Child images, child records, parent contact details and daily care records are treated as high-risk information. The platform is built around environment separation, least-privilege access and private, encrypted storage.
Production, test and sandbox environments are kept clearly separated. Development and testing use synthetic data only.
Access follows least-privilege, environment separation, provider oversight and support-access approval principles.
Child images and records are held in private storage with encrypted transmission and restricted, logged support access.
Our handling of personal information is designed to align with the Australian Privacy Principles, including APP 11 (security of personal information).
| Whose data | Child profile and daily care records, child images (where authorised), and parent/guardian contact details for authorised communication. |
| Who can see it | Authorised educators, relevant provider administrators, and the relevant parent/guardian where authorised — not public sharing or advertising. |
| Development data | Synthetic or dummy data only; the development build is never connected to production. |
| Access & deletion | Access, correction, export and deletion follow the provider agreement, service policy and legal obligations. |
ShareWin FlowCare