Understanding consent in childcare and school apps
When you enrol your child in childcare or school, you’re often asked to sign consent forms, whether it’s for an excursion or incursion, a sports activity, or for enrolment in an app. Sometimes you’re given much information but, more often than not, you’re asked to consent quickly and without much explanation.
Consent is more than a signature. It’s a clear agreement about how your child’s information, photos and documents can be collected, used and shared. Understanding what you’re saying yes (or no) to helps keep your child’s digital world safe and predictable. There’s a lot to say about consent, but one thing is clear: you always have the right to question items on a consent form, and a school or their educators should always be able to give you the clarity you need.
In this article, we share more about how to make sense of consent, what to look for, and the rights you have as a parent in Australia.
What consent means, and what to watch for
Consent is your permission for a centre or school to do specific things with your child's information. That includes status updates, their images, and other behavioural information. Good consent is clear, specific and unbundled. Let’s explore what this means.
-
Clear consent is written in plain language, without vague phrases or technical terms that leave you guessing. You should be able to read a clause once and know what it covers: how your child’s data will be collected, why, and where it will go. If you find yourself wondering “What does this actually mean?”, the consent isn’t clear enough. Centres and schools should be able to explain any clause in simple terms, and you have every right to ask.
-
Specific consent tells you precisely what will be done with your child’s information. For example, “permission to store photos in the app for my family to view” is specific. “Permission to use photos for educational purposes” is not. It could mean anything from internal documentation to social media posts. When consent is specific, you know the exact purpose behind each request and can decide whether you’re comfortable with it.
-
Consent works best when each permission stands on its own. Photo permissions should be separate from data-sharing permissions. Internal training use should be separate from app updates. Marketing use should always be a completely separate choice. When consent is bundled together, it becomes difficult to decline one part without declining all of it. When permissions are separated, you can shape your child’s digital footprint more confidently: saying yes where you’re comfortable and no where you’re not.
In consent forms, pay particular attention to vague phrases like “service improvement,” “third-party partners,” or “education-related purposes”. These can hide broader data-sharing arrangements. In these cases, it’s not unlikely that your child’s data is shared with other commercial entities, such as social networks, advertisers, or other technology vendors. Marketing and promotional clauses should always be optional, and internal training clauses deserve equal scrutiny; they may allow images of your child to be shown to people who have no direct role in their care.
If something feels ambiguous, ask for it to be clarified, amended or crossed out. Consent is not a one-directional obligation; it’s a negotiation.
Your rights as a parent in Australia
Under Australian privacy law, particularly the Privacy Act 1988 and the Australian Privacy Principles (APPs), you have the right to understand and control how your child's personal information is handled.
That means you have the right to ask why the information is being collected and whether it is genuinely necessary. You can ask how it will be used and who it will be shared with. You can request corrections if something is wrong, and you can ask for information to be deleted when it is no longer needed. And if a centre or vendor experiences a data breach that is likely to cause serious harm, you have the right to be notified under the Notifiable Data Breaches scheme.
Importantly, you can say no. You can decline photo permissions; you can limit how widely images are shared; you can refuse marketing or internal training use; and you can ask for alternative practices if your child cannot be photographed. A centre may need some information for legal or operational reasons, but you are never required to consent to unnecessary uses of your child’s data.
That said, at Safer Footprint we recognise the reality of today’s educational technology landscape. Many childcare centres and schools rely on commercial EdTech platforms for core functions, such as enrolment, attendance, wellbeing records, reporting, and communication. It means you may not be able to opt out of the platform itself without opting out of the centre or school entirely. But it means you still have the legal right to withhold consent for optional features, such as status updates, photography, and the use of that data for other non-essential purposes.
Consent is still your strongest opportunity to set boundaries. It’s designed to protect your child, not to push you into choices that don’t feel right. Even within a system where enrolling your child on an app is compulsory, you can shape how your child appears in it and how much of their digital footprint they leave behind.
