APPs | Toddle

Toddle & APPs

(Australian Privacy Principles)

The Australian Privacy Principles can be summarised in 13 broad points. These are:

  • APP 1: Open and transparent management of personal information
  • APP 2: Anonymity and pseudonymity
  • APP 3: Collection of solicited personal information
  • APP 4: Dealing with unsolicited personal information
  • APP 5: Notification of the collection of personal information
  • APP 6: Use or disclosure of personal information
  • APP 7: Direct marketing
  • APP 8: Cross-border disclosure of personal information
  • APP 9: Adoption, use, or disclosure of government-related identifiers
  • APP 10: Quality of personal information
  • APP 11: Security of personal information
  • APP 12: Access to personal information
  • APP 13: Correction of personal information

Below we detail how we comply with all 13 principles.

APP 1- Open and Transparent Management of Personal Information

Toddle adopts a very transparent approach towards its Privacy Practices. The Privacy Policy, Terms of Use and Terms of Service are all hosted on its website www.toddleapp.com. Toddle also has a designated Data Protection Officer, Anshul Chauhan and he can be contacted at privacy@toddleapp.com.

APP 2- Anonymity and Pseudonymity

Where practicable, Toddle provides individuals with the option of not identifying themselves or using a pseudonym. However, this may not always be possible for us to provide our services effectively.

APP 3- Collection of Solicited Personal Information

Toddle collects minimal data from its users and the data collected is used only for providing the services that Toddle has with the user. For details on the types of personal information Toddle collects, how it is collected, and the use of cookies and tracking technologies, please refer to our Privacy Policy.

Toddle collects user data after receiving their consent. Schools are responsible for obtaining verifiable parental consent for using Toddle for children below the legal age (as specified by local laws). If you come across an instance where Toddle is collecting information from a student without parental consent, please contact us immediately at privacy@toddleapp.com. Schools can download a sample of the Parental Consent form from here.

APP 4- Dealing with Unsolicited Personal Information

If Toddle receives unsolicited personal information, we will determine whether we could have collected it through normal means. If not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

APP 5- Notification of the Collection of Personal Information

The collection of personal information on the Toddle platform is primarily managed by the schools that use our services. Schools provide us with the necessary data to set up and manage accounts for students, teachers, and parents.

Account creation in Toddle can happen in 3 ways:

  1. Account for a teacher created by the teacher’s school – Teachers can log in to their accounts as soon as they’re ready.
  2. Account for a student created by the school – This is governed by Parental Consent being collected by the school.
  3. Teacher creating his/ her own account – A verification code is sent in an email to the teacher’s email ID. The account is created only if the verification code is entered by the teacher.

APP 6- Use or Disclosure of Personal Information

Toddle only uses or discloses your data for the purposes specified in our agreement with you or your school, or as otherwise permitted by the APPs.

APP 7- Direct Marketing

Toddle does not sell or share data with marketing firms. Toddle also does not show any ads on any of its websites/ services. Toddle collects log data of visitors to its website www.toddleapp.com ​and web.toddleapp.com. Toddle may use this log data for marketing of its own products to the visitors of its website.

APP 8- Cross-border Disclosure of Personal Information

Toddle shares user data with a limited set of third parties (sub-processors) to operate and improve Toddle. All of these sub-processors are contractually prohibited from sharing the user data with any other entity. You can see details of all the sub-processors used by Toddle on Toddle’s website: Third Party Service Providers | Toddle

APP 9- Adoption, Use or Disclosure of Government Related Identifiers

Not applicable, as Toddle does not adopt, use, or disclose government-related identifiers.

APP 10- Quality of Personal Information

If you find that any personal data we hold is inaccurate, incomplete, or needs updating, you can request its correction by emailing us at privacy@toddleapp.com. Users can also update their information from the Profile sections on the platform and the applications.

APP 11- Security of Personal Information

We adhere to the internationally recognized standards of the International Organization for Standardization (ISO) and hold ISO/IEC 27001:2022, ISO/IEC 27017:2015, ISO/IEC 27018:2019 & ISO/IEC 27701:2019 certifications.

Toddle has achieved the ST4S assessment badge, is certified by iKeepSafe for data protection laws under COPPA and FERPA, and has also successfully completed a SOC 2 Type II audit. All your data is encrypted in transit and at rest, and stored on Amazon Web Services servers in Sydney. All of Toddle’s personnel undergo data security training.

If you no longer wish to use Toddle’s services and want your data deleted from our records, please contact our team, and we will delete all of your information from our records unless we are legally required to retain certain data.

APP 12- Access to Personal Information

All data that you add to Toddle belongs to you. You can reach Toddle at any time to see a summary of all your personal data being processed along with the related processing activities. You can also request the identity of any third-party with whom your personal data has been shared. Should you want to receive that data, we will provide you with a machine-readable format of the same within 30 days of receiving such a request.

APP 13- Correction of Personal Information

Toddle respects your right to have accurate and complete information. If you find that any personal data we hold is inaccurate, incomplete, or needs updating, you can request its correction, updation, or completion by contacting privacy@toddleapp.com. Users can also update their information from the Profile sections on the platform and the applications.

Notifiable Data Breaches (NDB) Scheme

The NDB scheme mandates that Toddle must notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when a data breach occurs that is likely to result in serious harm to any individual whose personal information is involved. If Toddle experiences such a breach, we will take immediate steps to contain it and assess the risk of harm. Affected individuals will be notified with a description of the breach, the types of information involved, and recommended steps they can take to protect themselves. Additionally, Toddle will notify the OAIC and provide details of the breach and our response. Toddle is dedicated to ensuring the security of your personal information and will take all necessary actions to prevent and respond to data breaches.