1.1 Chiwawa Educational Services Limited (“the Company”, “Chiwawa”, “we” or “us”) provides a platform for parents or guardians (“Parents”) to enroll their children (“Students”) in online classes through www.chiwawa.fun (“Website”). We collect information about Students from Parents. We respect personal data and are committed to full implementation and compliance with the data protection principles and all relevant provisions of the Personal Data (Privacy) Ordinance, Cap. 486 ("the Ordinance"). This Policy is applicable to all visitors and users, including but not limited to all Parents and Tutors who use or access the website, as well as any other persons that their personal data is collected, by whatever means, used and held by us.
2. Ways to collect your Data
2.1 We collect the following data:-
a) data given by you;
b) data collected automatically;
c) tracking and cookies data;
d) data provided by third party social media if you use third party social media to sign in; and
e) Data provided by our third party service providers.
3. Data Collected from you
3.1 Only the following personal information and data will be mandatorily collected, used and held by us when signing up to this Website and using the services provided by Chiwawa, and no data or information other than the following will be collected by us:-
a) Student’s user name;
b) Student’s age or month and year of birth;
c) Student’s gender;
d) Your first name;
e) Your phone number number;
f) Your email address; and
g) Your payment details and bank account details.
a) Your name;
b) Your email address;
c) Your month and year of birth,
d) Your gender;
e) Your phone number;
f) Your payment details;
g) Your working experience;
h) Your academic qualifications;
i) Your Curriculum Vitae;
j) Your profile picture; and
k) Your background check information (such as police clearance)
3.2 You may provide us with your personal data at your own will. The personal data and information set out in Clause 3.1 are regarded as mandatory. We may refuse your account registration and you will then be unable to have access to the services provided by Chiwawa.
Other than the above, provision of any other or further data and information is optional, and does not affect your registration or access the services.
4. Data that is collected automatically
4.1 While you access the Website, we may also collect your data automatically. This data is not personal data which it may include information such as your computer’s Internet Protocol address (i.e. IP Address), browser type, browser version, the pages of our Website that you visit, the date and time of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
5. Tracking and Cookies Data
5.2 The following types of cookies are placed on the Website:-
a) Technical cookies: permit the correct functioning of some sections of our Websites.
b) Session cookies: permit browsing the Website and using the different functions.
c) Functionality cookies: allow our Website to recognize repeat visitors and to remember the choices you make (such as user name, language or the region you are in), and to provide personalized functions.
d) Analytics cookies: collect information on the use of our Website.
e) Profile cookies: create users’ profiles in order to send advertising messages in accordance with the preferences shown by the user within the Website.
f) Integration cookies: integrate third party software products and functions, connect with functions developed by third parties within the Website pages (such as icons and preferences expressed through social networks) in order to share the Websites’ contents or for using third party software services (such as software to generate maps and additional software that offers additional services)
5.3 You can check which cookies are used by each business solution, third-party app or third-party integration using your browser’s built-in cookie view.
5.4 For avoidance of doubt, we will not collect any personal data from you when the cookies are being used. You can disable cookies by changing the settings of your web browser. Cookies cannot be used to run programs or deliver viruses to your computer.
5.5 For avoidance of doubt, we will not collect any personal data from you when the Cookies are being used. You can disable cookies by changing the settings of your web browser. However, if you block Cookies, you may not be able to use some features on the Website.
5.6 Do Not Track: California law requires us to inform you of how we would respond to web browser Do Not Track (DNT) signals. We do not respond nor honour such signals at this moment until there is further advice from the privacy industry on what response is appropriate and required.
6. Third Party Social Media Sign-in
6.1 You will be able to sign in via your Facebook or Google account.
6.2 If you sign up with your Facebook or Google account, we will be collecting your email address, telephone number, gender, birthday and public profile (username, registered name and profile image) from Facebook or Google. You may see our advertisements in Facebook or Google more often.
7. Data provided by our Third Party Service Providers
7.1 We may engage third party service providers such as Google Analytics to collect users’ data, including but not limited to browsing activities, click throughs, traffic sources, bounce rates, conversions, behaviour flow, and interactions per visit.
8. Third party advertising
8.1 We use remarking services to advertise our Website and services on third-party websites after you have visited our Website. As a result, you may be seeing our advertisements more frequently in third party websites.
9. Third-Party Payment Gateway
9.1 If you wish to make transactions via our Website, you have to make the payment through a third-party payment gateway.
10. Public Profile
10.1 Tutor’s profile picture, working experience and academic qualifications will be displayed in the public profile, which is available and accessible to anyone (including but not limited to other Students and Tutors) who use and access the Website.
11. Purpose of Personal Data to be Collected
11. 1 The personal data and information collected from you will be used by the Company for the following purpose: -
a) Signing Up, Registration and Identification:
i) To sign in and register an user account on this Website and the mobile application of Chiwawa; and
ii) To verify and ascertain your identity.
b) Payment: To facilitate and process payment from you in respect of Students enrollment of classes and to facilitate the payment of tuition fee to the Tutors;
c) Providing Services: To provide services to you on this Website and/or via the mobile applications of Chiwawa, and other online communication platforms, including but not limited to “Zoom”, and to permit you to participate in other activities on the Website and/or the mobile applications of Chiwawa;
d) For administration, management and technical support:
i) For our internal administration and management, including auditing and internal analysis;
ii) To communicate with you, provide applicable technical support, receive your comments and handle your complaints; and
iii) To detect, investigate and prevent any fraudulent, prohibited and illegal activities, any misuse of this Website or use of this Website with improper or dishonest motive, and if necessary, to provide or respond to the requests or directions of the courts, enforcement agencies or similar authorities and statutory bodies of your country or elsewhere.
e) Statistics: to carry out statistics and data analysis to improve and enhance our services and develop our marketing strategies;
f) Profiling: To build up Tutor’s public profile; and
g) Direct Promotion and Marketing: Upon obtaining your consent, we may use your personal data for marketing or contact you from time to time to share promotional or marketing information in respect of the services of Chiwawa.
12. Transfer of Personal Data
12.1 Save and except the information specified in Clause 10, which is available to the public, we will not provide or share your information and data to any third parties for unless and until we have obtained your prior consent in writing.
13. Retention of Data and Information
13.1 We will retain all your personal data and information so long as is necessary for the fulfilment of (i) the purposes for which they were collected and (ii) of the legal requirements. All your personal data and the transaction records will be destroyed thereafter.
13.1 You hereby acknowledge that your information and data are stored and maintained in our electronic database, facilities, servers and back-up servers which may be located outside your country, where the legal protection and standard of security requirements may not be equivalent to the same provided by and legally required by the applicable laws and regulations of your country.
13.3 At any time, if you desire to erase any of your information or data from our electronic databases, facilities, servers and/or back-up servers, please contact us directly at firstname.lastname@example.org.
14. Accuracy and Change of Personal Data
14.1 In order to ensure the correctness and accuracy of your personal information and data, particularly your contact details retained by us, you may receive from time to time our request of confirmation, verification and/or update of your information and data.
14.2 You can also from time to time request us to correct and/or change your personal information and data held by us.
15. Handling and Security Measures
15.1 The personal data and information we collect about you will not be disclosed to any other party without your prior approval.
15.2 We have established in place security measures and monitoring procedures to prevent unauthorized or accidental access, processing, erasure, loss or use of the data. All personnel that may access to the data will be ensured complying with the requirements of data protection.
15.3 We have implemented security measures designed to protect the personal data you share with us, for example:
a) We offer HTTPS secure access;
b) We use SSL/TSL encrypted connection for transmission of sensitive information (such as credit card number);
c) We use third party payment gateways that maintain a PCI DSS (Payment Card Industry Data Security Standards) certification; and
d) We monitor our systems for possible vulnerabilities and attacks regularly.
16. Limitation of Liability
16. 1We undertake to implement all reasonably practicable procedures, measures and steps to safeguard the security of all your information and data. However, no method of transmission over the Internet, or method of electronic storage, is totally secure. We cannot guarantee its absolute security.
16.2 We do not accept responsibility for any unauthorized or unlawful access, alternation, use, destruction, loss, erasure, transmission, disclosure or leakage of any of your information and data, irrespective of whether the same occur in our electronic database, facilities, servers or back-up servers located in your country or elsewhere.
17. Third-Party Websites
17.2 We have not authorized these third-party websites to collect any information or data from you. You acknowledge we are not responsible for any exposure of your data at these websites or losses arising from a third-party website’s practice or policy.
17.3 For avoidance of doubt, we do not endorse the contents, the privacy policies or their security measures in respect of personal information and data collected by any third-party websites.
19. Contact Us
19.1 You may contact us to exercise the following rights in relation to your personal data:
a) Right to access: the right to request (i) copies of the data we hold about you at any time, or (ii) that we modify, update or delete such data. If we provide you with access to the data we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will let you know the reasons.
b) Right to correct: the right to have your data rectified if it is incorrect or incomplete. Please keep us informed if your data changes during the period for which we hold it.
c) Right to erase: the right to request that we delete or remove your data from our systems.
d) Right to restrict our use of your Data: the right to restrict us from using your data or limit the way which we can use it where we are legally permitted to do so.
e) Right to data portability: the right to request that we move, copy or transfer your data.
f) Right to object: the right to object to our use of your data including where we use it for our legitimate interests.
19.2 To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your data, please contact us at email@example.com, telephone us at +852 6209 7957 or write to our office at 17F Winner Commercial Building, 401-403 Lockhart Road, Causeway Bay, Hong Kong. Please note that we may keep a record of your communications to help us resolve any issues you raise.
19.4 In general circumstances, your requests or enquiries will be handled within 14 working days after receipt of the same and verification of your identity.
19.5 If you are not satisfied with the way we handle your complaint, you may lodge your complaint to the relevant data protection authority.
20. Effective Date