Privacy Policy

Last updated 1 February 2019

1.     Application

This Privacy Policy (Policy) explains how Penguin Childcare early learning centres (which are owned and operated by G8 Education Ltd ACN 123 828 553) (we, our or us) and any website we operate (website), collect, handle and protect your personal information.

We comply with the Privacy Act 1988 (Cth) (Privacy Act) and handle personal information that we collect in accordance with the Australian Privacy Principles (APPs). The Privacy Act and the APPs apply to all our child care services operating nationally.

By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us.  This Policy should be read together with any terms and conditions related to our dealings with you and any location specific legal notice.

2.     What is personal information?

Personal information means information or an opinion about you which identifies you (or from which you can reasonably be identified), or as otherwise defined by applicable privacy law.  It does not include information that is de-identified (anonymous data).

3.     Dealing with us anonymously

Where it is lawful and practicable to do so, you may deal with us anonymously (e.g. when enquiring about our services generally).  However, we usually need your name, contact information and other details to enable us to provide our services to you.

4.     Why do we collect personal information?

We will only collect personal information from you when it is reasonably necessary to undertake our business activities and functions, or as otherwise permitted by law.  We may collect your personal information for one or more of the following purposes (depending on our relationship with you):

  • to provide our child care services to your children, with their well-being, protection and development in mind
  • to contact you with helpful resources to support your child’s journey and milestones
  • to administer and manage our services including charging, billing and collecting debts
  • to analyse our customer needs with a view to developing new and/or improved services
  • for market research and surveys, direct marketing, promotions and/or competitions
  • to notify you (either directly or via a third party advertising platform) about special offers and services available from us or our partners
  • to ensure the proper function of our website and online software
  • fulfilling our mandatory reporting obligations required by applicable law
  • if you are applying for a job, to assess your application for a role with us and to take references
  • any other purpose that you have consented to
  • any related secondary purpose which we believe you would reasonably expect when we collected your personal information or as a result of our ongoing relationship with you
  • to respond to and manage inquiries, complaints, feedback and claims, defend our legal interests and investigate and protect against fraud, theft and other illegal activities

We may also use your personal information for other purposes not listed above which will be made clear to you at the time we collect your personal information, or for such purposes as may be required or permitted by law.

5.     What personal information do we collect and hold?

The personal information collected depends on the dealings you have with us.

Child care enrolments

If you enrol (or contact us to enquire about enrolling) your child at one of our centres, we may collect you or your child’s:

  • name, date of birth, gender, address (postal and email) and telephone numbers
  • government identifiers (for example Centrelink or Medicare reference numbers)
  • other information necessary for our functions and activities, including sensitive information described in this policy
  • with your consent, image or video

and details of your:

  • occupation
  • financial information (including credit card details)
  • details of your nominated emergency contact person
  • opinion in relation to any of our services
  • other such information (including proof of identity) that is relevant for us to provide our services to you in the manner that you have requested, or to comply with the law

Visitors to our websites

We may collect personal information about you when you use and access our website.

While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the IP address assigned to your computer.

We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.

Sensitive Information

We only collect sensitive information where it is reasonably necessary for our functions or activities and either you have explicitly consented, or we are required or authorised by law to do so. 

In some circumstances we may ask for personal information that is sensitive. This may include information such as your child’s racial or ethnic origin or any cultural or religious requirements (for example, for staff to use in educational programs).  We are also required by law to collect and hold details of your child’s medical conditions, immunisation history and additional needs. We collect this information as it is reasonably necessary for ensuring the well being, protection and development of children in our care.

If you apply for a position with us, we may collect your health information, medical history, information about national origin or immigration status, or optional demographic information such as race.

Financial information

We may collect your credit card details or other financial information where you provide them to us for the purposes of arranging direct debit or payment plans you have requested.  Financial or credit card information we collect from you is strictly confidential and held on secure servers. 

Government identifiers

In certain circumstances we are required, to collect government identifiers such as those used by Centrelink and the Department of Human Services. We will only use or disclose this information in accordance with the law.

6.     How is personal information collected?

We will normally only collect personal information directly from you when you provide it to us:

  • when you attend our centres, complete an enrolment form or survey
  • when you call us, email us or post us your information
  • via our website or our social media pages
  • if you apply for any job vacancy
  • if you make a complaint to us

We may sometimes collect personal information about you from other sources, for example our third-party suppliers and contractors who assist us to operate our business (such as a third party payment gateway or a recruitment agency).

7.     Using and disclosing personal information

We will not sell, share or pass your personal information on to any third parties, other than in accordance with this Policy, with your consent or to those who are contracted to us to keep personal information confidential.  We may disclose personal information:

  • to our related bodies corporate, suppliers, consultants, contractors or agents to help us to provide you with the requested services
  • if we merge with or are acquired by another entity, to that entity as a part of the merger or acquisition
  • to relevant federal, state and territory authorities for the purpose of investigating a health or safety issue, including a workplace health and safety matter or child protection matter
  • when conveying information to a responsible person (e.g. a guardian or emergency contact), unless you have requested otherwise
  • as required by law
8.     Do we disclose any information overseas

We may disclose personal information outside of Australia to our third party suppliers such as cloud storage providers or datacentres for software we use.  When you provide your personal information to us, you consent to the disclosure of your information outside of Australia. We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the APPs.

9.     Marketing and your consent/opting out

We and/or our carefully selected partners may send you direct marketing communications and information about our services. This may take the form of emails, SMS or mail, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (eg an unsubscribe link).

We may occasionally engage other companies to provide marketing or advertising services on our behalf.  Those companies will be permitted to obtain only the personal information they need to deliver the service. If we provide those companies with any of your personal information, it is to provide you with a better or more relevant and personalised experience and to improve the quality of those services.  We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.

10.  Third party advertising services

We may utilise certain third-party advertising services (e.g. organizations such as FastClick or Google) to display advertising for our advertisers. These third-party services may place a cookie on your computer for the purposes of ad tracking and presentation. We do not share personally identifiable visitor information with these third-party services.

11.  Storing personal information

We take all reasonable and appropriate steps (including organisational and technological measures) to protect your personal information from misuse, interference and loss, and unauthorised access, modification or disclosure.  Some of the ways this is done include:

  • requiring our staff to maintain confidentiality
  • implementing physical and network security measures
  • providing a secure environment and access control for confidential information
  • only allowing access to personal information where the individual seeking access has satisfied our identification requirements

Where we store your personal information depends on what interaction you have had with us. These include electronic databases, email databases for marketing communications or secure archiving for paper based forms.

We will only store your personal information for as long as our dealings with you continue, or as otherwise required by law.

12.  Data breaches

The Privacy Act requires us to notify affected individuals and the Australian Privacy Commissioner about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:

  • there is unauthorised access to or disclosure of personal information we hold (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
  • the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates; and
  • we are unable to prevent the likely risk of serious harm with remedial action.

If it is not clear whether a suspected data breach meets these criteria, we will investigate and assess the breach to determine whether the breach is an ‘eligible data breach’ that requires us to notify the affected individuals.  This is to ensure that you are notified if your personal information is involved in a data breach that is likely to result in serious harm.  Even if the criteria are not met, we may decide it appropriate to notify you anyway as part of our commitment to taking privacy seriously. 

13.  Keeping personal information accurate and up to date

You can access the personal information we hold about you by contacting us using the information below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.

14.  Changes to our Privacy Policy

We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

15.  Contact us

If you have a question or comment regarding this Policy or wish to make a complaint or exercise your privacy rights, please contact our Privacy Officer on the following details:

Phone:  +61 (07) 5581 5300

Post: Privacy Officer
G8 Education Ltd
PO Box 515
Varsity Lakes, QLD

E-mail: privacy@g8education.edu.au  

We will need to verify you, and we will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.

If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) via the OAIC website: www.oaic.gov.au.