Wiggle Room Privacy Policy

Effective Date: February 5, 2026

1. Introduction

Welcome to Wiggle Room (“we,” “us,” or “our”). Wiggle Room is a childcare management platform that helps licensed childcare providers manage enrollments and program administration. We are committed to protecting the privacy of our users, their enrolled families, and especially the children whose information is entrusted to us through the enrollment process.

This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of information when you use our website, application, and services (collectively, the “Service”). By using Wiggle Room, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. What We Collect

2.1 Provider Account Information

When childcare providers create an account, we collect contact information (name, phone, email), program details (name, license number, address, childcare type), and login/device information for security purposes.

2.2 Child and Family Enrollment Information

When parents or guardians submit enrollment forms, we collect information on behalf of the provider, including: child information, parent/guardian contact details, emergency contacts and arrangements, and some health information. 

Important: All child and family enrollment information is provided by parents or guardians—not collected from children directly. Wiggle Room acts as a data processor on behalf of the childcare provider, who is the data controller for enrollment information.

3. Why We Collect It

We use this information to:

• Verify provider identity during account creation and login

• Secure account access

• Send transactional notifications about accounts and enrollments

• Facilitate the childcare enrollment process between providers and families

• Generate enrollment packets and required childcare forms

• Maintain and improve the security and functionality of the Service

Health information collected during enrollment (allergies, medications, special needs, medical contacts) is used solely for childcare purposes—to enable providers to safely care for enrolled children. This information is not used for clinical healthcare, insurance billing, or any medical purpose.

4. SMS/Text Messaging

Types of Messages. Wiggle Room may send you SMS/text messages for the following purposes:

• One-time passwords (OTPs) for login verification

• Account-related notifications (e.g., new enrollments, account status changes, billing updates)

• Service alerts and important account information

Message Frequency / Recurring messages. Message frequency varies based on your account activity. OTP messages are sent only in response to user-initiated login attempts. Notification messages are sent when relevant account events occur (e.g., new enrollments, billing updates, account status changes).

Consent. By providing your phone number during account registration and opting in to receive SMS messages, you consent to receive text messages from Wiggle Room as described in this policy. Consent to receive SMS messages is not a condition of purchasing any goods or services.

Opt-Out. You may opt out of receiving SMS messages at any time by replying STOP to any message. After opting out, you will receive a single confirmation message. You will no longer receive SMS messages from Wiggle Room unless you re-opt-in.

Help. For help with SMS messages, reply HELP to any message, or contact us at privacy@wiggleroomnow.com.

Rates and Carrier Liability. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. Please contact your wireless carrier for details about your messaging plan.

No Marketing via SMS. We do not send marketing or promotional messages via SMS without your express written consent.

5. Mobile Information Sharing

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All categories of data described in this policy exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. We do not sell, rent, trade, or otherwise distribute your phone number or SMS opt-in consent data to any third party for any purpose other than providing the Service.

We may share your phone number with our SMS service provider (Twilio) solely for the purpose of delivering messages to you. This sharing is governed by strict confidentiality agreements and is limited exclusively to service delivery.

6. Children’s Privacy and Health Information

6.1 COPPA Compliance

Wiggle Room complies with the Children’s Online Privacy Protection Act (COPPA). We do not knowingly collect personal information directly from children under 13. All information about children is provided by their parents or guardians through the enrollment process, which requires parental action to complete. Parents and guardians may request access to, correction of, or deletion of their child’s information by contacting us at privacy@wiggleroomnow.com.

6.2 Health Information

Wiggle Room collects children’s health information (allergies, medications, special needs, and medical contacts) as part of the childcare enrollment process. This information is collected for childcare purposes only—to enable providers to safely care for enrolled children. It is not collected for clinical healthcare, insurance billing, or medical treatment purposes. Childcare providers using Wiggle Room are generally not HIPAA-covered entities, and Wiggle Room does not function as a HIPAA business associate. Regardless, we treat all children’s health information with the highest standard of care and apply strong security protections.

6.3 FERPA

Some childcare programs may be subject to the Family Educational Rights and Privacy Act (FERPA) if they receive federal Department of Education funds (e.g., Universal Pre-K or Expanded Pre-K programs). For FERPA-covered programs, enrollment records including health information are protected under FERPA. Wiggle Room supports providers in meeting their FERPA obligations by maintaining appropriate data security and access controls.

6.4 Data Minimization

We collect only the health and personal information necessary for the childcare enrollment process. The enrollment form fields are based on New York State Office of Children and Family Services (OCFS) requirements for licensed childcare programs.

7. Data Storage, Security, and Retention

We implement appropriate technical and organizational measures to protect your data:

• All data is encrypted at rest and in transit using industry-standard encryption protocols (TLS/SSL)

• Database-level access controls ensure providers can only access their own data (Row-Level Security)

• OTPs are deleted immediately after verification or expiration (10 minutes)

• Login activity data is retained for 90 days for security monitoring purposes

• SMS consent records are maintained for compliance and auditing purposes

• Error tracking systems are configured to scrub personally identifiable information

7.1 Data Retention

Enrollment data (including children’s health information) is retained for as long as the provider maintains an active account with Wiggle Room. Upon account termination:

• Provider data is retained for 30 days to allow for export, then permanently deleted

• Enrollment records are retained in accordance with OCFS recordkeeping requirements (generally 6 years after the child’s last date of care), unless the provider requests earlier deletion

• Providers may request deletion of specific enrollment records at any time by contacting us

7.2 Breach Notification

In compliance with the New York SHIELD Act, if we become aware of a breach of security involving private information, we will notify affected individuals and the appropriate state authorities as required by law. We will provide notification without unreasonable delay, and in any event within the timeframes required by applicable law.

8. Your Rights

You have the right to:

• Request a copy of your personal data by emailing privacy@wiggleroomnow.com

• Request deletion of your personal data by emailing privacy@wiggleroomnow.com

• Opt out of SMS messages at any time by replying STOP to any message

• Update or correct your personal information through your account settings

• Withdraw consent for data processing (which may limit your ability to use the Service)

Parents and guardians may also:

• Request access to their child’s enrollment information by contacting their childcare provider or emailing us directly

• Request correction or deletion of their child’s information

• Revoke consent for the collection of their child’s information

We will respond to all data requests within 30 days of receipt.

9. Third-Party Services

We use the following third-party service providers to operate the Service. These providers are bound by strict confidentiality agreements and are permitted to use your information only for the purposes of delivering their services to us:

• Twilio — SMS delivery and phone number verification. Twilio Privacy Policy

• Stripe — Payment processing. Stripe Privacy Policy

• Supabase — Database hosting and authentication. Supabase Privacy Policy

• DocSpring — PDF enrollment packet generation. DocSpring Privacy Policy

We do not share your information with any third parties for marketing or promotional purposes. Children’s health information is shared with third-party processors only to the extent necessary for service delivery (e.g., generating enrollment packets) and is subject to the same security and confidentiality requirements.

10. Applicable Laws

Wiggle Room is designed to comply with the following privacy laws and regulations:

• New York SHIELD Act — Requires reasonable safeguards for private information of New York residents, including medical information, and mandates breach notification

• COPPA (Children’s Online Privacy Protection Act) — Governs the online collection of personal information from children under 13; all children’s data is provided by parents/guardians

• FERPA (Family Educational Rights and Privacy Act) — May apply to childcare programs receiving federal Department of Education funds; where applicable, FERPA governs enrollment records including health information

• NYS OCFS Regulations — New York State Office of Children and Family Services regulations for licensed childcare require confidential handling of child records

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the effective date at the top of this page. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

12. Contact

For privacy questions, data requests, or concerns about this policy, please contact us at privacy@wiggleroomnow.com.