Privacy Policy
Last updated: May 2024
Nautilus Media Group Pty Ltd (ACN 164 132 781), an Australian corporation and its international subsidiaries CaringLife UK Ltd and CaringLife USA LLC (hereafter referred to as CaringLife, we, us, our) is the owner, operator and licensor of the Website and the Service.
Our Terms of Service and our Privacy Policy are collectively referred to as the Agreement (“Agreement”).
CaringLife provides this Privacy Policy to help you make an informed decision about whether to use or continue using the CaringLife Website, the Software and/or the Service. If you do not agree to our practices, please do not use the Website, Software or Service.
This Privacy Policy is subject to the Terms of Service. Your use of the Website, Software and the Service and any personal information you provide on the CaringLife Website or Service remains subject to the terms of this Agreement.
Capitalised terms defined in CaringLife’s Terms of Service have the same meaning in this Privacy Policy.
We know how important security and privacy is to you. They are at the heart of CaringLife and as such we strive to make things as safe and clear as possible for everyone involved.
This Privacy Policy sets out how CaringLife (“we”) treat the privacy of those who use our Website and associated services and others with whom we interact.
Please take a moment to read this Privacy Policy so you understand how we process Personal Data.
Summary: CaringLife collects and uses your personal info. If you disagree, please don't use our services.
Part A: Privacy Policy
- Application
This Privacy Policy refers to all “Personal Information” or “Personal Data” as information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
This Privacy Policy applies to all Personal Data processed by CaringLife, including, but not limited to Personal Data submitted by Authorised Account Holders and Users through the Service.
This Privacy Policy does not apply to the practices of companies that CaringLife does not own or control, or to individuals whom CaringLife does not employ or manage, including any of the third parties to which CaringLife may disclose user information as set forth in this Privacy Policy.
- Changes
From time to time we will review our Privacy Policy to keep pace with changes in our Service and any data protection and privacy laws applicable to the processing of Personal Data that we are committed to comply with, including:
- (a) the Privacy Act 1988 (Cth, Australia);
- (b) the Privacy Act 1993 (New Zealand);
- (c) the Personal Information Protection and Electronic Documents Act, SC 2000, c5 (federal, Canada);
- (d) the Personal Information Protection Act (Alberta, Canada)
- (e) the Personal Information Protection Act (British Columbia, Canada);
- (f) all applicable United States federal and state privacy laws, including, but not limited to, the California Online Privacy Protection Act (CalOPPA), Early Learning Personal Information Protection Act (ELPIPA);
- (g) the General Data Protection Regulation (EU);
- (h) the Data Protection Act 2018 (UK);
- (i)(i) any other applicable privacy legislation.
(the above collectively referred to as “Data Protection Laws”)
This Privacy Policy is our most recently updated Privacy Policy. Your continued use of the Website and Service constitutes your agreement to this Privacy Policy and any amendments. We encourage you to read our Privacy Policy carefully.
- Collection of Personal Data
We may collect your personal information if you;
- Speak with us directly over the phone or via our support service;
- Have contact with us in person;
- Participate in public or closed surveys, questionnaires, or events;
- Register for face-to-face or online events (such as webinars);
- Interact with us online, via our website, email, or mobile applications;
- Apply for a position with us (either as an employee, or as a volunteer or as a contractor).
The collection of your personal information may be required in order for you to;
- Join our website as a registered user;
- Receive information from us including alerts via email or SMS communications;
- Register to use forum or digital application;
- Download our online resources;
- Register as a volunteer;
- Access services or resources;
- Receive information about or become involved in our programs, campaigns or other initiatives; and/or
- Work with us.
We may collect the following categories of Personal Data in the following situations:
(a) Personal Data you voluntarily provide to us: When you give us your Personal Data directly (whether face-to-face, by telephone, email, post, through social media or by communicating with us in any way), when we meet with an organisation wishing to do business with us and an individual from that organisation provides Personal Data about themselves, or when you sign up or register to become an Authorised Account Holder, or when you enter into a transaction with us you are voluntarily giving us the Personal Data that we collect.
Categories of Personal Data: The Personal Data we may collect includes your name, email address, login for the Service, feedback and suggestions for the Service, IP address, billing information in accordance with our Terms of Service, occupation, employer, job title, and area of responsibilities.
(b) Our email communication list: When you become an Authorised CaringLife Account Holder, or have an activated Carer or Child account, or where you elect to sign up to our email communication list, we may collect your name, email address, and email communication preferences. This will not be used for any third-party, and will only be used for our direct communication with you.
(c) Personal Data we collect automatically: We may collect the Personal Data as log files, and store it against the associated CaringLife Account, and link it to the other Personal Data we hold about a CaringLife Account.
Categories of Personal Data: The Personal Data we may collect includes your IP address, time, date, and your interaction with the Service (including any Content and comments).
(d) Personal Data uploaded and transferred to the Service by Account Holders: We collect Personal Data about persons (Authorised Account Holders use the Service, such as when an Authorised Account Holder):
- (a) creates a Child Profile, or invites another person to become an Authorised Account Holder or User;
- (b) uploads and transfers Content that contains Personal Data (including photographs or videos of another person including Children, or uploads and transfers materials created by another person including Children); or
- (c) posts a comment or tags Content on the Service that contains Personal Data of another person.
We have no direct relationship with any person other than you, and for that reason, you are responsible for making sure you have the appropriate permission for us to collect and process information about any such person. Please see Part B (clause 13) below which outlines your obligations in this regard.
(e) Statistical information: We may collect statistical (nonpersonal) information about your use of the Website and the Service to improve the features and overall user experience. This may include statistical information such as pages accessed on the Website and the Service, search terms, links that are clicked on, Website and Service visit times, browsers and operating systems, IP address, and cookies.
(f) Cookies and tracking: We may use various technologies to collect and store information when you use our Service, and this may include using cookies. You may control the use of cookies at the individual browser level, however your use of the Website and Service may be affected.
In some instances, we may also collect your personal information through the use of “cookies”. When you access one of our websites, we may send a “cookie” (a small summary file containing a unique ID number) to your computer or internet enabled device.
Cookies are used to:
- Recognise your computer or internet enabled device;
- Greet you each time you visit our website;
- Keep track of services you view;
- Measure traffic and engagement patterns, to evaluate our website visitor’s habits;
- Identify and continually improve our services, programs, content and resources;
- If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.
Personal Data may be collected as log files, or through cookies or other tracking technologies, stored against associated CaringLife, CaringLife Accounts, and linked to the other Personal Data we hold about associated CaringLife Accounts
What personal information do we collect?
We collect the personal information which you provide to us. This may include your name, address, age or date of birth, telephone number, organisation, service or institution details, email address, communication preferences.
We may also request:
- Your preferences for receiving further information about our programs, campaigns or activities;
- Additional types of personal information such as title, department name, company information, or demographic information.
The choice of how much information you provide to us is yours, but we require certain information from you in order to provide particular services. Where possible, you have the option of interacting with us anonymously (for example, as a visitor of the website) or using a pseudonym if you feel more comfortable with this.
Summary: We collect personal data via direct interaction, website usage, event registration, or job applications, including names, emails, job titles, IP addresses, and sensitive data for child profiles.
- Use of Personal Data
We collect your Personal Data for the primary purpose of providing our services to you. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
We process Personal Data for the following purposes:
- (a) To administer CaringLife Accounts.
- (b) To enable the features of the Services to be utilised and enjoyed, subject always to our Terms of Service. This may, for example, entail incidental posting of photographs/videos of a Child on another Child’s Profile. Those posts may remain viewable even once a Child’s Authorised Account Holder no longer uses the Service as long as the relevant Child Profile is retained.
- (c) To analyse user behaviour (in respect of the Website) and Authorised Account Holder behaviour (in respect of the Service) for the purposes of:
- Determining Service developments;
- Inviting Users or Authorised Account Holders to explore other features within the Website or Service, and otherwise to generally promote our Service;
- Ensuring the security of the Website and the Service; and
- Combating and preventing breaches of our Terms of Service, other user agreements, this Privacy Policy and our other policies.
- (d) To respond to enquiries, feedback or complaints received from you;
- (e) To perform authorised financial transactions with you and to help us to manage our CaringLife Accounts and administrative services;
- (f) To verify your identity;
- (g) For directly communicating to you (including by email, post, other means, or through functionality within the Service) with information about our Service;
- (h) On an aggregated non-identifiable basis, to:
- Help CaringLife understand its market position;
- Assist with marketing our Service to others, including in respect of any online communications; and
- Deliver a statistical result to help with general CaringLife announcements.
- (i) To protect our legal interests and fulfil our regulatory obligations (if and to the extent necessary);
- (j) For ensuring the trust and safety of any Child and Users of the Service; and
- (k) In other circumstances, provided we comply with applicable Data Protection Laws.
Summary: We use your info to offer services, talk to you, and keep things secure.
- Lawful Basis for Processing
Performance of a contract: You acknowledge and agree that the processing identified below is necessary for the performance of a contract to which the data subject is party (being the Agreement):
- (a) to carry out User and CaringLife Account administration tasks;
- (b) to manage and deliver the Service; and
- (c) to manage any disputes (including disputes over invoices or delivery of Service).
Legitimate interests: In respect of all other processing of Personal Data detailed in this Privacy Policy (including direct marketing activities), such processing is necessary for the purposes of a legitimate interest pursued by CaringLife, and we have assessed that such interests are not overridden by the interests or fundamental rights and freedoms of the persons to whom the Personal Data relates. You have the right to object to the way we process your Personal Data where the processing is based on legitimate interests. For more information see “Your Rights” section below.
Data Processor: For Personal Data uploaded and transferred to the Service by Authorised Account Holders, CaringLife is the Data Processor. The Authority/Agency or other organisation licensing the CaringLife Service is the Data Controller. The Authorised Account Holder is responsible for determining the legal basis for processing that Personal Data. Please see Part B (clause 13) below for the Authorised Account Holder’s obligations.6. Direct communication.
All those with whom we interact have the option to opt-out of receiving direct email communications from us. If you do not wish to continue to receive direct communications from us and/or selected third parties, you should opt-out by clicking on the “unsubscribe” link in any email communications that we might send you.
Please note that some features of the Service may involve us providing, through the functionality within the Service, recommendations or suggestions for goods, services or benefits that we offer.
Summary:
You have the option to stop receiving direct email communications from us. If you wish to unsubscribe from these emails, you can do so by clicking the “unsubscribe” link in any email we send you.However, please note that some features of our Service may still provide you with recommendations or suggestions for goods, services, or benefits that we offer.
- Retention and deletion of Personal Data
We will retain your Personal Data for as long as the CaringLife Account associated with you is active, or as long as needed to provide you with our Service.
We will destroy or de-identify unsolicited personal data if it is lawful and reasonable.
We take steps to regularly destroy Personal Data, however we may:
- (a) in some cases, retain a copy of your Personal Data to comply with our legal obligations, resolve disputes, enforce our agreements and to comply with our trust and safety obligations. Personal Data retained for this purpose will be archived and stored in a secure manner after your CaringLife Account has been closed, and will not be accessed unless required for any of these reasons; and
- (b) retain Personal Data in an aggregated, de-identified or otherwise anonymous form, such that there is no reliable way of identifying you from the information.
Summary:
We keep your Personal Data as long as your CaringLife Account is active or as needed to provide our services.If we get personal data we didn't ask for, we'll destroy or anonymize it if allowed.
We regularly destroy Personal Data, but may:
- (a) Keep a copy to meet legal requirements, resolve disputes, and ensure safety. This data will be securely stored after your account is closed and only accessed if needed.
- (b) Keep data in a way that it cannot be used to identify you.
- Disclosure of Personal Data
Personal information will only be disclosed to third parties in accordance with this privacy policy.
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of goods and services and associated purposes
We will not sell Personal Data to anyone.
We share Personal Data with third parties for limited purposes, such as to help us run our business and provide the Website and Service. Those third parties can be categorised as follows:
- (a) Authorised Account Holders: At the direction of an
Authorised Account Holder (through the Service) shall disclose Content (which may contain Personal Data) to other Authorised Account Holders. For example:
We have no direct relationship with any person other than you, and for that reason, you are responsible for making sure you have the appropriate permission for us to disclose any Content (which may contain Personal Data) in the manner you direct through the Service. Please see Part B (clause 11) below which outlines your obligations in this regard.
If you no longer want to be contacted by one of our Authorised Account Holders, please contact your Agency or CaringLife directly.
- (b) Service providers: We may share a limited amount of Personal Data with our third party service providers, who help us provide and support our Service, including organisations who carry out credit, fraud and other security
checks, payment processors, hosting services, content delivery services, IT support providers and communications businesses engaged by us to disseminate materials to which recipients have consented.
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of goods and services and associated purposes. We deal with third parties that are required to meet the privacy standards required by law in handling your Personal Data and use your Personal Data only for the purposes that we give it to them.
- (c) Sale, merger, consolidation, liquidation, reorganisation, or acquisition: If CaringLife or substantially all of its assets were acquired by a third party, Personal Data which we hold may be one of the transferred assets (subject to the same constraints on use and disclosure as under this Privacy Policy). Government and agency licensees would be given a period of 30 days notice prior to the transfer of assets to decide whether to continue using the service, and/or to make appropriate decisions about the storage of the data related to their jurisdiction.
- (d) Legal obligation: If we are under a duty or have a legal right to disclose or share Personal Data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions or to protect our rights, property, or the safety of our personnel or third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection, trust and safety and credit risk reduction.
- (a) Authorised Account Holders: At the direction of an
Authorised Account Holder (through the Service) shall disclose Content (which may contain Personal Data) to other Authorised Account Holders. For example:
- Trans-border Personal Data flows
CaringLife is a global service. Therefore, CaringLife stores and processes the information gathered on servers located in Australia, the UK and in other countries.
To ensure we comply with all legal requirements for data transfer and storage, data is only processed and stored in the country of residence, or the appropriate data storage region, of the Child.
Summary:
We only share your personal information as described in this privacy policy. We give third parties only the information they need to help us provide our services.We do not sell your Personal Data.
We share Personal Data with third parties for specific reasons, like running our business and providing our services. These third parties include:
- (a) Authorised Account Holders: We may share your data with other authorised users as directed by you. Make sure you have permission to share this data.
If you don't want to be contacted by an authorised user, contact your Agency or CaringLife.
- (b) Service Providers: We may share your data with companies that help us provide services, like payment processors, IT support, and communication services. They must follow privacy laws and use your data only for the purposes we specify.
- (c) Business Changes: If CaringLife is sold or merged, your data may be transferred as part of the business. You will get 30 days' notice to decide if you want to continue using our service or manage your data.
- (d) Legal Requirements: We may share your data if required by law or to protect our rights and safety. This includes sharing information to prevent fraud and reduce risk.
Data Storage Locations:
CaringLife operates globally. We store and process data on servers in Australia, the UK, and other countries. We ensure your data is handled according to legal requirements and stored in the appropriate region for the Child.
- (a) Authorised Account Holders: We may share your data with other authorised users as directed by you. Make sure you have permission to share this data.
- Security of Personal Data
We take all reasonable steps to protect Personal Data, including through internal and external security, restricting access to Personal Data to those who have a need to know, maintaining technological products to prevent unauthorised computer access and regularly reviewing our technology to maintain security. We choose technology partners based on their security and privacy policies and practices.
Personal Data stored in our system is protected by electronic and procedural safeguards. We take all reasonable precautions to protect Personal Data (and other content) from accidental loss and theft by storing it in secure data centres with off-site backups. Communication between Authorised Account Holders, Carer and Child accounts and our servers is encrypted via industry-standard secure sockets layer (SSL).
The Service is protected by secure and encrypted passwords.
Authorised Account Holders should never share their passwords.
CaringLife is not responsible for any loss of data or breach of privacy if an Authorised Account Holder shares their password with someone else. We do not store your password on our servers.
Given internet transmissions cannot be guaranteed to be entirely secure, you acknowledge and agree that you use the Service at your own risk. In case of a Security incident or any other breach of security safeguards, such as the loss of, unauthorised access to or unauthorised disclosure of Personal Data under CaringLife’s control, we will respond in accordance with applicable Data Protection Laws.
Summary: We protect your info with strong security measures and handle issues by law.
- Your Rights
You may decline to submit Personal Data through the Website or the Service, in which case CaringLife may not be able to provide certain services to you. If you do not agree with our Privacy Policy or Terms of Service, please discontinue use of the Service. Your continued usage of the Service will signify your assent to and acceptance of our Privacy Policy and Terms of Service.
You have the right to:
- (a) Access and correct your Personal Data that is held by us at any time.
- (b) Request the erasure of any or all of your Personal Data;
- (c) Restrict or object to the processing of any or all of your Personal Data;
- (d) Request the porting of any or all your Personal Data to another organisation; and
- (e) Withdraw any consent to processing that you have previously given in respect of any or all of your Personal Data.
Please contact CaringLife (see contact details at the end of this Privacy Policy) with any questions or comments about this Privacy Policy, your Personal Data, your consent, access, correction requirements, or your opt-in or opt-out choices.
Please note that where we are not, or are no longer, in a position to identify you within the information we hold (including because of any de-identification techniques we may have employed), then your rights as described above shall not apply.
We will respond to any request made in respect of the above in accordance with the applicable Data Protection Laws where you are resident. We will respond to any request made in respect of the above without delay, but in any case within one (1) month of a request, or two (2) months where the requests are complex or numerous (in which case, we will inform you of such delay).
Summary:
- You don't have to give us your Personal Data, but we may not be able to provide some services if you don't.
- If you don't agree with our Privacy Policy or Terms of Service, please stop using our Service.
- By using our Service, you agree to our Privacy Policy and Terms of Service.
You can:
- See and correct your Personal Data.
- Ask us to delete your Personal Data.
- Ask us to stop or limit how we use your Personal Data.
- Ask us to send your Personal Data to another organisation.
- Withdraw your consent for us to use your Personal Data.
Contact CaringLife if you have questions or want to exercise your rights.
If we can't identify you (for example, if your data is anonymised), these rights may not apply.
We will respond to your requests within one month, or two months if the request is complicated. We will let you know if we need more time.
- Maintaining the quality of your personal information
- Direc
It is important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.
- Notifiable data breach scheme
In the event of any unauthorised access or unauthorised disclosure or loss of your personal information that is likely to result in serious harm to you, we will investigate and notify you and the Office of the Australian Information Commissioner in accordance with the Privacy Act.
- Cancelling your CaringLife Account
If your CaringLife Account terminates (for whatever reason), the Personal Data associated with it may no longer be accessible to you. Any Content and/ or Personal Data you have posted from your CaringLife Account may still be available to other Authorised Account Holders that the Content and/ or Personal Data has been associated with. There may continue to be residual copies of such Content and Personal Data due to ongoing data back-up and archiving.
Part B: Your Responsibilities
- Uploading and transferring other people’s Personal Data through the Service
You acknowledge and agree that, in respect of other people’s Personal Data (including the Personal Data of Children) that you upload and transfer within the Service, you are acting as a data-controller, with CaringLife acting as the data processor in respect of such Personal Data.
By accessing and using the Service to upload and transfer other people’s Personal Data, you agree that you:
- (a) Comply with all Data Protection Laws: will comply with your obligations under all applicable Data Protection Laws;
- (b) Obtain consent: have obtained (or shall obtain) all consents necessary under Data Protection Laws, for CaringLife to
process the Personal Data through the Service as you direct, and that such consent is obtained from the correct person.
CaringLife may, but shall not be required to, offer through the functionality of the Service a pop-up or embedded form to allow Authorised Account Holders to give their consent, retrospectively, to the processing of their Personal Data (or the Personal Data of a Child that they are the carer or guardian of) through the Service. However, you shall not rely on any such functionality, and it is your responsibility to ensure that you obtain consent from the appropriate person(s).
- (c) Withdrawn consent or objection to processing: We must be notified without undue delay if any Authorised Account Holder or Carer withdraws their consent, or any part of their consent, or objects to any processing of Personal Data through the Service. This shall include any withdrawal of consent, or objection received by you from a Child to whom the Personal Data relates;
- (d) Accuracy of Personal Data: will make sure that you are frequently updating any Personal Data stored within your CaringLife Account that relates to another person when requested to do so by that person;
- (e) Security breach: upon becoming aware of a security incident, or any other breach, or suspected breach, of your security safeguards, must notify us without undue delay and shall provide timely information relating to the security incident as it becomes known or as is reasonably requested by us;
- (f) Sensitive data: will not upload or transfer “sensitive data” or
“sensitive information” to the Service;
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information will be used by us only:
- For the primary purpose for which it was obtained
- With your consent; or where required or authorised by law
- (g) Secure use of the Service: are responsible for your secure use of the Service, including securing your CaringLife Account authentication credentials, protecting the security of Personal Data when in transit to and from the Service and taking any appropriate steps to securely encrypt or backup any Personal Data uploaded to the Service;
- (h) Evaluation of the Service: are responsible for reviewing the information made available by CaringLife relating to data security and making an independent determination as to whether the Service meet your requirements and legal obligations under Data Protection Laws.
- (g) Updates to Terms of Service and Privacy Policy: acknowledge that the Service is subject to technical progress and development and that CaringLife may update or modify its Terms of Service and this Privacy Policy from time to time, and you agree to review the latest version of the Terms of Service and Privacy Policy from time to time.
Summary: When you use our Service to upload and transfer other people’s Personal Data (including Children’s data), you are responsible for the following:
- 1. Follow the Law: Comply with all relevant Data Protection Laws.
- 2. Get Consent: Make sure you have permission from the right person for CaringLife to process their data. It's your job to get this consent, even if we provide tools to help.
- 3. Report Changes: Inform us immediately if someone withdraws their consent or objects to their data being used.
- 4. Keep Data Updated: Regularly update any Personal Data as requested by the person it relates to.
- 5. Report Breaches: Tell us right away if you discover any security breaches.
- 6. No Sensitive Data: Do not upload sensitive information (like race, political opinions, health info) unless it's necessary, you have consent, or it's required by law.
- 7. Use Securely: Keep your account secure and protect data when transferring it. Encrypt or back up data as needed.
- 8. Check the Service: Make sure our Service meets your needs and legal requirements by reviewing our data security information.
- 9. Stay Informed: Understand that the Service may change, and check for updates to our Terms of Service and Privacy Policy regularly.
- Questions and Comments
If you have any questions or comments, or want to access, update, or delete the Personal Data we hold about you, or have a privacy concern please write to us at:
The Privacy Officer
Nautilus Media Group Pty Ltd
PO Box 1004
Elwood Victoria 3184or by email to: hello@caringlife.com
Please provide sufficient detail about the information in question to help us locate it. We will respond to any privacy request in compliance with the applicable Data Protection Law.