Privacy Policy

 

Purpose

This Privacy Policy applies to Simba Education PTY LTD A.C.N 677 801 357 (“Company,” “we,” “us,” or “our”) and outlines how we manage personal information. We are committed to safeguarding your privacy and ensuring the confidentiality of any personal information collected by us, including information provided by third parties. Our practices adhere to the Australian Privacy Principles as outlined in the Privacy Act 1988 (Cth) (“the Act”).

The Company is dedicated to protecting personal information in compliance with privacy laws while delivering child care services through the centres it operates and manages.

This Privacy Policy details how we collect, store, use, disclose, secure, and manage personal information, including that of individuals using our services. It explains the types of information we collect and why, how you can access and correct your information, and the process for lodging a privacy complaint.

Types of personal information we collect and hold

We collect personal information from various sources, including but not limited to individuals who use our services, retailers, vendors, business partners, and prospective employees.

Personal information refers to any information or opinion about you, or information that could reasonably be used to identify you. The types of personal information we may collect include:

  • Your name, address, date of birth, and contact details;

  • Information about children enrolled in our centres and their families, such as health, education, and financial details (e.g., information related to government funding support);

  • Enrolment history, attendance records, services used, and any other information related to attendance at our centres or use of our services;

  • Information provided when you apply to enrol your child at our centres; and

  • If you apply to work with us, details of your previous employment, qualifications, residency status, and proof of identity.

Sources of personal information

In most cases, we collect personal information directly from you, unless it is unreasonable or impracticable to do so. In certain circumstances, we may obtain personal information about you from third parties, such as your employer, representatives, or personal referees, or from publicly available sources.

If you provide us with personal information about third parties, we do so on the understanding that you have obtained the relevant individual’s consent for us to collect and handle their information in accordance with this Privacy Policy.

We will seek your consent before collecting sensitive information, such as details about your health, unless the collection is required or permitted by law without your consent.

You may choose not to provide personal information

If you choose not to provide personal information we request, we may not be able to provide you with child care services, process your application or allow you to participate in training, recruitment programmes, marketing initiatives or information campaigns.

How personal information is gathered and held

We may collect your personal information when you use our online services (including providing payment details such as credit card or bank account information), complete forms or documents (such as enrolment applications), contact our service centres, participate in marketing or information initiatives, interact with our business partners, or apply for employment with us.

Your personal information may be stored in our computer systems, databases, or paper records. We may also engage agents and third-party suppliers to provide data storage services.

We take reasonable steps to securely store the personal information you provide and to protect it from misuse, interference, loss, unauthorised access, modification, or disclosure. For payments, we use secure online facilities and service providers to process credit card transactions, ensuring your details cannot be accessed via the internet once payment is completed.

However, while we implement protective measures, the Company cannot guarantee absolute protection against unauthorized access or misuse of personal information. By providing your information, you acknowledge and agree that the Company is not liable for any such unauthorized access or misuse.

We will generally take reasonable steps to destroy or permanently de-identify your personal information once it is no longer required. However, we may retain it when required or permitted by law, such as for legal, insurance, corporate governance, or fraud prevention purposes. Personal information may also be retained in backup systems.

When dealing with the Company you may be:

enrolled at one of our child care services or a parent of a child enrolled at one of our centres, or who is applying to enrol your child.

  • a former user of our child care service, or a client or customer of a business partner of ours.

  • a participant in any promotion run by us, or who has provided information in connection with an inquiry about us or our business, or in connection with a marketing initiative we conduct.

  • a supplier, employee, or other person required to undertake accreditation or achieve any clearance or
    approval in order to deal with us or be involved in any way with our business; or

  • an applicant for employment, either directly or through our recruitment services provider.

How we collect information through our websites

The Company manages the website and collects information through various methods available on the site.

·         Analytics: We use Google Analytics, a third-party service, to gather data about how users interact with our website. This data is collected solely to enhance your experience on our site. The information gathered includes your device’s IP address, screen size, device type, operating system, browser details, geographic location, referring domain and outbound links (if applicable), search terms, pages visited, and the date and time you accessed website pages. For more information about Google Analytics, visit here.

·         Cookies: Cookies are small data files stored locally on your computer or device at the request of websites. They are used for record-keeping and to improve website functionality. We do not use cookies to specifically track or identify individual users of our website.

  • Email lists, registrations, and feedback: We will collect information that you provide to us when signing up to mailing lists and registering for our events, or when submitting feedback on your experience with our website.

  • To collect voluntary feedback on your experience with our website.

Anonymity

You may request to interact with us anonymously or under a pseudonym in certain situations. This may be possible in cases such as when you are seeking general information about our products or services or requesting indicative pricing. However, in most instances, it will not be practical for us to accommodate anonymity. For example, accurate personal information is required to initiate or complete an enrolment application.

Purposes for collecting, holding, using and disclosing personal information

We collect personal information only when it is reasonably necessary for our functions or activities. This may include managing and operating our business, providing our services, determining your eligibility for funding support or other benefits, or evaluating your suitability for employment with us.


How we use and disclose your personal information

We will typically use or disclose your personal information only for the purpose for which it was collected, or for related purposes that we believe would be within your reasonable expectations. These may include providing our services to you, sharing information, offering online services or information, or allowing you to access our recruitment facilities. If we intend to use your information for any purpose that you would not reasonably expect, we will seek your consent, unless we are required or permitted by law to do so without your consent.

Disclosure to overseas recipients

In some cases, the suppliers and service providers to whom we disclose your personal information may be based overseas.

Social networking

We use social networking platforms like Facebook and Instagram to engage with the public about the Company and our activities. When you interact with us through these platforms, we may collect your personal information. Additionally, these social networking services may process your personal information for their own purposes. Each platform has its own privacy policy, and we recommend reviewing these policies on their respective websites.

Who we may disclose your personal information to and why

We, or our authorised agent, may disclose your personal information to:

  • Any person you have authorised.

  • A mail house, records management company, or technology service provider (e.g., for printing and/or delivering mail and emails, or securely storing and managing records);

  • Service providers engaged by the Company to assist in providing our services or supporting the health and care of children enrolled at the child care centres we manage (including, but not limited to, health service providers, insurers, government authorities, service providers managing our website servers, IT infrastructure, and human resources information);

  • An organisation that provides banking services to you (for arranging direct debits, other payment transactions, or confirming payments made to us);

  • Any company conducting surveys on our behalf to improve or enhance our services.

Personal information about you may also be collected from these individuals or organisations.

Notifiable Data Breaches (NDB)

The Notifiable Data Breaches (NDB) scheme requires businesses regulated by the Privacy Act, including education and care services, to notify the Office of the Australian Information Commissioner (formerly the Privacy Commissioner) and affected individuals in the event of a data breach (i.e., data leak) that is “likely” to cause “serious harm.”

  • If a data breach occurs at our service, the approved provider will promptly and reasonably assess whether the breach is likely to result in serious harm to any affected individuals.

  • Failure to notify a data breach that results in serious interference with privacy under the Privacy Act may lead to a fine of up to $360,000 for individuals or $1.8 million for organizations.

  • Individuals who are likely at risk of serious harm will be notified without delay. The Office of the Australian Information Commissioner must also be informed as soon as practicable, with a statement regarding the eligible data breach.

Accessing and seeking correction of your personal information

Our goal is to maintain accurate, complete, up-to-date, and relevant personal information.

When you receive enrolment or re-enrolment notices, general correspondence, or any other communication from us, please ensure that the information we hold about you is correct.

You can request access to the personal information we hold about you at any time and ask us to correct any inaccuracies. Requests must be made in writing and delivered to the Company. We will aim to respond to your request within 30 days of receipt.

Before granting access or making changes to your information, we may ask you to verify your identity.

If we determine that any personal information we hold is inaccurate, outdated, incomplete, irrelevant, or misleading, we will update our records accordingly.

If we deny you access to your information or do not make the requested corrections, we will inform you in writing, explaining the reasons for our decision. If we do amend your personal information, you may request us to inform any third parties to whom we have previously disclosed the information. Generally, there will be no restrictions or charges for this.

How to make a complaint

If you wish to make a complaint about how we have handled your personal information, please submit the complaint in writing. If you need assistance, feel free to contact us.

Upon receiving a complaint, we will assess whether any action is needed to resolve the issue. If we determine that further investigation is required, a senior employee of the Company will typically handle the matter.

We will aim to respond to your complaint within 30 days of receipt. If you are not satisfied with our response, you may request a review by a senior officer of the Company, or you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC).


Related Legislation, Guidelines, Standards, Frameworks

• Education and Care Services National Law

• Education and Care Services National Regulations: 168(2)(l), 181, 182, 183

• Australian Privacy Principles

• Privacy Act 1988 (Privacy Act)

• Australian Child Protection Legislation https:// aifs.gov.au/cfca/ publications/ Australian-child-protection-legislation

• National Quality Standard, Quality Area 7: Governance and Leadership - Standard 7.1 Element 7.1.2

Resources / Useful Links

• ACECQA’s Guide to the National Quality Framework - https://www.acecqa.gov.au/nqf/about/guide

• Australian Privacy Principles – www.oaic.gov.au

• Office of the Australian Information Commissioner – www.oaic.gov.au

• Privacy Act 1988 (Privacy Act) – www.oaic.gov.au/privacylaw/privacy-act

• Early Childhood Australia – https://www.earlychildhoodaustralia.org.au/

How to contact us

Email: contact@simba.nsw.edu.au

Telephone: 0405 578 975

Support Office: 68 Waterloo Road, Macquarie Park, NSW, 2113

Last Edited: 16/12/2024