Privacy Policy

1. Introduction

TinkerTank Pty Ltd (ABN to be provided) ("TinkerTank", "we", "us", or "our") is committed to protecting the privacy of our customers, including children who participate in our programs. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (tinkertank.rocks, tinkertank.com.au) or use our services.

We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and are committed to handling personal information responsibly. For international visitors, we also consider GDPR principles where applicable.

2. Information We Collect

2.1 Parent/Guardian Information

When you book a program or create an account, we collect:

• Full name
• Email address
• Phone number
• Billing address
• Payment information (processed securely via Stripe)

2.2 Child/Student Information

To provide appropriate care and education, we collect:

• Child's name
• Date of birth / Age
• Allergies and dietary requirements
• Medical conditions and special needs
• Emergency contact details
• School grade/year level

2.3 Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address and browser type
• Device information
• Pages visited and time spent
• Referring website
• Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

• Process bookings and payments for camps, birthday parties, and Ignite subscriptions
• Provide safe and appropriate care for children during programs
• Communicate about bookings, schedules, and program updates
• Respond to medical emergencies appropriately
• Send newsletters and promotional materials (with your consent)
• Improve our website and services
• Comply with legal obligations
• Maintain records as required by law

4. Children's Privacy

We take children's privacy very seriously. We only collect children's information that is necessary for their participation in our programs and their health and safety.

• We only collect children's information from parents or legal guardians
• We do not knowingly allow children to make purchases or share personal information online
• Children's medical and allergy information is treated as sensitive information with restricted access
• We do not sell or share children's information for marketing purposes
• Parents may request access to or deletion of their child's information at any time

5. Disclosure of Information

We may share your information with:

• Payment Processors: Stripe processes all payments. We do not store complete credit card details.
• Emergency Services: Medical and emergency contact information may be shared with emergency services if required.
• Service Providers: Third-party services that help us operate (email, hosting, analytics) under strict confidentiality agreements.
• Legal Requirements: When required by law, court order, or government authority.

We do not sell, trade, or rent personal information to third parties for marketing purposes.

6. Data Storage and Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.

• All data is encrypted in transit using SSL/TLS
• Payment data is processed by Stripe, a PCI DSS compliant payment processor
• Access to personal information is restricted to authorised personnel only
• We maintain regular security updates and monitoring
• Data is stored on secure servers in Australia where possible

7. Cookies and Tracking

We use cookies and similar technologies to enhance your browsing experience and analyze website usage.

Types of Cookies We Use:

• Essential Cookies: Required for the website to function (e.g., shopping cart, login sessions)
• Analytics Cookies: Help us understand how visitors use our website
• Marketing Cookies: Used to deliver relevant advertisements (only with consent)

You can control cookies through your browser settings. Disabling essential cookies may affect website functionality.

8. Your Rights

Under Australian Privacy law, you have the right to:

• Access: Request a copy of the personal information we hold about you or your child
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of personal information (subject to legal retention requirements)
• Opt-out: Unsubscribe from marketing communications at any time
• Complaint: Lodge a complaint if you believe we have breached your privacy

For International Visitors (GDPR)

If you are located in the European Economic Area, you may also have rights to:

• Data portability
• Restriction of processing
• Object to processing
• Withdraw consent at any time

9. Data Retention

We retain personal information for as long as necessary to:

• Provide our services and maintain booking records
• Comply with legal and regulatory requirements
• Resolve disputes and enforce agreements

Typically, booking and customer records are retained for 7 years in accordance with Australian tax law requirements. You may request deletion of non-essential data at any time.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any linked websites.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. The "Last updated" date at the top of this policy indicates when it was last revised.

12. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have a complaint, please contact us:

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).