Privacy Policy

Privacy Policy

Effective Date: January 15, 2025
Last Updated: January 15, 2025
Version: 1.1

Introduction

DaycareLocator, operated by Ioxir Inc. ("we," "our," or "us"), respects your privacy and is committed to protecting the personal information of all users of our daycare directory and SaaS platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our mobile application, or engage with our services.

Special Note for Parents: We take the privacy of children very seriously. This Service is designed to help parents find suitable daycare facilities and is not intended for direct use by children. If you are under 18 years of age, please ensure your parent or guardian has reviewed this Privacy Policy and our Terms of Service before using our platform.

1. Information We Collect

1.1 Information You Provide Directly

Parent/Guardian Information:

  • Full name and contact information
  • Email address and phone number
  • Address and postal code
  • General childcare preferences and requirements
  • Inquiry messages to daycare providers

Daycare Provider Information:

  • Business name, license number, and registration details
  • Contact information and business address
  • Staff information and qualifications
  • Facility descriptions, photos, and videos
  • Program details and pricing information
  • Verification documents (licenses, insurance, background checks)

Account and Billing Information:

  • Username and password (encrypted)
  • Subscription plan and billing details
  • Payment information (processed by secure third-party payment processors)

1.2 Information We Collect Automatically

Technical Information:

  • IP address and device information
  • Browser type and operating system
  • Website usage patterns and navigation data
  • Geolocation data (when permitted) for daycare proximity searches
  • Cookies and similar tracking technologies

Platform Usage Data:

  • Search queries and filter preferences
  • Daycare profiles viewed and contacted
  • Inquiry and tour booking activity
  • Platform feature usage and performance data

1.3 Information from Third Parties

Government and Licensing Bodies:

  • Daycare licensing information and public records
  • Regulatory compliance status and inspection reports
  • Background check results (for verification services)

Payment Processors:

  • Transaction confirmations and billing status
  • Fraud prevention and security verification

2. How We Use Your Information

2.1 Primary Service Purposes

  • Daycare Directory Services: Matching parents with suitable daycare providers based on location, age requirements, and preferences
  • Verification Services: Conducting background checks and license verification for daycare providers
  • Communication Facilitation: Enabling inquiries, tour bookings, and communication between parents and daycare providers
  • Account Management: Creating and maintaining user accounts, subscription management, and customer support

2.2 Platform Improvement and Analytics

  • Service Enhancement: Improving search functionality, user experience, and platform performance
  • Analytics and Research: Understanding usage patterns to develop new features and improve existing services
  • Safety and Security: Detecting fraud, preventing abuse, and maintaining platform security

2.3 Legal and Compliance Purposes

  • Regulatory Compliance: Meeting obligations under childcare licensing laws and privacy regulations
  • Legal Requirements: Responding to legal requests, court orders, and regulatory investigations
  • Child Protection: Reporting suspected child abuse or safety concerns as required by law

3. Information Sharing and Disclosure

3.1 With Your Consent

  • Daycare Inquiries: Sharing your contact information with daycare providers when you submit an inquiry or book a tour
  • Verification Requests: Sharing verification status with parents when daycare providers authorize disclosure
  • Optional Features: Participating in reviews, testimonials, or community features

3.2 Service Providers and Partners

  • Technology Providers: Cloud hosting, analytics, and platform infrastructure partners
  • Payment Processors: Stripe and other secure payment processing services
  • Verification Services: Background check providers and government verification systems
  • Communication Services: Email and SMS service providers for platform notifications

3.3 Legal Requirements

  • Child Protection Agencies: When required by law to report suspected child abuse or neglect
  • Law Enforcement: In response to valid legal requests, court orders, or emergency situations
  • Regulatory Bodies: Providing information to licensing authorities and government agencies as required

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to continued protection under this Privacy Policy.

4. Children's Privacy Protection

4.1 Age Restrictions

Primary Users: Our Service is intended for parents, guardians, and daycare providers (ages 18+) Children's Data: We do not knowingly collect personal information directly from children under 13 (COPPA) or 16 (GDPR) Parental Consent: Any information about children is provided by parents/guardians for legitimate daycare matching purposes

4.2 Children's Information We May Receive

From Parents/Guardians Only:

  • General childcare needs and preferences (as described by parents in inquiry messages)
  • No specific personal information about children is collected or stored

4.3 Protection Measures

  • No Direct Collection: Children cannot create accounts or provide information directly
  • Minimal Data: We collect only the minimum information necessary for daycare matching
  • Secure Storage: All children's information is encrypted and access-restricted
  • Parental Rights: Parents can request deletion of all children's information at any time

4.4 If We Learn of Direct Collection

If we discover we have inadvertently collected personal information from a child under 13 (or 16 in the EU), we will:

  1. Delete the information immediately
  2. Notify the parent/guardian if contact information is available
  3. Implement additional safeguards to prevent future collection

5. International Data Transfers

5.1 Cross-Border Processing

Primary Location: Data is primarily stored and processed within Canada Service Providers: Some data may be processed by service providers located outside Canada (such as cloud hosting and analytics services) Safeguards: All international transfers use encryption and appropriate contractual safeguards

6. Data Retention

6.1 Account Information

Active Accounts: Retained while your account is active and for up to 12 months after deactivation Billing Information: Retained for 7 years as required by Canadian tax and business laws Communication Records: Inquiry and support communications retained for 3 years

6.2 Children's Information

General Preferences: Only stored as part of parent inquiry messages No Personal Data: No specific personal information about children is retained Communication Records: Deleted with other inquiry records after 3 years

6.3 Verification Documents

Daycare Verification: Licenses and background checks retained while account is active plus 1 year Legal Requirements: Some verification records may be retained longer as required by licensing laws Secure Disposal: All verification documents are securely deleted using certified data destruction methods

7. Your Privacy Rights

7.1 Canadian Residents (PIPEDA)

Access: Request a copy of your personal information Correction: Update or correct inaccurate information Withdrawal of Consent: Withdraw consent for non-essential processing Complaints: File complaints with the Privacy Commissioner of Canada

7.2 EU Residents (GDPR)

Access: Obtain a copy of your personal data Rectification: Correct inaccurate or incomplete data Erasure: Request deletion of your personal data ("right to be forgotten") Portability: Receive your data in a portable format Objection: Object to processing based on legitimate interests Restriction: Request limitation of processing in certain circumstances

7.3 US Residents (State Laws)

California (CCPA): Access, deletion, and opt-out rights Other States: Rights as provided by applicable state privacy laws

7.4 Exercising Your Rights

Contact Methods: privacy@daycarelocator.com or through your account settings Response Time: We respond to requests within 30 days (or as required by applicable law) Identity Verification: We may request identity verification to protect against fraudulent requests No Discrimination: We will not discriminate against you for exercising your privacy rights

8. Data Security

8.1 Technical Safeguards

Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256) Access Controls: Multi-factor authentication and role-based access controls Network Security: Firewalls, intrusion detection, and regular security monitoring Regular Updates: Timely security patches and vulnerability assessments

8.2 Administrative Safeguards

Staff Training: Regular privacy and security training for all employees Background Checks: Security screening for employees with data access Incident Response: Documented procedures for data breach response Third-Party Audits: Regular security assessments by independent auditors

8.3 Physical Safeguards

Secure Facilities: Data centers with physical access controls and environmental protections Device Security: Encrypted devices with remote wipe capabilities Secure Disposal: Certified destruction of physical storage media

8.4 Data Breach Response

Detection: Automated monitoring and alert systems Containment: Immediate response to contain and assess breaches Notification: Notification to authorities and affected individuals as required by law Recovery: Remediation measures and security improvements

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

Essential Cookies: Required for platform functionality (authentication, security) Analytics Cookies: Understanding platform usage and performance (Google Analytics) Functional Cookies: Remembering preferences and improving user experience Marketing Cookies: Displaying relevant advertisements (with consent)

9.2 Cookie Management

Consent: We obtain consent for non-essential cookies Browser Controls: You can manage cookies through your browser settings Opt-Out: You can opt out of analytics and marketing cookies Impact: Disabling essential cookies may affect platform functionality

9.3 Third-Party Tracking

Analytics Partners: Google Analytics (with IP anonymization) Advertising Networks: Only with explicit consent Social Media: Social media plugins and sharing tools Opt-Out Links: We provide links to third-party opt-out mechanisms

10. Third-Party Services

10.1 Payment Processing

Stripe: Secure payment processing (PCI DSS compliant) PayPal: Alternative payment options Data Sharing: Only necessary transaction information is shared Privacy Policies: Third-party processors have their own privacy policies

10.2 Communication Services

Email: Resend for transactional and marketing emails SMS: Twilio for appointment reminders and notifications Video Calls: Integration with Zoom or similar for virtual tours Data Protection: All service providers have data protection agreements

10.3 Analytics and Performance

Google Analytics: Website usage analytics (with IP anonymization) Error Tracking: Sentry for application error monitoring Performance Monitoring: New Relic for platform performance Data Minimization: We use privacy-focused configurations where possible

11. Marketing Communications

11.1 Email Communications

Transactional Emails: Account notifications, booking confirmations (no opt-out) Marketing Emails: Platform updates, new features, tips for parents (opt-in required) Daycare Promotions: Information about featured daycare providers (opt-in required) Frequency: No more than 2 marketing emails per week

11.2 SMS Communications

Appointment Reminders: Tour booking confirmations and reminders Security Alerts: Account security notifications Marketing SMS: Promotional messages (explicit consent required) Opt-Out: Reply STOP to unsubscribe from SMS communications

11.3 Unsubscribe Options

Easy Unsubscribe: One-click unsubscribe links in all marketing emails Preference Center: Granular control over communication types Account Settings: Manage communication preferences in your account Immediate Effect: Unsubscribe requests processed within 24 hours

12. Updates to This Privacy Policy

12.1 Notification of Changes

Material Changes: We will notify you of significant changes via email and platform notifications Minor Updates: Updates for clarification or legal compliance may be posted without notification Review Encouragement: We encourage regular review of this Privacy Policy

12.2 Version Control

Version History: Previous versions are archived and available upon request Effective Date: Changes take effect on the date specified in the updated policy Continued Use: Continued use of the Service constitutes acceptance of updated terms

13. Contact Information

13.1 Privacy Officer

Email: privacy@daycarelocator.com
Mail: Privacy Officer, Ioxir Inc., Toronto, ON, Canada

13.2 Data Protection Queries

General Questions: Use the contact information above Data Requests: Submit requests through your account or via email Urgent Matters: Call our support line for immediate assistance

13.3 Regulatory Contacts

Canada: Privacy Commissioner of Canada - priv.gc.ca EU: Your local Data Protection Authority US: FTC Consumer Response Center (for COPPA matters)

14. Legal Basis for Processing (GDPR)

14.1 Lawful Bases

Consent: Marketing communications, optional features Contract: Providing daycare directory services, account management Legal Obligation: Regulatory compliance, child protection reporting Legitimate Interests: Platform security, fraud prevention, service improvement Vital Interests: Child safety and protection

14.2 Special Categories

Children's Information: No specific personal information about children is collected or processed Safeguards: Standard protections apply to all personal data

This Privacy Policy is designed to comply with Canadian federal and provincial privacy laws (including PIPEDA), the EU General Data Protection Regulation (GDPR), the US Children's Online Privacy Protection Act (COPPA), and other applicable privacy regulations. If you have questions about this policy or our privacy practices, please contact our Privacy Officer using the information provided above.

Document Prepared: January 2025
Next Review Date: January 2026
Legal Review: Recommended before platform launch