This Privacy Policy explains how Childmindi ("Childmindi", "we", "us", or "our") collects, uses, and protects information in connection with our web application and website at childmindi.com (the "Web Service"), and our mobile applications published on the Apple App Store and Google Play Store (the "Apps", together with the Web Service, the "Services").

By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this Privacy Policy, you must not use the Services.

This Privacy Policy should be read in conjunction with our Terms of Service. In case of any conflict between this Privacy Policy and the Terms of Service, the Terms of Service shall prevail.

1. Who We Are

Exocortex's core business is a childcare management software system (Childmindi) to childcare businesses including Childminders, Pre-schools and Nurseries. Exocortex provides access to a childcare management system as a subscription only service and this Privacy Policy governs the way Exocortex collects, maintains and discloses information from subscribing customers and users of the Childmindi Website and the responsibilities of Exocortex for the lawful basis of processing personal data. This privacy policy applies to the site and all products and services offered by Exocortex.

2. Definitions

Controller

Means a natural or legal person who (either alone, jointly or together with other persons) determines the purpose(s) "for which" and the manner "in which" any personal data is, or will be processed.

Processor

Means a natural or legal person (other than an employee of the controller) who processes personal data on behalf of the controller.

Processing

Means any operation or a set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Exocortex acts as the data processor with respect to our business customers and subscribers and as a Data controller with respect to personal data collected and processed in our business operations.

3. Information That We Collect

Exocortex processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our products and services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, subscribe to the newsletter, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Site related activities.

The personal data that we collect from our customers is:

  • Full Name
  • Address
  • Email address
  • Telephone Number
  • Mobile Telephone Number

We also during business collect personal information for example:

  • Name
  • Date of Birth
  • Home Address
  • Personal Email
  • Business Email
  • Home Telephone Number
  • Mobile Telephone Number

4. How We Use Your Personal Data

Exocortex takes your privacy very seriously and will never disclose, share or sell your data without your consent; unless required to do so by law. We only retain your data for as long as is necessary and for the purpose(s) specified in this notice.

We are committed to protecting the security and confidentiality of your personal data. We use appropriate technical and organizational measures in such a manner that processing will meet the requirements of the federal and state laws and ensure the protection of your rights.

When you setup an account on our website, you would require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party.

Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw this consent at any time.

The General Data Protection Regulation requires that specific data protection principles be followed in the handling of personal data. These principles require that personal data must:

  • Be accurate.
  • Be secure.
  • Not be kept longer than is necessary.
  • Be adequate, relevant and not excessive.
  • Be fair, lawfully and transparently processed.
  • Be treated with individuals' rights.
  • Be processed for limited purposes and not in any manner incompatible with those purposes.
  • Not be transferred to countries without adequate protection.

The purposes and reasons for processing your personal data are detailed below:

  • We collect your personal data in the performance of a contract or to process and activate your subscription.
  • Also, to provide you with access to the website and be able to download information and relevant materials.
  • We collect and store your personal data as part of our legal obligation for business accounting and tax purposes.
  • We will occasionally send you marketing information where we have assessed that it is beneficial to you as a customer and in our interests. Such information will be non-intrusive and is processed on the grounds of legitimate interests.
  • We also collect information to produce reports, statistics and analysis of people who access our services.

We also collect information electronically in the following ways:

Online subscription / registration form

Automatic Information

When you visit our website, we collect information via cookies and other techniques. Cookies are small, simple text files that save on your computer or mobile device when you visit our website.

We collect the following information:

  • Internet Protocol (IP) Address.
  • Browser type and Version.
  • Geolocation, clicking-behaviour.

We collect this information for functional and analytical purposes.

  • Functional cookies help us to provide you a website that is user-friendly and preserves user session across page requests. These cookies allow us to remember your browser settings, so you can view our website optimally. Cookies also help us to identify trusted web traffic.
  • Analytical cookies are used to optimize our website's experience. It collects information on your behaviour on our website.
  • Statistic cookies help us to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Commercial cookies are used to promote some of the products that lenders are offered to you based on your saved enquiry.
  • Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and for advertisers.
  • Google AdWords help to re-engage visitors that are likely to convert to customers based on visitor's online behaviour across websites.

If you don't want us to collect this information you can set your browser settings accordingly. However, we want to remind you that if you do not want to use cookies, we unfortunately cannot guarantee that our website will work properly, and your experience is optimised.

Google Analytics

We use Google Analytics to get data about the visitor's device and behaviour. They also track the visitor across devices and marketing channels.

5. Children's Privacy (COPPA Compliance)

Our Services are designed to be used by childcare providers, preschools, and parents or legal guardians, not directly by children under 13 years of age.

Childcare providers are responsible for:

  • obtaining verifiable parental consent before collecting any personal information about children;
  • ensuring compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable laws;
  • providing parents with notice of information collection practices;
  • implementing appropriate safeguards for children's information.

Information about children is provided and managed by authorized adults (childcare providers or parents/guardians). Childmindi does not knowingly collect personal information directly from children.

If we become aware that we have collected personal information directly from a child without proper parental consent or organizational authorization, we will take reasonable steps to remove that information.

6. Your Rights

You have the right to access any personal information that Exocortex processes about you and to request information about:

  • What personal data we hold about you.
  • The purposes of the processing.
  • The categories of personal data concerned.
  • The recipients to whom the personal data has/will be disclosed.
  • How long we intend to store your personal data for.
  • If we did not collect the data directly from you, information about the source.

If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure of your personal data or to restrict processing in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information and the right to be informed about any automated decision-making we may use.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.

7. Sharing and Disclosing Your Personal Information

We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement.

8. Safeguarding Measures

Exocortex takes your privacy seriously and takes every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including:

Use of SSL and TLS on the server side, restricted access in that Exocortex or its staff have no access to customer data and such data remains the responsibility of the customer/ business subscriber for the duration of the contract. Personal data is protected by the General Data Protection Regulation.

9. Consequences of Not Providing Your Data

You are not obligated to provide your personal information to Exocortex, however, as this information is required for Exocortex to process and complete your subscription or any other service you might require, we will not be able to offer some/all of our services without it.

10. Legitimate Interests

As noted in the 'How We Use Your Personal Data' section of this notice, we occasionally process your personal information under the legitimate interests' legal basis. Where this is the case, we have carried out a thorough Legitimate Interests' Assessment (LIA) to ensure that we have weighed your interests and any risk posed to you against our own interests; ensuring that they are proportionate and appropriate.

We use the legitimate interests' legal basis for processing to register and process customer data and have identified that our interests are: Registration, management and support of customer contracts.

11. How Long We Keep Your Data

Exocortex only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. We are required under law to keep your basic personal data (name, address, contact details) for a minimum of 5 years after which time it will be destroyed. We also retain personal data for the duration of the contract which you would have with us. Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.

12. Special Categories Data

Owing to the products, services or treatments that we offer, Exocortex are aware that our core customers control and process sensitive customer data and information on children. While we do acknowledge that this data is the responsibility of our customers we are committed to protect the security and confidentiality of such sensitive data. We use appropriate technical and organisational measures in that the processing will meet national regulatory bodies, General Data Protection Regulation and ensure the protection of your rights.

13. Service Commitment and Limitations

Our Security and Reliability Measures

  • 99% uptime target — We strive to maintain high availability
  • Industry-standard encryption (256-bit SSL/TLS) — Protecting data in transit
  • AES-256 encryption at rest — Securing stored information
  • Daily automated backups — Regular data protection
  • Professional infrastructure — Secure hosting and monitoring

Service Limitations

However, like all software services, we cannot guarantee absolute perfection. To the maximum extent permitted by applicable law:

  • Service Availability: While we target 99% uptime, occasional interruptions may occur for maintenance, updates, or unexpected technical issues.
  • Data Accuracy: We provide the platform infrastructure but do not verify or validate the accuracy, completeness, or reliability of information entered by users and organizations.
  • Security Measures: While we implement industry-standard security measures, no system can be entirely immune to security incidents or unauthorized access.
  • Third-Party Services: We rely on reputable third-party service providers (cloud hosting, app stores) but cannot control their actions or guarantee their availability.
  • User Content: Childcare organizations are responsible for the content they enter and manage. We act as a data processor, not a data controller.
  • Regulatory Compliance: Each organization is responsible for ensuring their use of the Services complies with applicable laws and regulations (COPPA, FERPA, state licensing requirements, etc.).

Limitation of Liability: To the fullest extent permitted by law, Childmindi and Exocortex shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of data, loss of revenue, or loss of business opportunity, arising out of or related to your use of the Services. These limitations are standard for professional software services.

14. Governing Law and Dispute Resolution

Governing Law

This Privacy Policy and any disputes arising out of or related to it shall be governed by the laws of the State of Wyoming, United States, without regard to its conflict of law provisions.

Jurisdiction

Any legal action or proceeding arising under this Privacy Policy shall be brought exclusively in the federal or state courts located in Wyoming, and you hereby consent to the personal jurisdiction of such courts.

Informal Resolution

In the event of any dispute, controversy, or claim arising out of or relating to this Privacy Policy, the parties agree to first attempt to resolve the matter informally by contacting us at [email protected].

Time Limit for Claims

Any claim or cause of action arising out of or related to use of the Services or this Privacy Policy must be filed within nine (9) months after the claim arose, or such claim shall be permanently barred.

15. What happens if the Privacy Policy changes?

We may change this privacy policy at any time and from time to time. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this Privacy Policy or other notice on the Website. We encourage you to review this Privacy Policy often to stay informed of changes that may affect you, as your continued use of the Website signifies your continuing consent to be bound by this Privacy Policy.