LinkidsLinkids

Privacy Policy

Last updated: 11 May 2026

1. Who we are

Linkids ("we", "our", "us") is a kindergarten communication and management platform operated by Linkids Ltd, registered in Cyprus. Our service is available at linkids.co and app.linkids.co.

Contact: privacy@linkids.co

2. What data we collect

We collect only the data necessary to operate the platform:

  • Account data: name, email address, role (admin, teacher, parent).
  • Child data: first name, last name, date of birth, class, emergency contact, dietary notes, GDPR media consent flag. Entered by authorised kindergarten staff.
  • Daily log data: sleep times, meal portions, toilet events, activity records. Entered by teachers.
  • Usage data: anonymised access logs for security and performance monitoring.
  • Media (when enabled): photos and videos uploaded by staff, subject to individual child consent flags.

3. Legal basis for processing

We process personal data under the following GDPR lawful bases:

  • Contract: to provide the service to kindergartens and their staff.
  • Legitimate interests: security, fraud prevention, service improvement.
  • Consent: media sharing of children's images (opt-in per child).

4. How we use your data

  • Providing and maintaining the Linkids platform.
  • Sending transactional emails (invitations, notifications) via Resend.
  • Error tracking and performance monitoring via Sentry.
  • We do not sell, rent, or share your data with third parties for marketing.

5. Data storage and transfers

All data is stored in the European Union (Frankfurt, Germany) using Supabase (PostgreSQL). We do not transfer personal data outside the EEA. Subprocessors (Supabase, Vercel, Resend, Sentry) are GDPR-compliant and operate under standard contractual clauses where applicable.

6. Data retention

Account and child data is retained for the duration of the kindergarten's active subscription plus 30 days after cancellation. After that period, data is permanently deleted. You may request earlier deletion at any time.

7. Your rights

Under GDPR you have the right to:

  • Access your personal data.
  • Correct inaccurate data.
  • Request deletion ("right to be forgotten").
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent (for media sharing).

To exercise any of these rights, email privacy@linkids.co. We will respond within 30 days.

8. Cookies

We use only essential session cookies required for authentication. We do not use advertising or analytics cookies.

9. Google Sign-In

We offer "Sign in with Google" as an authentication option. When you use this, Google shares your name and email address with us. We do not request access to any other Google account data. Google's privacy policy applies to their services: policies.google.com/privacy.

10. Changes to this policy

We may update this policy to reflect changes in the service or legal requirements. We will notify administrators by email of material changes. Continued use of the platform after changes constitutes acceptance.

11. Complaints

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the Cyprus Commissioner for Personal Data Protection (dataprotection.gov.cy) or your local EU supervisory authority.