Privacy Policy

Last updated: 7 April 2026

Eidolon Nursery ("we", "us", "our") is committed to protecting the privacy of nursery staff, parents, and especially the children in your care. This policy explains how we collect, use, store, and protect personal data processed through our platform, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller and Processor

Your nursery is the Data Controller. You determine what personal data is entered into the system and for what purpose. Eidolon AI acts as a Data Processor, processing personal data on your behalf and in accordance with your instructions.

As Data Controller, your nursery is responsible for having a lawful basis for collecting and processing children's and families' personal data, maintaining your own privacy notice for parents, and responding to data subject access requests.

Data Processor contact:
Eidolon AI
Email: privacy@eidolonursery.co.uk

2. What Data We Process

Children's Data

Data Category	Examples	Purpose
Identity	Name, date of birth, gender, ethnicity	Child registration and identification
Health & medical	Allergies, dietary needs, medical notes, GP details	Duty of care, health and safety
SEND information	Special needs status, support details	Appropriate care and statutory compliance
Developmental records	EYFS observations, progress assessments	Educational tracking and EYFS statutory requirements
Attendance	Daily register, arrival/departure times	Safeguarding and regulatory compliance
Photographs	Activity photos (where consent given)	Photo-to-observation AI feature
Contacts	Guardian names, addresses, phone numbers, email	Emergency contact and authorised collection

Staff Data

Data Category	Examples	Purpose
Identity	Name, email, phone number	Account management and communication
Employment	Role, assigned room, DBS certificate details	Compliance and safeguarding
Training records	Course completions, certificate references, expiry dates	Regulatory compliance
Activity logs	Observations authored, chat conversations	Service functionality and audit trail

Parent Data

Data Category	Examples	Purpose
Identity	Name, email, phone number	Communication and account access
Relationship	Relationship to child, collection authorisation	Safeguarding and authorised collection

Account and Billing Data

Data Category	Examples	Purpose
Account details	Nursery name, domain, manager email	Service provision
Billing	Subscription plan, payment history	Billing and invoicing (via Stripe)

We do not store credit card numbers, bank account details, or payment card data. All payment processing is handled by Stripe, which is PCI-DSS Level 1 certified.

3. Legal Basis for Processing

We process personal data on the following legal bases under UK GDPR:

Contract (Article 6(1)(b)): Processing necessary to provide the Service under our agreement with your nursery.
Legitimate interests (Article 6(1)(f)): System security, fraud prevention, and service improvement.
Legal obligation (Article 6(1)(c)): Where processing is required by law (e.g., data retention requirements).

For special category data (health information, ethnicity, SEND status), processing is carried out under Article 9(2)(g) — substantial public interest — as nurseries have statutory obligations under the EYFS framework and Childcare Act 2006 to record and monitor children's health, development, and welfare.

Your nursery, as Data Controller, must ensure it has obtained any necessary consents from parents (e.g., for photographs) and has a lawful basis for all data entered into the system.

4. How AI Features Use Your Data

Your data never leaves our UK servers. All AI processing runs locally on our infrastructure using open-source language models. No data is sent to OpenAI, Google, Microsoft, or any other third-party AI provider.

AI features process your data as follows:

Observation classification: Text observations are analysed to identify the relevant EYFS area and sub-theme. The original text is stored; the classification is metadata added by the AI.
Photo analysis: Uploaded photographs are processed by a vision model to generate observation text. Photos are processed in memory and not retained by the AI model after analysis.
Chat assistants: Conversations with AI assistants may include child data from your nursery's records to provide contextual responses. Chat history is stored within your tenant's isolated database.
Developmental insights: Aggregated observation data is analysed to identify coverage gaps, developmental trajectories, and quality patterns. No data leaves your tenant's database.

AI outputs are suggestions and should always be reviewed by qualified staff before being treated as official records.

5. Data Storage and Security

Location: All data is stored on servers physically located in the United Kingdom.
Tenant isolation: Each nursery's data is stored in a separate, isolated database schema. No nursery can access another nursery's data.
Encryption: All data in transit is encrypted using TLS 1.2+. Passwords are hashed using bcrypt with per-user salts.
Access control: Role-based access control (RBAC) restricts what each user can see and do. Staff see only data for their nursery. Parents see only their own child's information.
Authentication: JWT-based authentication with configurable session expiry.
Backups: Regular automated backups are maintained to protect against data loss.

6. Data Sharing

We do not sell, rent, or trade personal data. We share data only with:

Stripe (payment processing) — receives nursery manager email and billing information only. Stripe's privacy policy applies to payment data.
Infrastructure providers (server hosting) — have physical access to servers but not logical access to application data. Servers are located in the UK.

We do not share children's data, observations, health information, or any nursery operational data with any third party.

We may disclose data if required by law, regulation, or valid legal process (e.g., a court order).

7. Data Retention

Data Type	Retention Period
Active account data	Duration of subscription
Data after account closure	30 days (to allow export), then permanently deleted
Billing records	6 years (UK tax and accounting requirements)
Server access logs	90 days
Pending registrations (incomplete)	24 hours, then automatically deleted

Your nursery may have its own retention policies for children's records (e.g., retaining developmental records until a child reaches age 25, per common early years practice). You are responsible for managing retention within the Service according to your own policies.

8. International Transfers

We do not transfer personal data outside the United Kingdom. All data processing, including AI model inference, occurs on UK-based servers.

9. Your Rights (Data Subject Rights)

Under UK GDPR, individuals whose data is processed through the Service have the following rights:

Right of access: Request a copy of personal data held about you or your child.
Right to rectification: Request correction of inaccurate data.
Right to erasure: Request deletion of personal data (subject to legal retention requirements).
Right to restrict processing: Request that we limit how your data is used.
Right to data portability: Receive your data in a structured, commonly used format.
Right to object: Object to processing based on legitimate interests.
Rights related to automated decision-making: The Service uses AI to classify observations and generate suggestions, but no solely automated decisions with legal or significant effects are made. All AI outputs are advisory and require human review.

Parents and staff should direct data subject requests to the nursery manager in the first instance, as the nursery is the Data Controller. The nursery may then instruct us to assist with fulfilling the request.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

10. Children's Data — Special Considerations

We recognise the particular sensitivity of children's personal data and apply enhanced protections. Children's data is accessible only to authorised nursery staff and the child's own parents/guardians. It is never used for marketing, profiling for commercial purposes, or shared with third parties.

Photographs of children are processed only where parental consent has been recorded in the system. The AI photo analysis feature processes images in memory for observation generation only — images are not used to train AI models or retained beyond the immediate analysis.

11. Cookies and Tracking

The Eidolon Nursery platform uses only strictly necessary technical storage:

Authentication token: Stored in your browser's localStorage to maintain your login session. No cookies are set.
Tenant identifier: Stored in localStorage to identify your nursery. No cookies are set.

We do not use analytics cookies, advertising cookies, social media trackers, or any third-party tracking technologies. We do not use Google Analytics or similar services.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify nursery managers of material changes at least 30 days before they take effect. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

13. Contact Us

For privacy-related enquiries or to exercise your rights as a data processor customer:

Email: privacy@eidolonursery.co.uk
General support: support@eidolonursery.co.uk
Company: Eidolon AI
Location: United Kingdom

For complaints about how your nursery handles your data, please contact the nursery directly. For complaints about how we handle data as a processor, contact us at the email above or the ICO at ico.org.uk.