1. Privacy Policy for MojoDojo - Music Teaching App

1.1 Header Section

PRIVACY POLICY

MojoDojo HQ Pty Ltd

Effective Date: 06 July 2026

Last Updated: 06 July 2026

Next Review: [6 months from current date]

This policy is designed to be accessible to all users, including children and parents.

Available in multiple formats: Text, Audio, and Video explanations available upon request.

1.2 Core Privacy Policy Content

Who We Are

We are MojoDojoHQ Pty Ltd, operators of MojoDojo, a learning management system designed specifically for music education. We connect music teachers with their students to facilitate music learning through digital tools, practice tracking, lesson scheduling, and educational content sharing.

Our Commitment to Child Safety: The safety and privacy of children using our platform is our highest priority. We are committed to exceeding all Australian legal requirements for child protection online.

Information We Collect

From Students (Including Children Under 18):

  • Name and age (for age-appropriate service delivery)

  • School or lesson enrollment details

  • Learning progress and assessment data

  • Practice session recordings (audio/video) when authorized

  • Communication with teachers through our platform

  • Device and technical information for platform functionality

From Teachers:

  • Professional credentials and qualifications

  • Contact information and teaching schedules

  • Student progress notes and assessments

  • Communication logs for safety monitoring

From Parents/Guardians:

  • Contact information for safety communications

  • Consent records and preference settings

  • Emergency contact information

How We Use Information

For Educational Purposes Only:

  • Facilitating music lessons and practice sessions

  • Tracking learning progress and achievements

  • Enabling communication between teachers, students, and parents

  • Providing age-appropriate educational content

  • Ensuring platform safety and security

We DO NOT use student information for:

  • Commercial advertising or marketing to children

  • Behavioral profiling for non-educational purposes

  • Sharing with third parties for commercial purposes

  • Creating permanent behavioral records beyond educational necessity

Data Minimization Principles

We collect only the minimum information necessary for music education, implementing strict data minimization as expected under the Children's Online Privacy Code.

Consent and Parental Rights

For Students Under 16:

  • Explicit parental consent required before account creation

  • Clear, child-friendly explanations of data use

  • Regular consent refresh (annually)

  • Easy withdrawal mechanisms

For Students 16 and Over:

  • Direct consent with parental notification options

  • Full transparency about data collection and use

Parental Rights:

  • Access to all information about your child

  • Right to correct inaccurate information

  • Right to request deletion of your child's data

  • Right to restrict certain data uses

  • Regular updates about your child's platform activity

Data Security Measures

Technical Safeguards (APP 11.3 Compliant):

  • End-to-end encryption for all personal information

  • Multi-factor authentication for all accounts

  • Regular security audits and vulnerability testing

  • Secure data backup and recovery systems

  • Access controls limiting staff access to necessary information only


Organisational Safeguards:

  • Staff privacy and child safety training

  • Background checks for all staff with child data access

  • Incident response procedures for any safety concerns

  • Regular policy reviews and updates

International Data Transfers

We store all student data within Australia. If international transfers become necessary for educational functionality, we will:

  • Provide advance notice to parents and schools

  • Ensure recipient countries provide adequate protection

  • Implement additional contractual safeguards

  • Allow opt-out without service penalty

Data Retention

Student Data:

  • Active learning data: Retained while student is enrolled + 12 months

  • Assessment records: 7 years (educational requirements)

  • Practice recordings: Deleted within 90 days unless specifically saved by teacher with consent

  • Communication logs: 2 years for safety monitoring

Automatic Deletion:

  • All non-essential student data deleted upon account closure

  • Regular purges of inactive or unnecessary data

  • Clear procedures for parent-requested deletion

Your Rights Under Australian Law

Access Rights:

  • Request copies of all personal information we hold

  • Understand how your information is being used

  • Receive information in accessible formats

Correction Rights:

  • Request corrections to inaccurate information

  • Update preferences and consent settings

Complaint Rights:

  • Lodge complaints directly with us

  • Appeal to the Office of the Australian Information Commissioner (OAIC)

  • Seek resolution through relevant education authorities

Child-Specific Protections

Best Interests of Child: All decisions about student data are made with the child's best interests as the primary consideration, including educational benefit, safety, and privacy protection.

Age-Appropriate Design:

  • Simplified privacy settings for younger users

  • Visual and audio explanations of privacy choices

  • Default high-privacy settings for all children

  • No behavioral advertising or profiling of minors

Safety Monitoring:

  • Proactive monitoring for inappropriate communications

  • Automatic flagging of concerning content or behavior

  • Clear escalation procedures to parents and authorities

  • Integration with school safeguarding policies

Contact Information

Privacy Officer: Daniel Sims m: +61 431550005 Child Safety Officer: Cameron Smith          m: +61 431550005 General Inquiries: e: team@mojodojomusicapp.com.au m: +61 431550005 Emergency Reporting: [24/7] e: team@mojodojomusicapp.com.au m: +61 431550005

External Contacts:

  • Office of the Australian Information Commissioner: www.oaic.gov.au

  • eSafety Commissioner: www.esafety.gov.au

  • Kids Helpline: 1800 55 1800

2. Terms of Service - Child Safety Focus

2.1 Platform Rules and Conduct

Zero Tolerance Policies:

  • No inappropriate communication between users

  • No sharing of personal contact information

  • No recording or sharing of lessons without explicit consent

  • Immediate suspension for any safety concerns

Acceptable Use:

  • Platform use limited to music education purposes

  • Respectful communication required at all times

  • Teacher supervision required for all student activities

  • Parent access rights always maintained

Content Guidelines:

  • All shared content must be appropriate for educational setting

  • Music recordings must respect copyright laws

  • No personal or identifying content in shared materials

  • Regular content moderation and safety reviews

2.2 Account Management

Student Accounts (Under 16):

  • Parental consent required for account creation

  • Limited functionality until consent verified

  • Regular consent renewal reminders

  • Easy account deletion options

Teacher Verification:

  • Professional credential verification required

  • Background check confirmation

  • Ongoing professional development requirements

  • Clear professional conduct standards

3. Child Safety Framework

3.1 Safety by Design Implementation

Following eSafety Commissioner's Safety by Design principles, our platform integrates safety from the ground up:

Proactive Safety Measures:

  • Automated content monitoring for inappropriate material

  • Real-time communication analysis for safety risks

  • Regular safety algorithm updates based on emerging threats

  • Integration with external child safety databases

Reactive Safety Measures:

  • 24/7 incident reporting system

  • Immediate response protocols for safety concerns

  • Clear escalation to parents, schools, and authorities

  • Comprehensive incident documentation and follow-up

3.2 Age Verification and Access Controls

Multi-Layer Age Verification:

  • Initial age declaration with parental verification

  • School enrollment confirmation where applicable

  • Ongoing age-appropriate content filtering

  • Regular verification updates for long-term users

Access Controls:

  • Role-based permissions (student, teacher, parent, admin)

  • Time-based access restrictions for younger users

  • Geographic access controls where required

  • Device and browser security verification

3.3 Communication Safety

Monitored Communications:

  • All platform communications subject to safety monitoring

  • AI-powered detection of inappropriate content

  • Human review of flagged communications

  • Clear reporting mechanisms for all users

Communication Guidelines:

  • Teacher-student communication limited to educational topics

  • Group communication tools prioritized over private messaging

  • Parent notification of all significant communications

  • Regular communication safety training for all users

4. Basic Online Safety Expectations Compliance

4.1 eSafety Commissioner Requirements

As an educational platform likely to be used by children, we meet all Basic Online Safety Expectations:

Child Best Interests Priority:

  • All platform design decisions prioritize child wellbeing

  • Regular child impact assessments for new features

  • Child safety expert involvement in development

  • Ongoing consultation with education and child safety professionals

User Safety Measures:

  • Clear terms of use enforced consistently

  • Educational tools for safe platform use

  • Regular safety awareness communications

  • Partnership with schools for safety education

Technology Safety:

  • Secure communication features with appropriate monitoring

  • Age-appropriate content filtering systems

  • Regular security updates and threat assessments

  • Collaboration with other educational platforms for safety intelligence

4.2 Transparency and Reporting

Regular Transparency Reports:

  • Quarterly safety performance reports

  • Annual privacy compliance summaries

  • Regular updates to parents and schools about safety measures

  • Open communication about incidents and responses

Incident Reporting:

  • Clear reporting mechanisms for all users

  • 24-hour response commitment for safety concerns

  • Regular reporting to relevant authorities as required

  • Comprehensive incident analysis and prevention planning

5. Implementation Checklist

5.1 Immediate Actions (Next 30 Days)

Policy Implementation:

  • [ ] Deploy new privacy policy across all platforms

  • [ ] Update terms of service with child safety focus

  • [ ] Implement child-friendly policy explanations

  • [ ] Set up parental consent mechanisms

Technical Implementation:

  • [ ] Enable end-to-end encryption for all data

  • [ ] Implement multi-factor authentication

  • [ ] Deploy content monitoring systems

  • [ ] Set up automated safety flagging

Staff Preparation:

  • [ ] Conduct child safety training for all staff

  • [ ] Implement background check requirements

  • [ ] Establish incident response procedures

  • [ ] Create regular training schedules

5.2 Medium-Term Goals (Next 90 Days)

Advanced Safety Features:

  • [ ] Deploy AI-powered communication monitoring

  • [ ] Implement advanced age verification systems

  • [ ] Create comprehensive parent dashboards

  • [ ] Establish partnerships with child safety organizations

Compliance Preparation:

  • [ ] Conduct full privacy impact assessments

  • [ ] Prepare for Children's Online Privacy Code requirements

  • [ ] Establish ongoing compliance monitoring systems

  • [ ] Create regular review and update procedures


5.3 Long-Term Strategic Goals (Next 12 Months)

Industry Leadership:

  • [ ] Participate in industry safety initiatives

  • [ ] Contribute to child safety research and development

  • [ ] Establish best practice sharing with other educational platforms

  • [ ] Engage with regulatory development processes

Continuous Improvement:

  • [ ] Regular safety and privacy audits

  • [ ] Ongoing user feedback integration

  • [ ] Technology upgrade planning

  • [ ] Regulatory compliance monitoring

6. Music-Specific Considerations

6.1 Audio/Video Content Safety

Recording Protections:

  • Clear consent required for all audio/video recordings

  • Automatic deletion of practice recordings after specified periods

  • No sharing of recordings without explicit multi-party consent

  • Secure storage with access logging

Intellectual Property Compliance:

  • Music copyright education for all users

  • Clear guidelines for sharing copyrighted material

  • Integration with music licensing databases

  • Regular content audits for copyright compliance

6.2 Performance and Collaboration Features

Group Learning Safety:

  • Supervised group sessions with teacher oversight

  • Clear group participation guidelines

  • Parent notification of group activities

  • Easy opt-out mechanisms for all group features

Performance Sharing:

  • Explicit consent required for any performance sharing

  • Parent approval required for all student performances

  • Clear audience restrictions and controls

  • Regular review of shared content

7. Ongoing Compliance Monitoring

7.1 Regular Review Schedule

Monthly Reviews:

  • Safety incident analysis and response improvement

  • Staff training updates and refreshers

  • Technology security assessments

  • User feedback integration

Quarterly Reviews:

  • Full policy compliance audit

  • Regulatory requirement updates

  • Stakeholder feedback collection

  • Performance metrics analysis

Annual Reviews:

  • Comprehensive privacy impact assessments

  • Full regulatory compliance review

  • Strategic safety goal setting

  • Industry best practice integration

7.2 Key Performance Indicators

Safety Metrics:

  • Incident response time (target: <2 hours for serious concerns)

  • User safety satisfaction scores

  • Staff training completion rates

  • Technology security performance

Compliance Metrics:

  • Policy compliance audit results

  • Regulatory requirement adherence

  • Parent satisfaction with safety measures

  • Student safety and privacy understanding

8. Emergency Procedures

8.1 Child Safety Incidents

Immediate Response (0-2 Hours):

  • Secure and preserve all relevant information

  • Contact designated child safety officer

  • Notify relevant authorities if required by law

  • Implement protective measures for affected users

Short-term Response (2-24 Hours):

  • Conduct preliminary investigation

  • Contact parents/guardians of affected children

  • Coordinate with school authorities where applicable

  • Implement additional safety measures as needed

Long-term Response (24+ Hours):

  • Complete comprehensive investigation

  • Implement permanent improvements to prevent recurrence

  • Provide ongoing support to affected users

  • Review and update safety procedures based on learnings

8.2 Data Breach Response

Immediate Response:

  • Secure systems and prevent further access

  • Assess scope and severity of breach

  • Notify OAIC within required timeframes

  • Begin user notification process

Communication Plan:

  • Clear, honest communication with affected users

  • Special communication protocols for children and parents

  • Regular updates throughout resolution process

  • Post-incident analysis and improvement communication