Navigation auf

Data protection and security

kihz Daycare Centres

Daycare centres of the kihz Foundation collect and process personal data in order to fulfil their mandate.

In addition to contact- and invoice-related data, written documentation is also pro-duced on the daily routine, educational and developmental processes, and the child's health or concerns. The aim of the documentation is to recognise the children's needs, educational and developmental processes, and interests. The pedagogical approach is optimised accordingly and the children's competences thereby strengthened. For this purpose, image, audio and video recordings and written observations of the child's interests, strengths and developmental pro-gress are made and stored in a documentation form (e.g. portfolio or learning story). This ena-bles caregivers to reflect on their pedagogical approach and to enter into a dialogue with the child or parents about the child's educational and developmental processes.

Data processing software

The kihz Foundation uses software to manage and process personal data, which also includes a secure communication channel for the exchange of information between families and staff. The data is used exclusively for work and organisational purposes within the Foundation. The data will not be passed on to third parties. An exception is the two founders, ETH Zurich and the University of Zurich. They are entitled to receipt of the staff or student numbers of their member families and are authorised to use the data for statistical analysis and for controlling purposes to assess the effectiveness and fulfilment of the Foundation's mission. A second exception is the daycare supervisory authority (Krippenaufsicht) of the City of Zurich, which is authorised by law to inspect the attendance lists. Only authorised persons can access, create and change the data. The data is transmitted and secured with double encryption. The software complies with the EU General Data Protection Regulation (GDPR) and compliance with data security is audited annually by an independent service provider auditor. Any possible data leakage will be reported to the parents or guardians within 72 hours. (See note 1 + 2 below.)

Deleting the data

When the child leaves the Foundation, all relevant documents concerning the child's develop-ment are handed over to the parents or guardians and all personal data is deleted as soon as the final meeting has taken place. The data will be permanently deleted no later than one month after the date of exit. Only data that is subject to storage by law is not deleted. Data that is used for statistical evaluations cannot be traced back to individual persons.


Parents and guardians can obtain information about the data collected and their child's devel-opment at any time. This also applies to parents who live apart and to parents without parental custody.
Information will only be given to specialists and authorities (curative teachers, doctors, psycholo-gists, child and adult protection authorities (KESB) or external specialists) if a written declaration of exemption from the obligation to confidentiality is available, on which it is clearly stated who may give information to whom. (See note 3 to 5 below.)

1 Siehe, (Datenschutz>Internet und Computer>Datensicherheit)

2 Siehe oder (Europa la wand publications>EUR-Lex>EUR-Lex-32016R0679)

3 Siehe, (Bundesrecht>Systematische Rechtssammlung>Landesrecht>Privatrecht-Zivilrechtspflege-Vollstreckung>Zivilgesetzbuch> PAVO), Art.22

4 Siehe, (Bundesrecht>Systematische Rechtssammlung>Landesrecht>Privatrecht-Zivilrechtspflege-Vollstreckung>Obligationenrecht), Art. 321 a Abs.4

5 Siehe, (Bundesrecht>Systematische Rechtssammlung>Landesrecht>Privatrecht-Zivilrechtspflege-Vollstreckung>Zivilgesetzbuch), Art. 275a E


Weiterführende Informationen

kihz Vignette


Data privacy statement