Data Protection (FERPA & COPPA)

1. Scope of Data Protection

ChildEra processes personal information related to children enrolled in childcare centers, parents or legal guardians, childcare staff, and center administrators.
This may include enrollment details, attendance records, developmental and learning information, billing and payment data, communications, and other operational records required for childcare management.

ChildEra is designed to support the secure handling of educational and childcare-related records in a manner consistent with FERPA principles.
Access to child records is restricted to authorized childcare center staff, parents or legal guardians, and administrators with a legitimate operational need.
Parents and guardians may request access to their child’s records and ask for corrections to inaccurate or incomplete information, subject to applicable center policies and legal requirements.
ChildEra does not disclose personally identifiable information from educational records without appropriate consent, except where disclosure is permitted or required by law.
Educational records stored within the platform are protected through encryption, role-based permissions, and audit logging of key access and modification events.

ChildEra recognizes the importance of protecting the privacy of children under the age of 13 and follows COPPA-aligned principles for the collection and use of child-related information.
Personal information about children is collected only as necessary to deliver childcare, communication, learning, attendance, and administrative services.
ChildEra does not sell children’s personal information and does not use such information for behavioral advertising or unrelated marketing purposes.
Parents and guardians may review, update, or request deletion of their child’s information, subject to applicable contractual, operational, or legal retention requirements.
Where required, centers using ChildEra are responsible for obtaining appropriate parental or guardian consent before information is submitted to the platform.

ChildEra uses commercially reasonable administrative, technical, and organizational safeguards to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure.
Security measures may include encrypted transmission over HTTPS/SSL, encryption at rest where applicable, role-based access controls, authentication safeguards, audit trails, regular monitoring, and secure cloud infrastructure.
Access to sensitive information is limited to authorized users and service providers who require such access for legitimate business or service-delivery purposes.

ChildEra retains personal information only for as long as necessary to provide services, comply with legal obligations, resolve disputes, enforce agreements, and support legitimate operational requirements.
When information is no longer required, or when a valid deletion request is processed, ChildEra will securely delete or anonymize the relevant data in accordance with applicable law and internal retention procedures.

ChildEra may rely on trusted third-party vendors for hosting, infrastructure, payment processing, analytics, communications, or related support services.
Such service providers are expected to process information only for authorized purposes, maintain appropriate confidentiality, and implement reasonable safeguards consistent with applicable privacy and security obligations.

ChildEra may update this Data Protection statement from time to time to reflect changes in law, regulatory guidance, security practices, or platform functionality.
Any updated version will be posted on the website with a revised effective date where applicable.

For questions, concerns, or requests relating to data protection, privacy, FERPA, or COPPA matters, users may contact ChildEra through the contact details provided on the official website.

Area	ChildEra Commitment
FERPA	Protects educational and childcare records through limited access, consent-based sharing, and secure record handling.
COPPA	Protects information relating to children under 13 and limits collection, use, and disclosure of such data.
Access Control	Allows only authorized users such as parents, guardians, approved center staff, and designated administrators.
Security	Uses encryption, authentication controls, monitoring, and secure hosting practices.
Parent Rights	Supports review, correction, and deletion requests, subject to law and operational obligations.