CrecheHQCrecheHQ
Join Waitlist

Legal

Privacy Policy

Last updated: 25 January 2026

Your Privacy Matters

CrecheHQ is committed to protecting the privacy of childcare providers, staff, parents, and the children in your care. This policy explains how we collect, use, and safeguard your personal data in compliance with the General Data Protection Regulation (GDPR) and Irish data protection law.

1. Who We Are

CrecheHQ is an Irish childcare management software platform. We provide software services to childcare providers including creches, preschools, and montessori schools throughout Ireland.

Data Controller: CrecheHQ
Contact Email: privacy@crechehq.ie
Website: crechehq.ie

2. Our Privacy Principles

We are committed to the following principles:

  • Minimal Data Collection: We only collect data that is necessary to provide our services
  • Purpose Limitation: We use data only for the purposes specified in this policy
  • Data Minimisation: We do not retain data longer than necessary
  • Transparency: We are clear about what data we collect and why
  • Security First: We implement appropriate technical and organisational measures to protect your data

3. Information We Collect

3.1 Information from Childcare Providers (Our Customers)

When you register for CrecheHQ, we collect:

  • Business name and registration details
  • Contact information (name, email, phone number, address)
  • Tusla registration number
  • Payment and billing information
  • Bank account details for payment processing

3.2 Information About Children and Families

Important: CrecheHQ processes data about children and families on behalf of childcare providers. The childcare provider is the Data Controller for this information; CrecheHQ acts as a Data Processor.

This may include:

  • Child's name, date of birth, and CHICK number
  • Parent/guardian contact information
  • Emergency contact details
  • Medical information and allergies (where provided)
  • Attendance records
  • ECCE and NCS eligibility information
  • Invoices and payment history

3.3 Information from Website Visitors

When you visit our website, we may collect:

  • IP address and browser information
  • Pages visited and time spent on site
  • Referral source
  • Information you provide via contact forms

4. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our services
  • Process payments and send invoices
  • Send service-related communications
  • Provide customer support
  • Improve our products and services
  • Comply with legal obligations (including Tusla and Pobal requirements)
  • Send marketing communications (with your consent)

We process personal data under the following legal bases:

  • Contract: Processing necessary to perform our contract with you
  • Legal Obligation: Processing required by law (e.g., financial records, Tusla compliance)
  • Legitimate Interests: Processing for our legitimate business interests (e.g., improving services, fraud prevention)
  • Consent: Where you have given explicit consent (e.g., marketing emails)

6. Children's Data

Special Category Data

We recognise that data about children requires special protection. CrecheHQ processes children's data solely on behalf of childcare providers to enable them to manage their service. We implement enhanced security measures for all data relating to children.

CrecheHQ does not have a direct relationship with the children or families whose data is processed through our platform. Parents/guardians with questions about their children's data should contact the childcare provider directly.

7. Data Sharing

We may share your data with:

  • Payment Processors: Stripe for secure payment processing
  • Cloud Infrastructure: Our hosting providers (data stored within the EU)
  • Email Services: For transactional and marketing communications
  • Analytics: Google Analytics (anonymised data only)

We will never sell your personal data to third parties. We only share data with third parties who are bound by data processing agreements and provide adequate security guarantees.

8. Data Security

We implement appropriate security measures including:

  • SSL/TLS encryption for all data in transit
  • Encryption at rest for sensitive data
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Staff training on data protection
  • Incident response procedures

While we take all reasonable precautions, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but commit to notifying you and the relevant supervisory authority of any breach as required by law.

9. Data Retention

We retain personal data for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations (e.g., 7 years for financial records)
  • Resolve disputes and enforce agreements

When you close your account, we will delete or anonymise your data within 90 days, except where retention is required by law.

10. Your Rights

Under GDPR, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal retention requirements)
  • Right to Restriction: Limit how we process your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us at privacy@crechehq.ie. We will respond within 30 days.

11. Cookies

We use cookies and similar technologies to:

  • Essential Cookies: Required for the website to function (e.g., session management)
  • Analytics Cookies: Help us understand how visitors use our site (with your consent)
  • Marketing Cookies: Used to deliver relevant advertisements (with your consent)

You can manage your cookie preferences through our cookie consent banner or your browser settings. For more details, see our Cookie Policy.

12. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA). Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@crechehq.ie

Address: Dublin, Ireland

Response Time: Within 5 business days

15. Supervisory Authority

You have the right to lodge a complaint with the Data Protection Commission (DPC), the Irish supervisory authority for data protection:

Data Protection Commission

21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

Phone: +353 (0)1 765 0100 / 1800 437 737

Email: info@dataprotection.ie

Website: www.dataprotection.ie