OUR APPROACH TO PRIVACY
3. The Company provides information and links that allow customers to: browse, subscribe and access to sales copy pages, checkout pages, enrollment pages, advertisements, and other marketing messages (the “Services”) located at DanLok.com or any other websites operating by Dan Lok Education, Inc., its subsidiaries or affiliates (together known as our “Websites”).
PERSONAL INFORMATION WE COLLECT ABOUT YOU AND HOW WE USE IT
7. We collect personal information about you when you voluntarily submit information directly to us when you access our Websites or use the Services. This can include information you provide to us when you register for an account, fill in a form, correspond with us via our Websites, social media account, phone, email or otherwise, subscribe to our mailing lists, newsletters or other forms of marketing communications, respond to surveys or use some other feature of the Services as available, from time to time.
8. In general, personal information may include, but is not limited to, your name, date of birth, financial information, home address, phone number, IP address, location data, weblogs, date, time, browser used, referring web addresses, other communication data, searches conducted and pages visited, and other details such as your occupation and title.
9. Certain Services can only be offered to you if you provide personal information to the Company, and accordingly the Company may not be able to offer you the Services if you choose not to provide it with required personal information.
10. Annex 1 attached hereto sets out the categories of personal information we collect about you and the purposes for which we collect and use your personal information. The table also lists the legal basis which we rely on to process the personal information, the categories of recipients to whom we may lawfully disclose the personal information and details as to how we determine applicable retention periods in respect of the personal information we collect about you.
11. We also automatically collect personal information about you indirectly about how you access and use the Services and information about the device you use to access the Services. We may link or combine the personally identifiable personal information we collect about you directly and the information we collect about you indirectly. This allows us to provide you with a personalized experience regardless of how you interact with us.
12. The Company strives to limit the amount of personal information we collect to such personal information that is necessary and appropriate for the purposes identified in Annex 1 attached hereto. The Company will not use or disclose your personal information for purposes other than those for which it was collected, except with your consent or as permitted or required by applicable law.
13. We may anonymise and aggregate any of the personal information we collect, including information about individuals that are your subscribers, websites visitors or customers (so that it does not directly identify you or them). We may use anonymised information for purposes that include testing our IT systems, research, data analysis, improving the Services and developing new products and features. We may also share such anonymised information with third parties.
CUSTOMER DATA WE MAY COLLECT THROUGH THE PROVISION OF OUR SERVICES
14. During the provision of the Services, we may also collect personal information about individuals that are subscribers, websites visitors or customers of our customers (the “Customer Data”).
15. By submitting or causing to be submitted Customer Data to us, you hereby grant, and represent and warrant that you have all rights necessary to grant, all rights and licenses to the Customer Data required for the Company and its subcontractors and service providers to provide the Services. If the Company shares or publicly discloses information (including in marketing materials or in application development) that is derived from Customer Data, such data will, to a commercially reasonable extent, be aggregated or anonymized to reasonably avoid identification of a specific individual. You further agree that the Company will have the indefinite right to use, store, transmit, distribute, modify, copy, display, sublicense, and create derivative works of the above mentioned anonymized, aggregated data.
17. In the event that Customer Data is disclosed to or accessed by an unauthorized party, the Company will promptly notify you and use reasonable efforts to cooperate with your investigation of the incident. In the event we have a reasonable, good faith belief that an unauthorized party has accessed Customer Data, we will promptly notify you and will use reasonable efforts to cooperate with your investigation of the incident. If such incident triggers any third-party notice requirements, you (not the Company) shall be solely responsible for the timing, content, cost and method of any such notice and compliance with applicable laws. You (not the Company) bears sole responsibility for adequate security, protection and backup of Customer Data when in your or your representatives’ or agents’ possession or control. We are not responsible, and you are fully responsible, for what your authorized Users do with Customer Data.
STORING AND TRANSFERRING YOUR PERSONAL INFORMATION
18. We implement commercially reasonable physical, technical and organizational security safeguard measures to preserve and protect the integrity and security of your personal information against accidental or unlawful destruction, loss, change or damage. All personal information we collect will be stored on secure servers. All electronic transactions entered into via our Websites will be protected by SSL encryption technology. Where you register for an account on the Services, you are responsible for maintaining your account’s security, including by implementing “strong” passwords, as more specifically explained in our Terms of Service. We cannot guarantee that unauthorized third parties will never be able to defeat our security measures or use your personal information for improper purposes. You acknowledge that you provide your personal information at your own risk.
20. The personal information we collect may be transferred to and stored and processed in countries outside of the jurisdiction you are in depending on where we and our third-party service providers have operations. If you are located in the European Union (“EU”), your personal information will be processed outside of the EU including in the United States; these international transfers of your personal information are necessary for the performance of our agreement with you in order to provide the Services.
General Data Privacy Regulation (GDPR)
21. The GDPR takes effect on May 25, 2018, and is intended to protect the data of European Union (EU) citizens.
As a company that markets its site, content, products and/or services online we do not specifically target our marketing to the EU or conduct business in or to the EU in any meaningful way. If the data that you provide to us in the course of your use of our site, content, products and/or services is governed by GDPR, we will abide by the relevant portions of the Regulation.
If you are a resident of the European Economic Area (EEA), or are accessing this site from within the EEA, you may have the right to request: access to, correction of, deletion of; portability of; and restriction or objection to processing, of your personal data, from us. This includes the “right to be forgotten.”
To make any of these requests, please contact our GDPR contact at privacy@DanLok.com
22. To the extent we employ third party service providers to store, handle or process personal information on our behalf, such as data processing or office services, we will use contractual and other means to provide an appropriate level of protection while the information is being stored, handled or processed by them.
23. We are not liable with respect to any security incident that may result in loss, disclosure, or alteration of your personal information. Further, submission of information via the internet is never entirely secure. We cannot guarantee the security of information you submit while it is in transit over the internet. Any submission of personal information is at your own risk.
YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA
24. You have certain rights in respect of your personal information that we hold in accordance with certain applicable privacy laws:
a. Right of access and portability. The right to obtain access to and to receive your personal information.
b. Right to rectification. The right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete.
c. Right to erasure. The right to obtain the erasure of your personal information from our Websites without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed.
d. Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal information in certain circumstances, such as where the accuracy of the personal information is contested by you, for a period enabling us to verify the accuracy of that personal information.
e. Right to object. The right to object, on grounds relating to your particular situation, to the processing of your personal information, and to object to processing of your personal information for direct marketing purposes, to the extent it is related to such direct marketing.
26. You also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
COOKIES AND SIMILAR TECHNOLOGIES
27. When you use our Services, read our emails, use our Websites or otherwise engage with us through a computer or mobile device, we and our third-party service providers, automatically collect information about you, the device you use to access the Services and track your preferences and activities on our Websites. We use this information to enhance and personalize your user experience, to monitor and improve our Websites and Services, and for other internal purposes.
28. We typically collect this information through a variety of tracking technologies, including cookies, Flash objects, web beacons, embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). We may combine this information with other personal information we collect directly from you.
30. We use the following types of cookies:
a. Strictly necessary cookies. These are cookies that are required for the essential operation of our Websites such as to authenticate users and prevent fraudulent use.
b. Analytical/performance cookies. They allow us to recognize and count the number of visitors and to see how visitors move around our Websites when they are using it. This helps us to improve the way our Websites work, for example, by ensuring that users are finding what they are looking for easily, and helps us understand what interests our users have and measures how effective our content is.
c. Functionality cookies. These are used to recognize you when you return to our Websites. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region). These cookies may be set by third party providers whose services we have added to our pages.
d. Targeting cookies. These cookies record your visit to our Websites, the pages you have visited and the links you have followed. We will use this information to make our Websites and the advertising displayed on them more relevant to your interests. We may also share this information with third parties for this purpose.
31. We may collect analytics data, or use third-party analytics tools such as Google Analytics, to help us measure traffic and usage trends for the Services and to understand more about the demographics of our users. You can learn more about Google’s practices at https://policies.google.com/privacy/partners, and view its currently available opt-out options at https://tools.google.com/dlpage/gaoptout.
32. We may also work with third party partners to employ technologies, including the application of statistical modelling tools, which permit us to recognize and contact you across multiple devices.
33. Although we do our best to honor the privacy preferences of our users, we are unable to respond to Do Not Track signals set by your browser at this time.
○ Cookie settings in Internet Explorer
○ Cookie settings in Firefox
○ Cookie settings in Chrome
○ Cookie settings in Safari web and iOS
35. Deleting cookies does not delete non-cookie technologies such as Local Storage Objects (LSOs) such as Flash objects and HTML5. You can learn more about Flash objects – including how to manage privacy and storage settings for Flash cookies – on Adobe’s website or by clicking here . Various browsers may offer their own management tools for removing HTML5 LSOs. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
36. When we send emails to our contact lists, it will sometimes track who opened the emails and who clicked the links to measure email campaigns’ performance. To do this, we may include single pixel gifs, also called web beacons, in emails it sends. Web beacons allow us to collect information about when you open the email, your IP address, your browser or email client type, and other similar details.
37. We may also use the capability to track when a URL has been clicked inside of an email message sent by its system. The Company uses this functionality to track which links were clicked and in what quantity, as well as the aggregate number of links clicked. This click tracking functionality does not collect any personal information.
MARKETING AND ADVERTISING
38. From time to time, we may contact you with relevant information about the Services. We may use personal information we collect about you to help us determine the most relevant information to share with you. Most messages will be sent by email.
39. If you do not want to receive such messages from us, you may opt-out by clicking on the unsubscribe link at the bottom of our emails. You are not permitted to unsubscribe or opt-out of non-promotional messages regarding your account, such as account verification, changes or updates to features of the Services, or technical or security notices.
THIRD PARTY DATA COLLECTION AND INTEREST BASED ADVERTISING
40. We participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your browsing history. We permit third party online advertising networks, social media companies and other third-party services to collect information about your use of our Websites and mobile apps over time so that they may play or display ads on our Websites, apps or other services and other devices you may use. Typically, though not always, the information used for interest-based advertising is collected through cookies or similar tracking technologies, which recognize the device you are using and collect information, including click stream information, browser type, time and date you visited the site and other information. We may share a common account identifier (such as an email address or user ID) with our third-party advertising partners to help identify you across devices.
41. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research.
42. To learn about interest-based advertising and how you may be able to opt-out of some of this advertising, you may wish to visit the Network Advertising Initiative’s (“NAI”) online resources, at https://www.comworkadvertising.org/choices, the Direct Advertising Alliance’s (“DAA”) resources at www.aboutads.info/choices and/or Your Online Choices at https://www.youronlinechoices.com/uk. You may also be able to limit interest-based advertising through the settings on your mobile device by selecting “limit ad tracking” (iOS) or “opt-out of interest based ads” (“Android”). You may also be able to opt-out of some – but not all – interest-based ads served by mobile ad networks by visiting https://youradchoices.com/appchoices and downloading the mobile AppChoices app.
43. Please note that opting-out of receiving interest-based advertising through the NAI’s and DAA’s or Your Online Choices online resources will only opt-out a user from receiving interest-based ads on that specific browser or device, but the user may still receive interest-based ads on his or her other devices. You must perform the opt-out on each browser or device you use.
44. Furthermore, some of these opt-outs may not be effective unless your browser is set to accept cookies. If you delete cookies, change your browser settings, switch browsers or computers, or use another operating system, you will need to opt-out again.
LINKS TO THIRD PARTY SITES
47. Our Websites may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies, that we do not accept any responsibility or liability for their policies and you release us of any responsibility for the actions, practices and omissions of third parties. Please check the individual policies before you submit any personal information to those websites.
OUR POLICY TOWARDS CHILDREN
48. Our Websites may be used only by persons who are at least the age of majority under applicable law and are legally capable of entering into a binding contract and consenting to the processing of their personal data. Our Websites and the Services may not be used by persons in jurisdictions where access to or use of our Websites and the Services or any part of it may be illegal or prohibited. Our Websites will only be used for lawful purposes and not for any unauthorized purpose or in contravention of any applicable law or regulation.
49. We do not knowingly collect any personal information from children under the age of majority. Those under the age of majority should not use the Websites or provide the Company with any personal information. The Company encourages parents and legal guardians to monitor their children’s Internet usage and if you have reasons to believe that a child under the age of majority has provided personal information to us, please email us at privacy@DanLok.com.
CHANGES TO THIS POLICY
NOTICE TO YOU
ANNEX 1 – PERSONAL INFORMATION WE COLLECT WHEN YOU USE THE SERVICE
CATEGORIES OF PERSONAL INFORMATION
1. CONTACT INFORMATION AND BASIC PERSONAL DETAILS
○ For example: your full name, phone number, postal address, e-mail address, zip code.
○ How we use it. We use this information to:
■ communicate with you, including sending statements and invoices, communications, news, alerts and marketing communications;
■ deal with enquiries and complaints made by or about you relating to the Services;
■ authentication purposes; and
■ create customer accounts and operate, maintain and provide to you the features and functionality of the Services.
○ Legal basis for the processing. The processing is necessary for:
■ the performance of a contract and to take steps prior to entering into a contract;
■ our legitimate interests, namely administering the Services, for marketing purposes and communicating with users; and to comply with certain legal obligations; and
■ to comply with certain legal obligations.
2. WEBSITES, BUSINESS AND MARKETING INFORMATION
○ For example: company websites, IP address, current email list size, e-commerce software in use, email marketing software, product usage information, demographic data, data about customer’s 3rd party services, other business information (Facebook ad spend, status of business, industry, business goals).
○ How we use it. We use this information to:
■ operate, maintain and provide to you the features and functionality of the Services;
■ provide you with Services to deal with any requests or inquiries you may have and to carry out the Company’s obligations arising from any contracts it has entered into with you;
■ ensure that content is presented in the most effective manner; and
■ determine relevant advertising / marketing activities.
○ Legal basis for the processing. The processing is necessary for:
■ the performance of a contract and to take steps prior to entering into a contract; and
■ our legitimate interests, namely administering the Services and for marketing purposes.
3. PAYMENT INFORMATION
○ For example: your credit card information, account information, billing address, shipping address and related information.
○ How we use it. We use this information to facilitate payment for use of the Services and to detect and prevent fraud.
○ Legal basis for the processing. The processing is necessary for the performance of our contract with you and our legitimate interests, namely the detection and prevention of fraud.
4. CORRESPONDENCE AND COMMENTS
○ For example: comments recorded when you contact us directly, e.g. by email, phone, mail, when you post on message boards, blogs or complete an online form or provide quality survey input.
○ How we use it. To address your questions, issues and concerns and improve the Services, to determine products and services that may be of interest to you and to send you news, alerts and marketing communications in accordance with your marketing preferences.
○ Legal basis for the processing. The processing is necessary for our legitimate interests, namely communicating with users and for marketing purposes.
5. ALL PERSONAL INFORMATION SET OUT ABOVE
○ How we use it. We will use all the personal information we collect to prevent and detect fraud, to operate, maintain and provide to you the features and functionality of the Services, to communicate with you, to monitor and improve the Services, our Websites and business, and to help us develop new products and services.
○ Legal basis for the processing. The processing is necessary for our legitimate interest, namely to administer and improve the Services, our Website, our business and develop new services.
CATEGORIES OF POTENTIAL RECIPIENTS OF DISCLOSED PERSONAL INFORMATION
6. CATEGORIES OF POTENTIAL RECIPIENTS OF DISCLOSED PERSONAL INFORMATION
As required in accordance the uses of personal information outlined above, we may share and disclose your personal information with the following categories of recipients:
○ Group of companies. Personal information may be disclosed to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal basis, set out in this policy.
○ Service providers and advisors. Personal information may be disclosed to third party vendors and other service providers that perform services for us, on our behalf, which may include providing mailing or email services, tax and accounting services, payments processing, data enhancement services, fraud prevention, web hosting, or providing analytic services. Your personal information is never transferred to any third-party for the purposes of re-marketing to you.
○ Partners. We may disclose your personal information to partners of the Company, so that they can communicate with you (whether by email, post or otherwise) and provide you with promotional materials and additional information about their products, services, contests, promotions and special offers that may be of interest to you, or and use that information subject to and for other purposes contemplated by this Policy.
○ Purchasers and third parties in connection with a business transaction. Personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
○ Law enforcement, regulators and other parties for legal reasons. Personal information may be disclosed to a government or regulatory entity that has asserted its lawful authority to obtain the information or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) enforce our Terms of Service or to protect the security or integrity of our Services or Websites; and/or (c) exercise or protect the rights, property, or personal safety of the Company, our customers or others.
7. RETENTION PERIOD
We retain personal information for no longer than is necessary for the purposes set out above and in accordance with our legal obligations and legitimate business interests.