Kids Club Systems Privacy Policy
We understand your privacy is important, and we’re dedicated to keeping your personal information safe. Whether you’re exploring our website www.kidsclubsystems.com, joining our membership for courses and community, or using our FreddieAI platform to grow your kids’ club/activity business, we collect and use your data in ways that are transparent, fair, and respectful of your rights.
This Privacy Policy explains what we do with your information, how we protect it, and how you can control it. By using our website or services, you’re agreeing to this policy, so please take a moment to read it.
Have questions? Please contact us by email [email protected].
Who We Are
Our Site is owned and operated by TriMiko Limited, trading as Kids Club Systems, a company registered in Hong Kong, under company number 77710880, who's registered office is at Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong.
Our services include:
Website: Explore info, download content, or sign up for newsletters and events.
Membership: Access learning courses and a community for kids’ club/activity professionals.
FreddieAI: Our Software-as-a-Service (SaaS) CRM platform for marketing, available to clients with a subscription.
We serve businesses in the USA, Canada, Australia, and New Zealand, exclusively for the kids’ club/activity industry (eg. gymnastics gyms, swim schools, martial arts academies, dance studios). We follow Hong Kong’s Personal Data (Privacy) Ordinance (PDPO) (Cap. 486), along with USA federal and state privacy laws (California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), Telephone Consumer Protection Act (TCPA), CAN-SPAM Act), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada’s Anti-Spam Legislation (CASL), Australia’s Privacy Act 1988 and Spam Act 2003, and New Zealand’s Privacy Act 2020 and Unsolicited Electronic Messages Act 2007.
Exclusion of UK/EU Users
Kids Club Systems serves businesses in the USA, Canada, Australia, and New Zealand, excluding the United Kingdom and European Union. If you are a UK or EU resident or a business operating in those jurisdictions, we will not process your request or provide services, as we do not operate in your region. Only minimal data (e.g. country selection, form fields) is collected for this purpose and is deleted immediately, in compliance with Hong Kong’s PDPO.
What Is Personal Data?
Personal data is anything that can identify you, like your name, email, phone number, or IP address, as defined by Hong Kong’s PDPO and other laws. We’re committed to handling it carefully, and this policy shows you how.
When you use our website or membership services, TriMiko Limited is the data controller, managing data like your name or email in line with Hong Kong’s PDPO and other laws. For FreddieAI, we’re the data processor, handling data (e.g.parent/child names, dates of birth) uploaded by our clients, who are the data controllers. Clients decide how and why this data is used and must follow their local privacy laws, as outlined in our Security & Compliance Policy and Terms of Service/DPA.
What Data Do We Collect and How?
We collect data based on how you use our services, always sticking to the PDPO’s rules (e.g. only collecting what we need, using it fairly).
Here’s what we gather:
Identity Data: First name, last name, username, business name - You provide it through forms, sign-ups, or FreddieAI account setup
Contact Data: Email address, phone number, billing address - You give it to us via forms, purchases, or clients upload it to FreddieAI
Financial Data: Payment card details (securely processed, not stored by us) - Collected via Stripe when you pay for memberships, courses, or FreddieAI
Transaction Data: Details of payments and services you purchase - Automatically recorded during purchases or subscriptions
Technical Data: IP address, browser type/version, operating system, device settings - Collected automatically via cookies or device data when you use our website or services
Profile Data: Username, password, preferences, course progress, feedback - You share it when creating an account, joining the community, or filling out surveys
Usage Data: How you use our website, membership, or FreddieAI (e.g., pages visited, features used) - Gathered automatically via cookies, analytics tools, or FreddieAI logs
Marketing and Communications Data: Your preferences for receiving marketing or communication methods - You share it through consent forms or opt-in settings
FreddieAI Customer Data: Parent/child names, dates of birth, contact details - Uploaded by clients (data controllers) for marketing/CRM in FreddieAI
We don’t collect sensitive data (e.g. health info) or criminal records, except where clients upload such data to FreddieAI, which they control as data controllers. See “Children’s Data” below for more.
How Do We Use Your Personal Data?
We use your data to deliver awesome services, always following the PDPO’s guidelines (e.g. clear purposes, minimal data) and other laws. Here’s how and why we’re allowed:
Sign you up as a customer or process data in FreddieAI
Data Used: Identity, Contact, Transaction, FreddieAI Customer Data
Why It’s Allowed: To fulfill our contract with you (e.g. SaaS or membership agreement); PDPO lawful purpose
Handle payments and deliver services (e.g, courses, FreddieAI tools)
Data Used: Identity, Contact, Financial, Transaction
Why It’s Allowed: To fulfill our contract; our legitimate interest to recover payments; PDPO lawful purpose
Keep in touch (e.g. update you on policy changes, ask for feedback)
Data Used: Identity, Contact, Profile, Marketing and Communications
Why It’s Allowed: To fulfill our contract; meet legal duties; our legitimate interest to improve services; PDPO lawful purpose
Let you join surveys, promotions, or our community
Data Used: Identity, Contact, Profile, Usage, Marketing and Communications
Why It’s Allowed: To fulfill our contract; our legitimate interest to grow and improve; PDPO lawful purpose
Protect and manage our services (e.g. fix issues, prevent fraud)
Data Used: Identity, Contact, Technical, FreddieAI Customer Data
Why It’s Allowed: Our legitimate interest to keep services secure; legal duties; PDPO security principle
Show relevant content or ads and check how they perform
Data Used: Identity, Contact, Profile, Usage, Marketing and Communications, Technical
Why It’s Allowed: Our legitimate interest to improve services and marketing; your consent for marketing; PDPO consent requirement
Use analytics to make our website and services better
Data Used: Technical, Usage
Why It’s Allowed: Our legitimate interest to understand usage; PDPO lawful purpose
Suggest products or services (e.g. marketing tools, courses)
Data Used: Identity, Contact, Technical, Usage, Profile, Marketing and Communications
Why It’s Allowed: Our legitimate interest to offer relevant services; your consent for marketing; PDPO consent requirement
For FreddieAI, we’re the data processor, handling client-uploaded data (e.g. parent/child names, DOBs) only as instructed by our clients (data controllers), per our Terms of Service and DPA. For website and membership services, as the data controller, we’ll ask for your clear consent before sending marketing messages (e.g. SMS, email, Voice AI) or sharing data with partners for marketing, as required by the PDPO and other laws. You can opt out anytime (see “A2P Communications”). If we want to use your data for a new purpose that fits the original one, we’ll let you know if required. For completely new purposes, we’ll ask for your consent.
Your Rights
Under Hong Kong’s PDPO and other laws (e.g. CCPA, VCDPA, PIPEDA, Privacy Act 1988, Privacy Act 2020), you (e.g. website visitors, membership users, FreddieAI clients) and your customers (e.g. parents) have rights to control your data:
Right to Be Informed: Know how we use your data (this policy explains it).
Right to Access: See what data we hold (PDPO: Data Access Request).
Right to Rectification: Fix incorrect or incomplete data (PDPO: Data Correction Request).
Right to Deletion: Ask us to delete your data (subject to legal requirements).
Right to Restrict Processing: Limit how we use your data (where allowed).
Right to Object: Say no to certain uses, like marketing (PDPO: object to direct marketing).
Right to Withdraw Consent: Stop marketing or data sharing anytime.
Right to Data Portability: Get your data in a usable format to share elsewhere (if you provided it directly and it’s processed automatically, where applicable under CCPA/PIPEDA).
For website or membership data, contact us directly at [email protected] or Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong.
For FreddieAI customer data (e.g parent requests), please direct your request to your kids’ club/activity provider (the data controller), you will find contact details on their website/s. If we receive a request directly, we'll forward it to our client right away and assist them in responding (e.g. locating or deleting data in our systems), as outlined in our Security & Compliance Policy and DPA.
Our clients are responsible for following their local laws, like maintaining consent for marketing. We aim to acknowledge any requests within 30 days (or 45 days for complex ones under CCPA/PIPEDA; 40 days under PDPO for access/correction), but the full response will be from your kids’ club/activity provider (the data controller). There’s no fee unless requests are excessive or repetitive, per PDPO rules.
Cookies and Tracking
We use cookies and similar technologies, like web beacons or browser storage on our website www.kidsclubsystems.com to make your experience seamless, understand how you use our site, and keep things secure, all while following the PDPO’s rules. Cookies are small files stored on your device when you visit. Please read this section to understand our practices. By continuing to use our website or clicking “accept” on our cookie consent banner, you agree to our Cookie Policy. If you don’t agree, please stop using our website.
Definitions
Cookie: A small file placed on your device when you visit parts of our website or use its features.
Personal Data: Information that can identify you, as defined by Hong Kong’s PDPO and other laws (e.g. CCPA, PIPEDA).
We/Us/Our: TriMiko Limited, trading as Kids Club Systems, a Hong Kong-registered company (Company Number: 77710880).
How We Use Cookies
We use first-party cookies (set by us) and third-party cookies (set by trusted partners) to enhance your experience and protect your privacy, in line with the PDPO and other laws.
We use these types:
Strictly Necessary Cookies: Essential for our website to work, like logins or secure payments. You can’t turn these off.
Functionality Cookies: Save your preferences, like login details or course progress, for a personalized experience.
Analytics Cookies: Gather anonymous data on how you use our site (e.g., pages visited, time spent) to improve it.
Marketing Cookies: Show tailored ads or content (e.g., course promotions) based on your browsing, with your consent.
Security Cookies: Protect against threats like unauthorized access.
Cookies can be:
Session Cookies: Disappear when you close your browser.
Persistent Cookies: Stay until you delete them or they expire (e.g., up to 12 months for analytics/marketing).
Cookies We Use
Here’s what cookies we may place on your device to make your experience better and keep our site secure, all following the PDPO’s rules:
cookie_consent: Helps us remember your cookie preferences (Necessary, .kidsclubsystems.com, /, 365 days, First-party)
XSRF-TOKEN: Keeps your account safe from attacks (Necessary, app.kidsclubsystems.com, /, 2 hours, First-party)
session_id: Keeps you logged in while you browse (Necessary, .kidsclubsystems.com, /, Session, First-party)
lang: Remembers your chosen language for a smoother visit (Preferences, .kidsclubsystems.com, /, Session, First-party)
theme: Saves your preferred look (e.g., light or dark mode) (Preferences, .kidsclubsystems.com, /, 30 days, First-party)
_ga: Tracks how you use our site to improve it (Analytical, .kidsclubsystems.com, /, 730 days, Third-party)
_gid: Monitors your sessions to enhance our services (Analytical, .kidsclubsystems.com, /, 1 day, Third-party)
_gat: Manages data collection speed for better performance (Analytical, .kidsclubsystems.com, /, 1 hour, Third-party)
_fbp: Helps show you relevant ads based on your visits (Marketing, .kidsclubsystems.com, /, 90 days, Third-party)
IDE: Delivers personalized ads across the web (Marketing, .doubleclick.net, /, 390 days, Third-party)
UserMatchHistory: Tracks your interests for tailored LinkedIn ads (Marketing, .linkedin.com, /, 30 days, Third-party)
Our analytics tools (e.g. Google Analytics) use cookies to collect anonymous data, helping us improve our website. You can opt out of non-essential cookies without losing core functionality, per PDPO requirements.
Consent and Control
We’ll show a pop-up consent banner when you first visit, asking for your approval for non-essential cookies, as required by the PDPO. You can accept or decline; strictly necessary cookies stay on.
Manage cookies via:
Our Website: Update preferences in the footer’s cookie tool.
Browser Settings: Enable/disable or delete cookies.
Check these guides:
Google Chrome: https://support.google.com/chrome/answer/95647
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge
Safari (macOS): https://support.apple.com/kb/PH21411
Safari (iOS): https://support.apple.com/HT201265
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies
Android: https://support.google.com/chrome/answer/95647
Declining non-essential cookies might limit features like personalized ads or course tracking.
Changes to Cookie Policy
We may update this cookie policy, posting changes on our website. Continued use means you accept the updates. For more on how we handle personal data, see the full Privacy Policy below.
A2P Communications
We use SMS, email, and Voice AI to connect with you and, for FreddieAI clients, your customers (e.g. parents). We follow Hong Kong’s PDPO (e.g. consent for direct marketing), USA (TCPA, CAN-SPAM Act), Canada (CASL), Australia (Spam Act 2003), and New Zealand (Unsolicited Electronic Messages Act 2007) rules for Application-to-Person (A2P) messaging:
Consent: We get your clear opt-in consent (e.g via forms, texting “JOIN”) before sending marketing messages, per PDPO and other laws. FreddieAI clients, as data controllers, must get customer consent and register campaigns (e.g., A2P 10DLC in the USA), as detailed in our Security & Compliance Policy and Terms of Service/DPA.
Opt-Out: You can stop messages anytime:
SMS: Reply “STOP” to unsubscribe, processed instantly.
Email: Click the unsubscribe link, processed within 10 business days.
Voice AI: Follow call instructions (e.g. keypress).
Sender Identification: Messages show Kids Club Systems, with contact details (eg. email: [email protected])
FreddieAI Clients: Clients handle A2P compliance, including consent records and campaign registration. We provide templates, but clients are liable for issues like third-party platform bans (e.g. Twilio, Lead Connector), per our Security & Compliance Policy.
Who We Share Information With
Service Providers:
We share data with trusted partners to run our services, under strict agreements ensuring PDPO compliance:
Payment Processor: Stripe (https://stripe.com/privacy) for secure payments.
Infrastructure: Google BigQuery, AWS, HighLevel, LeadConnector, MongoDB for data storage and analytics.
Communications: Twilio & Lead Connector (SMS/voice), SendGrid (email) for A2P messaging.
Support: Tawk.to (knowledge base), Trello (project management), Sentry (error tracking).
Providers follow PDPO, CCPA, VCDPA, PIPEDA, and other laws. We’re not liable for their failures, as noted in our Security & Compliance Policy and Terms of Service.
Trusted Partners: With your consent, we share non-personal data (e.g. browsing habits) for tailored ads, per PDPO direct marketing rules. Opt out via email or cookie settings.
Legal Obligations: We may share data if required by law (e.g. court orders, privacy commissioner requests), keeping it minimal.
No External Sharing: We don’t sell or share your data beyond these cases.
How Long Do We Keep Your Personal Data?
We keep data only as long as needed for its purpose or legal requirements, per the PDPO’s retention principle:
Identity Data: While you’re a customer; 2 years after
Contact Data: While you’re a customer; 2 years after
Financial Data: 6 years (e.g. for tax compliance)
Transaction Data: 6 years
Technical Data: 2 years
Profile Data: While you’re a customer; 3 years after
Usage Data: 2 years
Marketing and Communications Data: While you’re a customer; 3 years after, or 3 years after an inquiry
Enquiries: 12 months after inquiry
FreddieAI Customer Data: Per client instructions; deleted 30 days after account closure
Data Security
We protect your data with encryption, access controls, and breach detection, following the PDPO’s security principle and other laws, as detailed in our Security & Compliance Policy. Data is stored on SOC 2 Type 2 and ISO 27001-compliant servers (e.g. AWS, Google Cloud). No internet transmission is 100% secure, but we use top-notch standards. You’re responsible for keeping your passwords safe.
Data Transfers
Your data may move to USA servers (e.g. AWS, Google Cloud). Financial information for accounting, may be transferred to Hong Kong for our administrative operations, secured by PDPO-compliant measures (e.g. encryption, SOC 2/ISO 27001 servers). We ensure PDPO compliance for cross-border transfers (e.g. secure agreements) and meet CCPA, PIPEDA, and other laws’ standards.
Children’s Data
We don’t knowingly collect data from individuals under 18, in line with Hong Kong’s PDPO and other laws (e.g. COPPA in the USA, PIPEDA in Canada). FreddieAI clients, as data controllers, must ensure compliance with their local laws for customer data involving minors, as outlined in our Security & Compliance Policy.
Governing Law and Dispute Resolution
This Privacy Policy is governed by the laws of England and Wales, excluding the EU and UK GDPR, as we do not operate in those jurisdictions. Any disputes related to your data will be resolved through binding arbitration in London, England, under the London Court of International Arbitration (LCIA) rules. See our Terms of Service for more details.
Complaints
Reach us at [email protected] or Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong. You can also contact your local authority, like, California Attorney General, Canada’s Privacy Commissioner, Australian Information Commissioner, or New Zealand Privacy Commissioner.
Policy Updates
We may update this policy to reflect new practices or laws, including PDPO compliance. Changes will be posted on our website with a new “Last Updated” date. Big changes will be shared via email or FreddieAI. Continuing to use our services means you accept the updates.
Contact Us
Email [email protected], or write to Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong for questions or to use your rights.
Kids Club Systems
Privacy Policy
We understand your privacy is important, and we’re dedicated to keeping your personal information safe. Whether you’re exploring our website www.kidsclubsystems.com, joining our membership for courses and community, or using our FreddieAI platform to grow your kids’ club/activity business, we collect and use your data in ways that are transparent, fair, and respectful of your rights.
This Privacy Policy explains what we do with your information, how we protect it, and how you can control it. By using our website or services, you’re agreeing to this policy, so please take a moment to read it.
Have questions? Please contact us by email [email protected].
Who We Are
Our Site is owned and operated by TriMiko Limited, trading as Kids Club Systems, a company registered in Hong Kong, under company number 77710880, who's registered office is at Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong.
Our services include:
Website: Explore info, download content, or sign up for newsletters and events.
Membership: Access learning courses and a community for kids’ club/activity professionals.
FreddieAI: Our Software-as-a-Service (SaaS) CRM platform for marketing, available to clients with a subscription.
We serve businesses in the USA, Canada, Australia, and New Zealand, exclusively for the kids’ club/activity industry (eg. gymnastics gyms, swim schools, martial arts academies, dance studios). We follow Hong Kong’s Personal Data (Privacy) Ordinance (PDPO) (Cap. 486), along with USA federal and state privacy laws (California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), Telephone Consumer Protection Act (TCPA), CAN-SPAM Act), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada’s Anti-Spam Legislation (CASL), Australia’s Privacy Act 1988 and Spam Act 2003, and New Zealand’s Privacy Act 2020 and Unsolicited Electronic Messages Act 2007.
Exclusion of UK/EU Users
Kids Club Systems serves businesses in the USA, Canada, Australia, and New Zealand, excluding the United Kingdom and European Union. If you are a UK or EU resident or a business operating in those jurisdictions, we will not process your request or provide services, as we do not operate in your region. Only minimal data (e.g. country selection, form fields) is collected for this purpose and is deleted immediately, in compliance with Hong Kong’s PDPO.
What Is Personal Data?
Personal data is anything that can identify you, like your name, email, phone number, or IP address, as defined by Hong Kong’s PDPO and other laws. We’re committed to handling it carefully, and this policy shows you how.
When you use our website or membership services, TriMiko Limited is the data controller, managing data like your name or email in line with Hong Kong’s PDPO and other laws. For FreddieAI, we’re the data processor, handling data (e.g.parent/child names, dates of birth) uploaded by our clients, who are the data controllers. Clients decide how and why this data is used and must follow their local privacy laws, as outlined in our Security & Compliance Policy and Terms of Service/DPA.
What Data Do We Collect and How?
We collect data based on how you use our services, always sticking to the PDPO’s rules (e.g. only collecting what we need, using it fairly).
Here’s what we gather:
Identity Data: First name, last name, username, business name - You provide it through forms, sign-ups, or FreddieAI account setup
Contact Data: Email address, phone number, billing address - You give it to us via forms, purchases, or clients upload it to FreddieAI
Financial Data: Payment card details (securely processed, not stored by us) - Collected via Stripe when you pay for memberships, courses, or FreddieAI
Transaction Data: Details of payments and services you purchase - Automatically recorded during purchases or subscriptions
Technical Data: IP address, browser type/version, operating system, device settings - Collected automatically via cookies or device data when you use our website or services
Profile Data: Username, password, preferences, course progress, feedback - You share it when creating an account, joining the community, or filling out surveys
Usage Data: How you use our website, membership, or FreddieAI (e.g., pages visited, features used) - Gathered automatically via cookies, analytics tools, or FreddieAI logs
Marketing and Communications Data: Your preferences for receiving marketing or communication methods - You share it through consent forms or opt-in settings
FreddieAI Customer Data: Parent/child names, dates of birth, contact details - Uploaded by clients (data controllers) for marketing/CRM in FreddieAI
We don’t collect sensitive data (e.g. health info) or criminal records, except where clients upload such data to FreddieAI, which they control as data controllers. See “Children’s Data” below for more.
How Do We Use Your Personal Data?
We use your data to deliver awesome services, always following the PDPO’s guidelines (e.g. clear purposes, minimal data) and other laws. Here’s how and why we’re allowed:
Sign you up as a customer or process data in FreddieAI
Data Used: Identity, Contact, Transaction, FreddieAI Customer Data
Why It’s Allowed: To fulfill our contract with you (e.g. SaaS or membership agreement); PDPO lawful purpose
Handle payments and deliver services (e.g, courses, FreddieAI tools)
Data Used: Identity, Contact, Financial, Transaction
Why It’s Allowed: To fulfill our contract; our legitimate interest to recover payments; PDPO lawful purpose
Keep in touch (e.g. update you on policy changes, ask for feedback)
Data Used: Identity, Contact, Profile, Marketing and Communications
Why It’s Allowed: To fulfill our contract; meet legal duties; our legitimate interest to improve services; PDPO lawful purpose
Let you join surveys, promotions, or our community
Data Used: Identity, Contact, Profile, Usage, Marketing and Communications
Why It’s Allowed: To fulfill our contract; our legitimate interest to grow and improve; PDPO lawful purpose
Protect and manage our services (e.g. fix issues, prevent fraud)
Data Used: Identity, Contact, Technical, FreddieAI Customer Data
Why It’s Allowed: Our legitimate interest to keep services secure; legal duties; PDPO security principle
Show relevant content or ads and check how they perform
Data Used: Identity, Contact, Profile, Usage, Marketing and Communications, Technical
Why It’s Allowed: Our legitimate interest to improve services and marketing; your consent for marketing; PDPO consent requirement
Use analytics to make our website and services better
Data Used: Technical, Usage
Why It’s Allowed: Our legitimate interest to understand usage; PDPO lawful purpose
Suggest products or services (e.g. marketing tools, courses)
Data Used: Identity, Contact, Technical, Usage, Profile, Marketing and Communications
Why It’s Allowed: Our legitimate interest to offer relevant services; your consent for marketing; PDPO consent requirement
For FreddieAI, we’re the data processor, handling client-uploaded data (e.g. parent/child names, DOBs) only as instructed by our clients (data controllers), per our Terms of Service and DPA. For website and membership services, as the data controller, we’ll ask for your clear consent before sending marketing messages (e.g. SMS, email, Voice AI) or sharing data with partners for marketing, as required by the PDPO and other laws. You can opt out anytime (see “A2P Communications”). If we want to use your data for a new purpose that fits the original one, we’ll let you know if required. For completely new purposes, we’ll ask for your consent.
Your Rights
Under Hong Kong’s PDPO and other laws (e.g. CCPA, VCDPA, PIPEDA, Privacy Act 1988, Privacy Act 2020), you (e.g. website visitors, membership users, FreddieAI clients) and your customers (e.g. parents) have rights to control your data:
Right to Be Informed: Know how we use your data (this policy explains it).
Right to Access: See what data we hold (PDPO: Data Access Request).
Right to Rectification: Fix incorrect or incomplete data (PDPO: Data Correction Request).
Right to Deletion: Ask us to delete your data (subject to legal requirements).
Right to Restrict Processing: Limit how we use your data (where allowed).
Right to Object: Say no to certain uses, like marketing (PDPO: object to direct marketing).
Right to Withdraw Consent: Stop marketing or data sharing anytime.
Right to Data Portability: Get your data in a usable format to share elsewhere (if you provided it directly and it’s processed automatically, where applicable under CCPA/PIPEDA).
For website or membership data, contact us directly at [email protected] or Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong.
For FreddieAI customer data (e.g parent requests), please direct your request to your kids’ club/activity provider (the data controller), you will find contact details on their website/s. If we receive a request directly, we'll forward it to our client right away and assist them in responding (e.g. locating or deleting data in our systems), as outlined in our Security & Compliance Policy and DPA.
Our clients are responsible for following their local laws, like maintaining consent for marketing. We aim to acknowledge any requests within 30 days (or 45 days for complex ones under CCPA/PIPEDA; 40 days under PDPO for access/correction), but the full response will be from your kids’ club/activity provider (the data controller). There’s no fee unless requests are excessive or repetitive, per PDPO rules.
Cookies and Tracking
We use cookies and similar technologies, like web beacons or browser storage on our website www.kidsclubsystems.com to make your experience seamless, understand how you use our site, and keep things secure, all while following the PDPO’s rules. Cookies are small files stored on your device when you visit. Please read this section to understand our practices. By continuing to use our website or clicking “accept” on our cookie consent banner, you agree to our Cookie Policy. If you don’t agree, please stop using our website.
Definitions
Cookie: A small file placed on your device when you visit parts of our website or use its features.
Personal Data: Information that can identify you, as defined by Hong Kong’s PDPO and other laws (e.g. CCPA, PIPEDA).
We/Us/Our: TriMiko Limited, trading as Kids Club Systems, a Hong Kong-registered company (Company Number: 77710880).
How We Use Cookies
We use first-party cookies (set by us) and third-party cookies (set by trusted partners) to enhance your experience and protect your privacy, in line with the PDPO and other laws.
We use these types:
Strictly Necessary Cookies: Essential for our website to work, like logins or secure payments. You can’t turn these off.
Functionality Cookies: Save your preferences, like login details or course progress, for a personalized experience.
Analytics Cookies: Gather anonymous data on how you use our site (e.g., pages visited, time spent) to improve it.
Marketing Cookies: Show tailored ads or content (e.g., course promotions) based on your browsing, with your consent.
Security Cookies: Protect against threats like unauthorized access.
Cookies can be:
Session Cookies: Disappear when you close your browser.
Persistent Cookies: Stay until you delete them or they expire (e.g., up to 12 months for analytics/marketing).
Cookies We Use
Here’s what cookies we may place on your device to make your experience better and keep our site secure, all following the PDPO’s rules:
cookie_consent: Helps us remember your cookie preferences (Necessary, .kidsclubsystems.com, /, 365 days, First-party)
XSRF-TOKEN: Keeps your account safe from attacks (Necessary, app.kidsclubsystems.com, /, 2 hours, First-party)
session_id: Keeps you logged in while you browse (Necessary, .kidsclubsystems.com, /, Session, First-party)
lang: Remembers your chosen language for a smoother visit (Preferences, .kidsclubsystems.com, /, Session, First-party)
theme: Saves your preferred look (e.g., light or dark mode) (Preferences, .kidsclubsystems.com, /, 30 days, First-party)
_ga: Tracks how you use our site to improve it (Analytical, .kidsclubsystems.com, /, 730 days, Third-party)
_gid: Monitors your sessions to enhance our services (Analytical, .kidsclubsystems.com, /, 1 day, Third-party)
_gat: Manages data collection speed for better performance (Analytical, .kidsclubsystems.com, /, 1 hour, Third-party)
_fbp: Helps show you relevant ads based on your visits (Marketing, .kidsclubsystems.com, /, 90 days, Third-party)
IDE: Delivers personalized ads across the web (Marketing, .doubleclick.net, /, 390 days, Third-party)
UserMatchHistory: Tracks your interests for tailored LinkedIn ads (Marketing, .linkedin.com, /, 30 days, Third-party)
Our analytics tools (e.g. Google Analytics) use cookies to collect anonymous data, helping us improve our website. You can opt out of non-essential cookies without losing core functionality, per PDPO requirements.
Consent and Control
We’ll show a pop-up consent banner when you first visit, asking for your approval for non-essential cookies, as required by the PDPO. You can accept or decline; strictly necessary cookies stay on.
Manage cookies via:
Our Website: Update preferences in the footer’s cookie tool.
Browser Settings: Enable/disable or delete cookies.
Check these guides:
Google Chrome: https://support.google.com/chrome/answer/95647
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge
Safari (macOS): https://support.apple.com/kb/PH21411
Safari (iOS): https://support.apple.com/HT201265
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies
Android: https://support.google.com/chrome/answer/95647
Declining non-essential cookies might limit features like personalized ads or course tracking.
Changes to Cookie Policy
We may update this cookie policy, posting changes on our website. Continued use means you accept the updates. For more on how we handle personal data, see the full Privacy Policy below.
A2P Communications
We use SMS, email, and Voice AI to connect with you and, for FreddieAI clients, your customers (e.g. parents). We follow Hong Kong’s PDPO (e.g. consent for direct marketing), USA (TCPA, CAN-SPAM Act), Canada (CASL), Australia (Spam Act 2003), and New Zealand (Unsolicited Electronic Messages Act 2007) rules for Application-to-Person (A2P) messaging:
Consent: We get your clear opt-in consent (e.g via forms, texting “JOIN”) before sending marketing messages, per PDPO and other laws. FreddieAI clients, as data controllers, must get customer consent and register campaigns (e.g., A2P 10DLC in the USA), as detailed in our Security & Compliance Policy and Terms of Service/DPA.
Opt-Out: You can stop messages anytime:
SMS: Reply “STOP” to unsubscribe, processed instantly.
Email: Click the unsubscribe link, processed within 10 business days.
Voice AI: Follow call instructions (e.g. keypress).
Sender Identification: Messages show Kids Club Systems, with contact details (eg. email: [email protected])
FreddieAI Clients: Clients handle A2P compliance, including consent records and campaign registration. We provide templates, but clients are liable for issues like third-party platform bans (e.g. Twilio, Lead Connector), per our Security & Compliance Policy.
Who We Share Information With
Service Providers:
We share data with trusted partners to run our services, under strict agreements ensuring PDPO compliance:
Payment Processor: Stripe (https://stripe.com/privacy) for secure payments.
Infrastructure: Google BigQuery, AWS, HighLevel, LeadConnector, MongoDB for data storage and analytics.
Communications: Twilio & Lead Connector (SMS/voice), SendGrid (email) for A2P messaging.
Support: Tawk.to (knowledge base), Trello (project management), Sentry (error tracking).
Providers follow PDPO, CCPA, VCDPA, PIPEDA, and other laws. We’re not liable for their failures, as noted in our Security & Compliance Policy and Terms of Service.
Trusted Partners: With your consent, we share non-personal data (e.g. browsing habits) for tailored ads, per PDPO direct marketing rules. Opt out via email or cookie settings.
Legal Obligations: We may share data if required by law (e.g. court orders, privacy commissioner requests), keeping it minimal.
No External Sharing: We don’t sell or share your data beyond these cases.
How Long Do We Keep Your Personal Data?
We keep data only as long as needed for its purpose or legal requirements, per the PDPO’s retention principle:
Identity Data: While you’re a customer; 2 years after
Contact Data: While you’re a customer; 2 years after
Financial Data: 6 years (e.g. for tax compliance)
Transaction Data: 6 years
Technical Data: 2 years
Profile Data: While you’re a customer; 3 years after
Usage Data: 2 years
Marketing and Communications Data: While you’re a customer; 3 years after, or 3 years after an inquiry
Enquiries: 12 months after inquiry
FreddieAI Customer Data: Per client instructions; deleted 30 days after account closure
Data Security
We protect your data with encryption, access controls, and breach detection, following the PDPO’s security principle and other laws, as detailed in our Security & Compliance Policy. Data is stored on SOC 2 Type 2 and ISO 27001-compliant servers (e.g. AWS, Google Cloud). No internet transmission is 100% secure, but we use top-notch standards. You’re responsible for keeping your passwords safe.
Data Transfers
Your data may move to USA servers (e.g. AWS, Google Cloud). Financial information for accounting, may be transferred to Hong Kong for our administrative operations, secured by PDPO-compliant measures (e.g. encryption, SOC 2/ISO 27001 servers). We ensure PDPO compliance for cross-border transfers (e.g. secure agreements) and meet CCPA, PIPEDA, and other laws’ standards.
Children’s Data
We don’t knowingly collect data from individuals under 18, in line with Hong Kong’s PDPO and other laws (e.g. COPPA in the USA, PIPEDA in Canada). FreddieAI clients, as data controllers, must ensure compliance with their local laws for customer data involving minors, as outlined in our Security & Compliance Policy.
Governing Law and Dispute Resolution
This Privacy Policy is governed by the laws of England and Wales, excluding the EU and UK GDPR, as we do not operate in those jurisdictions. Any disputes related to your data will be resolved through binding arbitration in London, England, under the London Court of International Arbitration (LCIA) rules. See our Terms of Service for more details.
Complaints
Reach us at [email protected] or Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong. You can also contact your local authority, like, California Attorney General, Canada’s Privacy Commissioner, Australian Information Commissioner, or New Zealand Privacy Commissioner.
Policy Updates
We may update this policy to reflect new practices or laws, including PDPO compliance. Changes will be posted on our website with a new “Last Updated” date. Big changes will be shared via email or FreddieAI. Continuing to use our services means you accept the updates.
Contact Us
Email [email protected], or write to Unit 1603, 16/F, The L. Plaza, 367–375 Queen's Road Central, Sheung Wan, Hong Kong for questions or to use your rights.
Copyright © Kids Club Support. | Est. 2018
Copyright © 2025 Kids Club Systems. All Rights Reserved
Copyright © 2025 Kids Club Systems. All Rights Reserved