Privacy Policy

Updated June 6, 2022.


At Kai’s Education, we take safeguarding your privacy seriously. This Privacy Policy covers the use of data gathered by Kai’s Education sites,,, and our apps.


At Kai’s Education, we prioritize the security of our users’ personal information with the highest level of seriousness. We understand that safeguarding this data is fundamental not only to our operations but also to maintaining the trust you place in us. To uphold these standards, we adhere to the Center for Internet Security (CIS) Critical Security Controls, a widely recognized and respected set of best practices in the cybersecurity industry.

The CIS framework provides a structured set of actions known for their effectiveness in protecting systems and data against the most prevalent cyber threats. Our adherence to this framework ensures that we implement comprehensive and adaptive security measures tailored to the current landscape of cyber risks. Here’s how we integrate the CIS controls into our data security strategy:

Access Control and User Authentication: We enforce strict access controls and identity verification processes, including the use of multi-factor authentication, to ensure that only authorized personnel can access sensitive information.

Data Encryption: All personal data stored on our servers or transmitted across networks is encrypted using the latest industry-standard encryption protocols to prevent unauthorized access and ensure data integrity.

Regular Security Audits: We conduct regular security audits to assess the effectiveness of our security measures. These audits help us identify potential vulnerabilities and implement timely enhancements to our security posture.

Incident Response and Management: In the event of a security breach, we have a robust incident response plan that enables us to quickly address and mitigate any threats to user data. This plan is regularly reviewed and updated to align with the evolving cyber threat environment.

Continuous Improvement: Our security practices are not static; we continuously seek to improve our defenses in line with the latest developments and recommendations of the CIS framework. This includes ongoing training for our staff to ensure they are knowledgeable about the latest security protocols and best practices.

By following the CIS Critical Security Controls, Kai’s Education demonstrates its commitment to proactive and diligent management of cybersecurity risks. This commitment helps ensure the protection of our digital platforms and the personal information of our users, thereby maintaining a safe and secure learning environment for everyone.

Our apps and services

  • Are 100% COPPA & GDPR compliant
  • We do not knowingly collect information on or about children.
  • We do not collect identifiable location data
  • We do not have third-party advertisements

If you do not agree with parts or the whole of this Privacy Policy, please do not use Kai’s Education apps, services or websites.

We are committed to protecting individual data gathered on the sites and our apps. We try to ensure that our Privacy Policy and our information practices adhere to the General Data Protection Regulation (GDPR), Federal Trade Commission’s Children’s Online Privacy Protection Act (“COPPA”). 

Kai’s Education and sites are designed specifically for children under the age of 16. We are devoted to safeguarding student security and taking care of any private data we acquire with care and regard. COPPA requires that we inform parents and legal guardians about how we collect, use, and disclose personal information from children under 16 years of age. COPPA requires that we obtain the consent of parents and guardians of children under 16 years of age prior to allowing them to use certain features of our website and apps. Kai’s Virtual Viewer app is designed to be used by children over the age of 13.

When we use the term “teacher” below, we also mean to include legal guardians and parents. When we use the terms “personal information,” “personally identifiable information,” or “personal data,” we mean information that can specifically identify you or your child.

We are committed to Children’s Online Safety Education

Only parents or teachers are allowed to create accounts on Kai’s Education sites. A parent or teacher can create a student account and should not add any personally identifiable information in the student alias input field when creating the student account.

If a parent or teacher notices that the student-generated content that they deem to be personally identifiable information, they can request the removal of the content by contacting us at

As required by General Data Protection Regulation (GDPR), the following identifies the data controller and data protection officer.

  • Data Controller: Kai’s Education
  • Data Protection Officer: Bruce Jackson
  • Address: 2/10 Ben Lomond, Cres, Pakuranga, Auckland 2010
  • Email:

COPPA requires us to receive a parent’s verified permission (such as through a credit card transaction, customer support phone call, or another legal method) before collecting or using a child’s personal information online “Personal information” includes a child’s name, home address, email address, phone number, picture, voice recording, physical location, and certain unique identifiers. Under the COPPA law, you can ask Kai’s Education to delete or stop using your child’s personal information at any time. COPPA is a U.S. federal law enforced by the Federal Trade Commission. 


There are two different types of data that Kai’s Education collects. The first is data entered by the teacher, parent or guardian, and the second is data that is automatically obtained from public information made available by visiting our website and/or downloading our mobile app.

Automatically collected data

(1) Internet Protocol (IP) Address – this is a numeric identifier associated with your computer/device. We use this to verify your host or network interface and location by country origin only.

(2) Third-Party Advertisers/Analytics – Please refer to our third-party privacy policies listed below to see what information they collect.

Information collected at setup registration  

  • Username (required): The name and email of the teacher, parent and guardian used to log into Kai’s Education.
  • Student / Child alias – If the student joins without a teacher, parent and guardian first creating an account, an automatic alias is created.
  • Password (required): This is an alphanumeric password created by the teacher, parent and guardian to access their account.

Requested information from Teacher, Parent to complete children ages under 16 account set up:

Only Teachers, Parents or Guardians can create student accounts.

As mentioned we collect the following information from a teacher, parent or guardian account.

Data typeIs this Data PersonalPurposeRetention time
emailYesRegistration and account sign upRemoved upon request or inactivity
PasswordNo, password is encrypted Registration and account sign upRemoved upon request or inactivity
AliasPossibly, depending on the name you choose to providePublished alongside your published projectsRemoved upon request or inactivity
Project lessonPossibly, depending on what you choose to providePublished alongside your published projectsRemoved upon request or inactivity
Device namePossibly, depending on what you choose to name itNot shared with anyone, only used to improve services.Removed upon request or inactivity
Device modelNoFor technical support issues.Removed upon request or inactivity
OS versionNoFor technical support issues.Removed upon request or inactivity

Data we may collect from a student using our apps.

Data typeIs this Data PersonalPurposeRetention time
emailNot collectedNot collectedNot collected
PasswordNot collectedNot collectedNot collected
AliasPossibly, depending on the name you or your teacher chose to provideTeacher to manage studentsRemoved by teacher account or upon request or inactivity
Device namePossibly, depending on what you choose to name itNot shared with anyone, only used to improve services.Removed upon request or inactivity
Device modelNoFor technical support issues.Removed upon request or inactivity
OS versionNoFor technical support issues.Removed upon request or inactivity

Removal of Personal Data

Upon your request, we will remove your personal data from our databases. To request the removal of your personal data, please contact us at . Please note that while your personal data will be removed from our databases, some information may remain stored on backup or archival media for legal, tax, or regulatory reasons.


Kai’s Education operates by collecting as little personal information as possible about your students or children. Even though we only collect limited personal information this information is kept behind a firewall and SSL encryption. With this safety infrastructure in place, we still follow data security practices to make sure this data is secure.

Kai’s Education will quickly respond to and mitigate any private user data breach, as summarised in our Breach Response Plan.

Guidelines for Administration and IT teams

  • Each user/employee with access is background checked and signs a confidentiality agreement before obtaining their required access.
  • Each user shall be identified by a unique user ID so that individuals can be held accountable for their actions.
  • The use of shared identities is permitted only where they are suitable, such as training accounts or service accounts.
  • Each user shall read this data security policy and the logon and logoff guidelines and sign a statement that they understand the conditions of access.
  • Records of user access may be used to provide evidence for security incident investigations.
  • Access shall be granted based on the principle of least privilege, which means that each program and user will be granted the fewest privileges necessary to complete their tasks.

Network Access

  • All employees and contractors shall be given network access in accordance with business access control procedures and the least-privilege principle.
  • Segregation of networks shall be implemented as recommended by the company’s network security research. Network administrators shall group together information services, users and information systems as appropriate


We conduct regular security audits to verify compliance with established cybersecurity policies and identify vulnerabilities.

User Responsibilities

  •  All users must lock their screens whenever they leave their desks to reduce the risk of unauthorized access. 
  • All users must keep their workplace clear of any sensitive or confidential information when they leave.
  • All users must keep their passwords confidential and not share them.

Application and Information Access

a. All company staff and contractors shall be granted access to the data and applications required for their job roles.
b. All company staff and contractors shall access sensitive data and systems only if there is a business need to do so and they have approval from higher management.

c. Sensitive systems shall be physically or logically isolated in order to restrict access to authorized personnel only.

Access to Confidential, Restricted information

Access to data classified as ‘Confidential’ or ‘Restricted’ shall be limited to authorized persons whose job responsibilities require it, as determined by the Data Security Policy or higher management.

The responsibility to implement access restrictions lies with the IT Security department.


In order to gain access to Kai’s Education student services, the parent, guardian or teacher must first register an account and they must grant parental permission to use the Kai’s Education product. The Parent can delete their child’s account, via their registered account or by contacting

During the registration process, we will collect and store certain information from you and your child or student. As described in this Privacy Policy, we only directly collect PII submitted by Kai’s Education Teacher or Parent accounts. PII is kept private and is not shared publicly or with third parties except as described in this Privacy Policy.


Unsolicited Information Shared by students or children users

Any personal information that we collect is provided by Kai’s Education teacher or parent account. We will not solicit information from a child other than that described above. 

User-Generated Content

When a user engages in some of our user-generated online activities, including coding text output, Comments they may share information that could be considered child-user-generated personally identifiable information (PII). While there is no foolproof system to control child-user-generated PII, Kai’s Education monitors the website and is able to delete child-created user PII. However, you should be aware that any PII your child provides in these areas may be read, collected, or used by other members who access them. The user-generated features within Kai’s Education are: classroom messaging and code comments. No direct message function is available, except between the student and the teacher. All such information remains on our applications and is not transmitted or made available to us nor to any other Third Party.

General Collection of Non-Personal Information

We collect information through technology to make our services more interesting and useful to you and for various purposes related to our business. For instance, when you come to our websites, we collect your IP address. An IP address is associated with the access point through which you access the Internet, and it is typically controlled by your Internet Service Provider (ISP). Standing alone, your IP address is not personally identifiable information. We may use IP addresses to collect information regarding the frequency with and geographic location from which our guests visit various parts of our mobile app.


Our mobile app collects information through a variety of technical methods, including but not necessarily limited to cookies. Cookies are pieces of information that a mobile app sends to your computer while you are viewing the website. We use cookies to make it easier for you to navigate our websites, to store passwords so that you don’t have to enter them more than once and to track and target the interests of our users to enhance the experience on our websites. We also may use technical methods to analyse the traffic patterns on our services, such as the frequency with which our users visit various parts of our websites.

We may use the information collected through these technical methods for many purposes, including delivering content, tracking, and enhancing our users’ experience on our websites. We do not link the information we store in cookies to any personally identifiable information you or your child submit while on our websites.

Web Beacons 

We may log information using digital images called Web beacons on our Website or in our emails. We use Web beacons to manage cookies, count visits, and to learn what marketing works and what does not. We also use Web Beacons to tell if you open or act on our emails.

Analytic Services

We may use third-party analytics services such as Google Analytics to collect information about how you use and interact with our Website. Such third-party analytics services may use cookies to gather information such as the pages you visited, your IP address, a date/time stamp for your visit and which site referred you to the Website. We use these analytics services to help us analyse how people use the Website, improve the Website, and customize the content users see based on their interests. For more information about how Google Analytics uses this information, please refer to its privacy policies made available on its website.

Our website contains links to other apps that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of other apps and whose information practices may be different from ours. You should consult the other websites’ privacy notices, as those are not covered by our Privacy Policy. This Privacy Policy applies to only the information collected by Kai’s Education websites and apps.

Third-party  Authentication Systems (Google, Microsoft 365, Clever, ClassLink)

Third-party authentication systems may provide passive access to student personal information that Kai’s Education does not access or store due to our own stringent privacy policy. For example, if a school shares data through Clever with Kai’s Education, students’ gender and date of birth are included, but that information is not used or stored in the Kai’s Education database. The only user information stored is the user ID, and is used solely for authentication purposes. If you decide to use Google, Microsoft 365, Clever or ClassLink Authentication Services for access to Kai’s Education, it shall be consistent with this Privacy Policy.

Please be aware that Kai’s Education is not responsible for the privacy or data security practices of any other website or service. We encourage our users to be aware when they leave our site and to read the privacy policies and terms of service of all websites that they visit. This Privacy Policy applies solely to information collected by Kai’s Education. The use of all external services or websites are at your own risk, regardless of whether such services are linked or connected to Kai’s Education shall have no liability related to the use of any external service or website.

Data Retention 

We will retain your or your child’s information for as long as your child’s account is active or as needed to provide services. We will retain and use the information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Teachers, Parents or Guardians have the right to approve or deny their child’s accounts. They may also request their child’s information or provide their child’s name, alias, and email address in order to create the account. Parents may request to delete their child’s account by emailing us at

All data, both in transit and at rest, is encrypted using industry-standard protocols. We ensure access is limited to those who need it to perform their job functions.


By following the unsubscribe instructions in the emails you receive, you may opt-out of receiving promotional emails. If you choose to opt-out of promotional emails, you may still receive emails about your account, subscription, and membership activity.


If you have questions or wish to send us comments about this Privacy Policy, please send an email to or write us at:
 Kai’s Education, 2/10 Ben Lomond Crescent, Pakuranga, Auckland 2010, New Zealand


The Privacy Policy set out above, we reserve the right to change the Privacy Policy at our sole discretion. Kai’s Education users will be informed of any such change by notifying users of the new Privacy Policy. The effective date of any change of the Privacy Policy will be clearly marked at the top of the policy. As required by law, we will not use personally identifiable information in ways that are materially different from the ones described in this Privacy Policy without also providing notification of such practices and obtaining consent to any such different uses. If we make material changes to this policy, we will notify you by email to the change becomes effective. If we make material changes to how we use personal information collected from children under 13, we will notify teachers, parents or guardians by email in order to obtain verifiable parental consent for the new uses of the child’s personal information.

Scroll to Top

Thank you for entering.

Good Luck!