Why childcare data is uniquely sensitive
Photos, developmental records, incident reports, family information — childcare facilities hold detailed information about children and their families. GDPR gives parents the right to access this data, and you have 30 days to respond.
Common DSAR scenarios in childcare
📁 "I want all my child's records"
A parent requests their child's complete file including daily reports, developmental assessments, photos, and communications.
📸 "What photos do you have?"
A parent requests all photos of their child. You need to identify them across newsletters, social media, and internal records.
👨👩👧 Separated parents requesting data
Both parents may have rights to access their child's data. You need to verify custody arrangements and handle appropriately.
📝 "What do you have on me?" (from ex-staff)
Former employees can request their personnel records. You need to redact information about children and other staff.
The data childcare facilities hold
Child Records
Names, DOB, medical info, developmental notes
Family Information
Parent contact details, emergency contacts, custody info
Photos & Videos
Daily activities, events, social media posts
Incident Reports
Accidents, incidents, behavioral observations
Staff Records
HR files, Garda vetting, training records
CCTV
Security footage including children
How SAR Portal helps childcare providers
Verify parental rights
OTP verification plus ability to request additional documentation for custody or guardianship verification.
Protect other children
AI-powered redaction automatically identifies and removes information about other children before sharing records.
Tusla-ready audit trail
Complete documentation of all data requests and responses for regulatory compliance and inspections.
Secure delivery
Records delivered via secure portal. No sensitive children's data sent via email attachments.