the collector of this information and cannot modify or delete it on your behalf. Please contact your childcare provider directly to request any changes or deletions, as they have full control over the Customer Data they collect and store.
If you are a childcare provider or organization using ChildFriendly:
As the account owner, you have full control to manage, update, and delete Customer Data within your account at any time by logging into the platform.
If you wish to permanently delete your entire account and all associated applicable data, you may contact us at terms@childfriendlypro.com.
Marketing Preferences
• Email: Click “unsubscribe” in marketing emails
• SMS: Reply “STOP” or contact us
• Cookies/Tracking: Adjust browser settings to manage tracking
Please note: Essential service communications (e.g., password resets, billing notices) cannot be opted out of.
Events & Webinars
When you register for a ChildFriendly event or webinar, we collect only the information necessary to manage your participation. This data is stored securely and never shared without your explicit consent.
Legal Disclosures
We may disclose data in the following cases:
• As required by law, subpoena, or court order
• To investigate or prevent fraud, abuse, or threats to safety
• As part of a business transaction such as a merger or asset sale
Contact Us
For questions, concerns, or other privacy/ security related requests, contact us at privacy@childfriendlypro.com
