GDPR Statement & Privacy Notice

Zenith Childcare – Privacy Notice

Effective date: 3rd November 2025

Who we are

Zenith Childcare (Dublin) (“we”, “us”, “our”) is committed to protecting the privacy and security of personal data of children, parents/guardians, staff, contractors, prospective parents and other individuals associated with our service.

What this notice is for

This notice gives you information on how we collect and use your personal data when you engage with us, whether via admission/enrolment of a child, employment or contract, or via our website, and meets our obligations under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

The data we collect

We may collect the following personal data (depending on context):

  • Name, address, contact details (telephone, email) of parents/guardians, children, staff, contractors.
  • Dates of birth, gender, emergency contact information.
  • Child care records: enrolment forms, attendance records, health/medical information (allergies, medication, dietary requirements), special educational needs, development records.
  • Staff records: employment history, qualifications, vetting disclosures, references, payroll and bank details.
  • Financial information: fee payments, subsidies, grants, billing details.
  • Website / IT usage data: IP address, browsing activity, cookies (see our Cookie Policy below).

 

Why we collect it and lawful basis

We collect and process personal data for the following purposes:

  • To fulfil our contract with you when you enrol your child (or we employ staff).
  • To comply with legal obligations (for example, under childcare regulations, health and safety, employment law, vetting of staff).
  • For our legitimate interests (for example to run and manage our service efficiently, to ensure children’s welfare and safety).
  • Where relevant, with your consent (for example for promotional materials/photographs of children, or direct marketing).
    We rely on one or more of the lawful bases under GDPR (Article 6) and, where applicable, special category data (Article 9). In the case of children’s data, we ensure that appropriate protections apply.  

 

Sharing your data

We may share personal data with third-party service providers (e.g., IT/cloud service, payroll bureau, staff vetting agencies) only to the extent necessary, and we put contracts/agreements in place to ensure they handle the data securely. We will not sell or lease your data to third parties.

Where required by law, we may share data with statutory bodies (for example, social services, Health Service Executive, regulatory authorities).

Data retention

We will retain your personal data for as long as necessary to fulfil the purpose it was collected for, comply with legal/regulatory obligations, resolve disputes and enforce our agreements. For example, where a child is enrolled we will retain their records for the period required under the relevant childcare regulations (and any statute of limitations). For enquiries that do not result in enrolment we may retain data for a limited period (e.g., 12 months) then securely destroy. 

Your rights

Under GDPR you have the following rights (in certain circumstances):

  • The right to be informed – we are providing this notice.
  • Right of access – you may request a copy of the personal data we hold about you.  
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) – in some circumstances you may ask us to delete your data.
  • Right to restrict processing – you may ask to limit how your data is used.
  • Right to data portability – to receive your data in a structured, commonly used format (where applicable).
  • Right to object – you may object to processing based on our legitimate interests.
  • Rights related to automated decision-making and profiling – we do not routinely carry out automated decision-making.
    If you wish to exercise any of these rights please contact our Data Protection Officer at info@zenithcaregroup.com.
    You have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland.

 

Data security

We have implemented appropriate technical and organisational measures to protect personal data. Only authorised staff have access to data, encryption where required, secure storage, and password-protected systems. We regularly review our practices.

Changes to this notice

We may update this notice from time to time. The “Effective Date” above will reflect the latest version. We will post any changes on our website and/or otherwise notify you.

Contact

If you have any questions about this privacy notice or our data practices, or wish to contact our Data Protection Officer, please email: info@zenithcaregroup.com or write to Zenith Childcare, Suite 301, 56 Fitzwilliam Square North, Dublin 2.

Join The Waiting List

Fill in the form below to let us know your interest. A member of our team will contact you shortly with further information.