Cradle logoCradle

Privacy Policy

We are committed to protecting the privacy of every person who interacts with the Cradle platform.

1.1 Introduction

Cradle ("we," "our," or "us") is committed to protecting the privacy of every person who interacts with our platform. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you access or use the Cradle daycare management platform, including our web application, mobile applications (Teacher App and Parent App), and all related services (collectively, the "Platform").

This policy applies to:

  • Daycare center owners and administrators who subscribe to and manage the Platform
  • Teachers and staff members who use the Teacher Mobile App
  • Parents and guardians who use the Parent Mobile App
  • Children whose records are managed within the Platform
  • Visitors to our website and any person who contacts our support team

By accessing or using the Cradle Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please discontinue use of the Platform immediately.

1.2 Information We Collect

1.2.1 Information Provided Directly by Users

We collect information that you voluntarily provide to us when you register an account, configure your center, add records, or contact support. This includes:

Account and Organization Information

  • Daycare center name, physical address, and contact details
  • Owner and administrator names, email addresses, and phone numbers
  • Subscription plan selection and billing contact information
  • Staff profiles: names, roles, contact details, and invite codes

Child and Family Information

  • Child's full name, date of birth, gender, and photo
  • Health and medical data including allergies, immunizations, medications, and dietary restrictions
  • Guardian and sibling contact information including names, phone numbers, relationships, and authorized pickup status
  • Enrollment application data, waitlist status, and admission records

Daily Activity and Operational Records

  • Daily activity logs: naptime duration, food consumption, bathroom intervals, mood states, and teacher remarks
  • Milestone records, developmental progress notes, and photo uploads
  • Incident reports and safety event logs including type, timeline, witnesses, and severity classifications
  • Attendance records, check-in and check-out times, and health questionnaire responses

Payment and Billing Information

  • Invoice records, outstanding balances, and payment history
  • Payment method details (processed and tokenized through our third-party payment processor; we do not store raw card numbers)
  • Bank transfer and ACH authorization records
  • Tax credit reporting information relevant to US-based childcare tuition

Communications

  • Messages sent between parents and teachers or administrators through the Direct Messaging Portal
  • Newsletter content and community announcements created by administrators
  • Support ticket submissions, issue descriptions, and chat threads

1.2.2 Information Collected Automatically

When you use the Platform, we automatically collect certain technical information, including:

  • Device type, operating system, and browser type
  • IP address and approximate geographic location
  • Session duration, pages and features accessed, and navigation patterns
  • Error logs and crash reports to support platform stability
  • Cookies and similar tracking technologies as described in our Cookie Policy

1.2.3 Information from Third Parties

We may receive information about you from third-party services integrated with the Platform, including payment processors (such as Stripe), identity verification providers, and analytics providers.

1.3 How We Use Your Information

We use the information we collect for the following purposes:

To Deliver and Operate the Platform

  • Creating and managing accounts for daycare administrators, teachers, and parents
  • Enabling classroom management, daily activity logging, and student record-keeping
  • Processing enrollment applications and managing waitlists
  • Facilitating parent-teacher communication through the messaging portal
  • Processing tuition payments and generating invoices

To Improve the Platform

  • Analyzing usage patterns to identify performance issues and feature opportunities
  • Conducting internal research and product testing
  • Training and calibrating automated systems using aggregated, anonymized data

To Communicate with You

  • Sending transactional notifications such as payment confirmations and invoice reminders
  • Responding to support tickets and help requests
  • Sending platform update announcements and policy change notifications
  • Delivering marketing communications where you have provided consent

To Ensure Safety and Compliance

  • Enforcing our Terms of Use and Platform policies
  • Detecting and preventing fraudulent transactions or unauthorized account access
  • Maintaining incident logs and safety reports in compliance with applicable childcare regulations
  • Responding to legal obligations, court orders, or regulatory inquiries

1.4 How We Share Your Information

We do not sell your personal information to third parties. We share information only in the following limited circumstances:

  • Service Providers: We share data with vendors who assist in platform delivery, including cloud hosting providers, payment processors, email delivery services, and analytics tools. These providers are contractually bound to process data only as directed by us.
  • Within Your Center: Information about children, families, and staff is shared with authorized administrators and teachers within the same daycare center account, consistent with their assigned role permissions.
  • Legal Requirements: We may disclose information when required to comply with applicable laws, respond to legal process, or protect the rights, property, or safety of Cradle, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred to the successor entity, subject to continued protection under this policy or a materially equivalent one.

1.5 Children's Privacy

Cradle is a B2B platform used by daycare centers to manage records for enrolled children. We do not knowingly collect personal information directly from children. All child data entered into the Platform is submitted by daycare administrators, teachers, or parents acting in their adult capacity.

Because the Platform handles sensitive information about minors, we apply heightened data protection standards to all child records, including:

  • Restricting access to child profiles based on role-based permissions
  • Encrypting child health and medical data at rest and in transit
  • Limiting retention of child records to the period required to provide services or as required by law
  • Enabling administrators and parents to request deletion of child records in accordance with applicable childcare regulations

If you believe that child information has been collected or used in a manner inconsistent with this policy, please contact us immediately at privacy@cradleapp.com.

1.6 Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this policy. Specific retention periods include:

  • Active account data is retained for the duration of your subscription
  • Billing records and financial transaction logs are retained for a minimum of seven (7) years to comply with US tax and financial regulations
  • Child activity records and incident logs are retained in accordance with your center's applicable state childcare licensing requirements
  • Support ticket records are retained for two (2) years after ticket resolution
  • Deleted account data is removed from active systems within thirty (30) days of deletion, with residual backup copies purged within ninety (90) days

1.7 Data Security

We implement a layered security framework to protect your information. Our security measures include:

  • Encryption of all data transmitted between devices and our servers using TLS 1.2 or higher
  • Encryption of sensitive data fields at rest, including medical records and payment tokens
  • Role-based access controls enforcing the principle of least privilege across all user types
  • Secure invite-code authentication for new staff accounts, transitioning to email and password credentials upon profile creation
  • Regular security audits, vulnerability assessments, and penetration testing
  • Secure cloud infrastructure with redundant backups and disaster recovery protocols

No method of electronic transmission or storage is completely secure. While we apply rigorous measures, we cannot guarantee absolute security. We encourage users to maintain strong passwords and contact us immediately if they suspect unauthorized access.

1.8 Your Rights

Depending on your location, you may have the following rights with respect to your personal information:

  • Access: You may request a copy of the personal information we hold about you.
  • Correction: You may request that we correct inaccurate or incomplete information.
  • Deletion: You may request that we delete your personal information, subject to legal retention requirements.
  • Portability: You may request a structured, machine-readable export of your data.
  • Objection: You may object to certain uses of your data, including direct marketing.
  • Restriction: You may request that we limit processing of your data in certain circumstances.
  • Withdrawal of Consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please submit a written request to privacy@cradleapp.com. We will respond within thirty (30) days. We may need to verify your identity before processing your request.

1.9 Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any external sites you visit.

1.10 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or platform features. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by sending an in-platform notification or email. Your continued use of the Platform after the effective date of any update constitutes acceptance of the revised policy.

1.11 Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at:

Other legal documents

Privacy PolicyTerms of UseCookie PolicyHelp Centre