Early Tree

Privacy Policy

Last updated: 1 December 2024

Note: This template should be reviewed by legal counsel before use. It is provided as a starting point and may need to be adapted to your specific circumstances.

1. Introduction

Early Tree ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our websites, applications, and services (collectively, the "Services").

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Where we process personal data about children, parents, or staff members on your behalf, we do so as a data processor, and you remain the data controller responsible for that data.

2. Data Controller

For personal data that we collect directly from you (such as your account information and contact details), Early Tree is the data controller. Our contact details are:

Email: hello@earlytree.co.uk

3. What Personal Data We Collect

3.1 Information You Provide

We collect personal data that you voluntarily provide to us, including:

  • Account information: Name, email address, organisation name, job title
  • Contact information: Information provided through our contact forms
  • Payment information: Billing address, payment card details (processed by our payment provider)
  • Communications: Information contained in emails, support tickets, and other communications with us

3.2 Information We Collect Automatically

When you use our Services, we automatically collect certain information, including:

  • Device information: IP address, browser type, operating system, device identifiers
  • Usage information: Pages visited, features used, time spent on pages, referring URLs
  • Cookies and similar technologies: See our Cookie Policy for details

3.3 Customer Data

When you use our nursery management, funding portal, or other Services, you may upload or input data about children, parents, and staff members. This Customer Data remains under your control, and we process it only to provide the Services to you.

4. How We Use Your Personal Data

We use personal data for the following purposes:

  • To provide our Services: Creating and managing your account, processing transactions, providing customer support
  • To communicate with you: Responding to enquiries, sending service updates and notifications
  • To improve our Services: Analysing usage patterns, conducting research and development
  • To protect our Services: Detecting and preventing fraud, abuse, and security incidents
  • To comply with legal obligations: Responding to legal requests, meeting regulatory requirements

5. Legal Bases for Processing

We process your personal data based on one or more of the following legal bases:

  • Contract: Processing necessary to perform our contract with you or take steps at your request before entering into a contract
  • Legitimate interests: Processing necessary for our legitimate interests or those of a third party, except where overridden by your interests or fundamental rights
  • Legal obligation: Processing necessary to comply with our legal obligations
  • Consent: Where you have given consent to the processing

6. Data Sharing and Disclosure

We may share your personal data with:

  • Service providers: Third parties who help us provide our Services (hosting, payment processing, analytics, customer support)
  • Professional advisers: Lawyers, accountants, and auditors who need access to provide their services
  • Law enforcement: When required by law or to protect our rights and safety
  • Business transfers: In connection with any merger, sale, or acquisition of all or part of our business

We do not sell your personal data or share it with third parties for their direct marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office.

8. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The retention period may vary depending on the context and our legal obligations.

Customer Data is retained for the duration of your subscription. Upon termination, we will delete or anonymise Customer Data within 90 days, unless longer retention is required by law or you request an earlier deletion.

9. Your Rights

Under the UK GDPR, you have the following rights:

  • Access: You can request a copy of the personal data we hold about you
  • Rectification: You can ask us to correct inaccurate or incomplete data
  • Erasure: You can ask us to delete your personal data in certain circumstances
  • Restriction: You can ask us to restrict processing of your data in certain circumstances
  • Portability: You can request your data in a structured, machine-readable format
  • Objection: You can object to processing based on legitimate interests
  • Withdraw consent: Where we rely on consent, you can withdraw it at any time

To exercise these rights, please contact us at hello@earlytree.co.uk. We will respond to your request within one month.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and employee training.

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

11. Children's Privacy

Our marketing websites are not directed at children under 16. We do not knowingly collect personal data from children under 16 without parental consent. If you believe we have inadvertently collected such data, please contact us and we will promptly delete it.

For our nursery management and other Services that process data about children, you (as the nursery or early years setting) are the data controller and are responsible for obtaining appropriate consents and complying with applicable laws.

12. Complaints

If you have concerns about how we handle your personal data, please contact us first and we will try to resolve your concerns. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: ico.org.uk
Telephone: 0303 123 1113

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: hello@earlytree.co.uk