This Policy applies to CEIBS products and services, including the CEIBS website (Domain Name: ceibs.edu) and the CEIBS App. It should be noted that this Policy does not apply to the services offered to you by other third parties through the aforementioned website or App. For example, when you download and use a third-party application through the CEIBS open platform or the third party provides you with services based on the CEIBS products, the information you supply to the third party is not governed by this Policy. Please refer to the relevant policy separately.
Before using our products or services, please read carefully and understand this Policy, especially the clauses in boldface. We will publish this Policy on the CEIBS platform. When you use our products or services, you will be deemed to have read, understood and agreed to this Policy and its regularly updated version, and have permitted us to collect and use your personal information as agreed upon in this Policy.
1. What Categories of Personal Information We May Collect and for What Purpose
1.1 Categories of information we may collect
When providing you with products and services, we probably will collect, store and use your “personal information”, which may include, but not limited to, your name, age, gender, educational background, occupation, employer, ID card number, language used, postcode, personal photo, mailing address, social accounts and nicknames, email address, other contact details, and performance at school.
1.2 Purposes for which we may collect, store and use your information
We undertake that we will collect, store and use your personal information for the following purposes only:
- To manage products and services, provide you with our products and services, and promptly communicate with you about your purchase and use of our products and services;
- To support the operations of our products and supply of our services, and respond to your inquiries and requests;
- To provide you with services and support inside and outside school, and accept your feedback and settle your complaints;
- To promptly inform you of our latest courses, services, derivatives and marketing events;
- To improve the quality of our products and services through data analysis and research;
- To facilitate our communication with you and address your concerns promptly;
- Other purposes as agreed upon by you.
2. How We Collect Your Personal Information
2.1 Information you provide to us includes but not limited to:
information from you when you register for an examination; when you download or use the App developed by us or our designated company; when you visit our website and participate in activities organized by us; when you use our other online services; when you follow us on our social media; or relevant personal information during your study at CEIBS.
2.2 Information we collect when we provide products or services includes but not limited to:
Your academic performance at CEIBS (including your scores and assignments).
2.4 Please note that your personal information that you provide to us or that we collect may contain your sensitive personal information, such as biometrics, religious beliefs, specific identities, medical health, financial accounts, whereabouts, etc. Please be careful and be mindful of sensitive personal information. You agree that we may use your sensitive personal information for the purposes described in this Policy.
3. How We Share, Transfer and Publicly Disclose Your Personal Information
We respect your privacy, and abide by applicable laws and regulations. We undertake that we will keep your personal information we collect strictly confidential, and will not sell it to others illegally.
3.1 How we share information
3.1.1 In order to promote cooperation and launch high-quality and up-to-date products and services, we probably will provide third-party partners with your personal information as needed. Our authorized partners are not entitled to use the shared personal information for any other purpose.
Presently, our authorized partners fit into the following types:
We engage third-party service providers (e.g., suppliers; outsourcing service vendors) to offer relevant services to our customers, including but not limited to analyzing data, giving marketing support, conducting a customer satisfaction survey, and dealing with customer inquiries and processing customer requests.
3.1.2 As stipulated by laws and regulations or as mandated by the competent authorities, your personal information may be shared without your prior authorization.
3.1.3 Only with your explicit consent will we share your personal information with, or supply it to, the parties other than those mentioned in Article 3.1.1 and 3.1.2.
3.2 How we transfer information
We will not transfer your personal information to any company, organization or individual except when:
3.2.1 You have given your explicit consent;
3.2.2 In connection with merger, acquisition or bankruptcy, in case of transfer of personal information, we may require the new company or organization that holds your personal information to continue to be bound by this Policy; otherwise, we may request such company or organization to seek consent from you again.
3.3 How we Publicly disclose information
We will publicly disclose your personal information only under the following circumstances:
3.3.1 You have given your explicit consent;
3.3.2 Disclosure is mandated by laws: We will publicly disclose your personal information, as mandated by laws, legal procedures, lawsuits or the competent authorities.
3.4 We will confirm the management system of the third party and transmission risks before sharing, transferring and publicly disclosing your personal information.
4. How We Protect Your Personal Information
4.1 We take appropriate and reasonable security measures that conform to industry standards to protect the personal information you provide to us from unauthorized access, public disclosure, misuse, alteration, destruction or loss.
4.2 We take appropriate and reasonable measures to ensure that irrelevant personal information is not collected.
4.3 Except as required by law or regulation, we will only retain your personal information for the shortest period necessary to fulfill the purposes outlined in this Policy.
4.4 We will regularly update this Policy and release safety risk report. You can view it on our website.
4.5 In case of a personal information security incident, we will inform you of it promptly. When it is difficult for us to inform you of it one by one, we will issue an announcement in a reasonable and effective way. Meanwhile, as required by the regulatory authorities, we will actively report on how we cope with the personal information security incident.
5. Your Data Protection Rights
You may choose not to provide your personal information to us, but we probably will not be able to provide you with our products or services, or address the problems you face when using them. We will not be liable for any loss you may suffer as a result.
If you choose to provide your personal information to us, we will ensure you may exercise the following rights to your personal information in accordance with applicable laws and regulations:
5.1 Accessing your personal information:
You have the rights to access or edit personal information in your account, change your password, add security information, or close your account.
5.2 Updating your personal information
You have the rights to ask us to correct your personal information we collect, store and use.
5.3 Deleting your personal information
You may ask us to delete your personal information. If we decide to respond to your request, we will also notify the third parties that have obtained your personal information from us, and ask them to delete it promptly, unless otherwise stipulated by laws and regulations, or authorized by you separately.
After you have deleted personal information from our products or services, we probably will not immediately delete relevant information from our backup system, but we will delete it when the backup is updated.
If some information cannot be completely deleted due to the need to keep it for future reference, we will anonymize it so that it can no longer be targeted to individuals.
5.4 Changing the scope of your authorized consent
You may change the scope of personal information you authorize us to collect, store and use, or withdraw your consent.
After you have withdrawn your consent, we will no longer process relevant personal information. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal.
5.5 Responding to your above requests
5.5.1 For data subjects not in the EU
You may submit the above requests to us by logging out of the CEIBS App and calling us at +86-21-2890 5890. To ensure your information security, you probably will need to submit the above requests in writing, and we may ask you to verify your identity in order to help us respond efficiently to your requests. For your reasonable request, we do not charge in principle, but for repeated requests, beyond the reasonable limits, we will charge a certain cost.
5.5.2 For data subjects in the EU
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit: https://prighter.com/cc/EUprivacyrequestCEIBS
6. How We Update This Policy
We may modify this Policy, and will publish any change herein on the CEIBS platform in China. In case of significant changes that will have a significant impact on the collection, storage and use of your personal information (e.g., alteration in contact details and channels for complaints), we will inform you of specific changes.
7. Contact Us
If you have any question, advice or suggestion about this Policy, you may contact us (Phone Number: +86-21-2890 5890).